Server Side

  • 註冊 middleware

app\Http\Kernel.php


protected $routeMiddleware = [
    // ...

    // API 驗證
    'auth_client' => \Laravel\Passport\Http\Middleware\CheckClientCredentials::class,
];
  • 設定 route

routes\api.php

Route::get('/time', function (Request $request) {
    return json_encode(['now' => date('Y-m-d H:i:s')]);
})->middleware('auth_client');

Docs

參考資料

https://laracasts.com/discuss/channels/laravel/passport-client-credential-grant-to-protect-register-route

Postman 測試

Type URL
GET http://localhost:8000/api/time

Headers

Key Value
Accept application/json
Authorization Bearer {access_token}
  • Postman 圖示

  • 成功
{
    "now": "2017-06-21 07:15:37"
}
  • 失敗
{
    "error": "Unauthenticated."
}

Client Side

需另外建立一個 Client 專案

Code

  • Api request

routes\web.php


Route::get('/time', function () {
    $http = new GuzzleHttp\Client;
    $response = $http->post('http://localhost:8000/oauth/token', [
        'form_params' => [
            'grant_type' => 'client_credentials',
            'client_id' => '3',
            'client_secret' => 'FcmidD71HnHWn7kvFXGLclYldekirqf4WtLiL4GF',
        ],
    ]);

    $token = json_decode($response->getBody(), true);

    $response = $http->get('http://localhost:8000/api/time', [
        'headers' => [
            'Accept' => 'application/json',
            'Authorization' => 'Bearer ' . $token['access_token'],
        ],
    ]);

    print_r(json_decode($response->getBody(), true));
});
  • Api response

Array
(
    [now] => 2017-06-22 03:11:40
)

Internal request

  • Api request
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Route;

class TestApi extends Controller
{
    public function getToken(Request $request)
    {
        $request->request->add([
            'grant_type' => 'client_credentials',
            'client_id' => 3,
            'client_secret' => 'FcmidD71HnHWn7kvFXGLclYldekirqf4WtLiL4GF',
        ]);

        $proxy = Request::create(
            'oauth/token',
            'POST'
        );

        return json_decode(Route::dispatch($proxy)->getContent(), true);
    }

    public function getTime(Request $request)
    {
        $token = $this->getToken($request);

        $request = Request::create('api/time', 'GET');
        $request->headers->set('Accept', 'application/json');
        $request->headers->set('Authorization', 'Bearer ' . $token['access_token']);

        return Route::dispatch($request)->getContent();
    }
}
  • Api response

{"now":"2017-06-22 18:26:49"}

results matching ""

    No results matching ""