- event of creating tokens through passport
AccessTokenCreatedhow is the generated token, converted to the correspondingaccess_tokenbased on the generatedtoken_idin this event?
AccessTokenCreated how is the generated token, converted to the corresponding access_token based on the generated token_id in this event? look for the source code and rewrite it according to his format, which is not very elegant
<?php
namespace App\Listeners;
use Carbon\Carbon;
use Illuminate\Support\Facades\Config;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Redis;
use Laravel\Passport\Bridge\AccessToken;
use Laravel\Passport\Bridge\AccessTokenRepository;
use Laravel\Passport\Bridge\AuthCodeRepository;
use Laravel\Passport\Bridge\ClientRepository;
use Laravel\Passport\Bridge\Scope;
use Laravel\Passport\Events\AccessTokenCreated;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Contracts\Queue\ShouldQueue;
use Laravel\Passport\Passport;
use Laravel\Passport\Token;
use League\OAuth2\Server\AuthorizationServer;
use League\OAuth2\Server\CryptKey;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
use League\OAuth2\Server\Entities\Traits\AccessTokenTrait;
use League\OAuth2\Server\Entities\Traits\EntityTrait;
use League\OAuth2\Server\Entities\Traits\TokenEntityTrait;
use League\OAuth2\Server\Exception\OAuthServerException;
use League\OAuth2\Server\Exception\UniqueTokenIdentifierConstraintViolationException;
use League\OAuth2\Server\Grant\AbstractGrant;
class RevokeOldTokens
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param AccessTokenCreated $event
* @return void
*/
public function handle(AccessTokenCreated $event)
{
$provider = Config::get('auth.guards.api.provider');
$key2 = $event->clientId . '-sharp' . $event->userId . '-sharp' . $provider;
$key1 = md5((string)$this->tokenIdConvertBearer($event->userId, $event->tokenId, $event->clientId));
Redis::hdel(Redis::hget($key2, 'token'), 'provider', 'uid', 'cid'); // token
Redis::pipeline(function ($pipe) use ($event, $provider, $key1, $key2) {
$time = Carbon::now()->add(Passport::tokensExpireIn())->timestamp;
$pipe->hset($key1, 'cid', $event->clientId);
$pipe->hset($key1, 'uid', $event->userId);
$pipe->hset($key1, 'provider', $provider);
$pipe->expireat($key1, $time);
$pipe->hset($key2, 'token', $key1);
$pipe->expireat($key2, $time);
});
// token
Token::where('id', '!=', $event->tokenId)
->where('user_id', $event->userId)
->where('client_id', $event->clientId)
->where('expires_at', '<', Carbon::now())
->orWhere('revoked', true)
->delete();
}
private function tokenIdConvertBearer($userId, $tokenId, $clientId){
$privateKey = new CryptKey(
'file://'.Passport::keyPath('oauth-private.key'),
null,
false
);
$request = app()->get('request');
$scopes = $this->getScopesEntityByIdentifiers($request->input('scope'));
$accessToken = (new AccessToken($userId, $scopes));
$clientRepository = app()->make(ClientRepository::class);
$client = $clientRepository->getClientEntity(
$clientId,
$request->input('grant'),
$request->input('client_secret'),
true
);
$accessToken->setClient($client);
$accessToken->setUserIdentifier($userId);
$accessToken->setExpiryDateTime((new \DateTime())->add(Passport::tokensExpireIn()));
$maxGenerationAttempts = AbstractGrant::MAX_RANDOM_TOKEN_GENERATION_ATTEMPTS;
while ($maxGenerationAttempts-- > 0) {
$accessToken->setIdentifier($tokenId);
}
return $accessToken->convertToJWT($privateKey);
}
private function getScopesEntityByIdentifiers($scopes) {
$scopesList = array_filter(explode(' ', trim($scopes)), function ($scope) {
return !empty($scope);
});
$validScopes = [];
foreach ($scopesList as $scopeItem) {
$scope = new Scope($scopeItem);
if ($scope instanceof ScopeEntityInterface === false) {
throw OAuthServerException::invalidScope($scopeItem);
}
$validScopes[] = $scope;
}
return $validScopes;
}
}
Previous: Problems with mongodb setting index
post table is the article table, the primary key is id tag table is the tag table, the primary key is id post_tag is the intermediate mapping table, and the field is post_id,tag_id now I want to select tag 1 to find out that all the tags and article...
I judge in the render method of Handler that FatalErrorException returns an array when an exception occurs. there are other error messages on the returned array, but should you only return the array when catching an exception? how to solve this sit...
laravel Package development, how to deal with the many-to-many relationship between Model in a package and Model outside the package? for example: for example, we are going to write an awesome Article Package,. This package mainly provides functions ...
I think belongsTo or hasMany is usually written in model. What s the use of writing this? The following is the code in someone else s Car model. I think when he used it in the controller, he wrote $car = Car::find ($id) . It doesn t seem to be conve...
laravel big data export cannot perform how to optimize ...
suppose: there are two projects, Project An and Project B, and I want Project An and Project B to share the same framework. Is there a way to achieve ...
https: devforgalaxy.github.i. I am here to see the first step alone is off . sudo php -r "readfile( https: getcomposer.org installer );" > composer-setup.php -bash: composer-setup.php: Permission denied ...
what is the difference between the request parameters obtained by Input:all () in the laravel framework and the native $REQUEST acquisition parameters in php? $input = Input:all (); $input = { "P_UserId ": "10 ", "P_OrderId ": "2302722018033018420...
1. Do you need a framework? the framework loads too many files by default, which hinders performance . two The framework comes with interface verification (to prevent arbitrary calls), version management (APP version upgrade is fast), etc., if there is ...
Laravel version5.5, uses php artisan serve to start the metropolis server to confirm that the route has been registered, the result obtained by using php artisan route:list is as follows visit batches and return 200 correctly visit b...
I added withCredentials to my front-end request, even though I deployed the front and back ends separately. assume that the front end is deployed at web.xxx.com and that the back end is deployed at service.xxx.com I define all api as web, so ...
by editing a template file such as file.xls, there is a lot of data that needs to be filled in by php, and then other text or tables may have styles, such as red words, large words, table borders, etc. (I have tried to export csv, but feel that this for...
download : ask the boss to answer it! ...
$validator = Validator::make($request->all(), [ id => required|integer title => required|unique:posts|max:255 , body => required , ]); The requirement is like ...
just started to use the laravel framework development, or rookies ~ a lot of do not quite understand, at present to do a function, customized a form verification class file ~ ~ for example, I am now a member module, my member controller can have many way...
how do I use a laravel package such as l5-repository ( https: packagist.org package.) when developing a laravel package myself? We can use composer require to come in, but how do we register ServiceProvider in the package? ...
I use js to assemble the data and then ajax to transmit it to the background. $request- > file () always cannot receive the file, and the file field passed by is always converted into a string [object File] how to solve foreground ajax code onAjax(f...
Mini Program post requests that an array of objects is passed in the data. What happened to the [object Object] printed out by the backend? ...
Why do you have to insert a new piece of empty data every time you execute this statement one more empty data at a time. I don t know how to ask for advice ...
the configuration of Redis was not found in official document . How should I configure it? add: configure requirepass in the configuration file of Redis, but this Redis is on Homestead, not locally. Because of my unfamiliarity with Homestead, I don ...