Package Data | |
---|---|
Maintainer Username: | gashey |
Maintainer Contact: | georgekhagan@gmail.com (George Kofi Hagan) |
Package Create Date: | 2019-07-14 |
Package Last Update: | 2019-07-15 |
Language: | PHP |
License: | MIT |
Last Refreshed: | 2024-11-15 15:20:13 |
Package Statistics | |
---|---|
Total Downloads: | 18 |
Monthly Downloads: | 0 |
Daily Downloads: | 0 |
Total Stars: | 0 |
Total Watchers: | 0 |
Total Forks: | 0 |
Total Open Issues: | 0 |
Making Laravel Passport work with Lumen as a Client Grant Resource Server. This makes it easy to protect routes and check scopes via Passport middleware. This package requires https://github.com/dusterio/lumen-passport created by Denis Mysenko.
A simple service provider that makes Laravel Passport work with Lumen as a resource server
First install Lumen if you don't have it yet:
$ composer create-project --prefer-dist laravel/lumen lumen-app
Then install Lumen Passport (it will fetch Laravel Passport along):
$ cd lumen-app
$ composer require gashey/lumen-passport-resource
bootstrap/app.php
file)We need to enable both Laravel Passport provider and Lumen-specific providers:
// Enable Facades
$app->withFacades();
// Enable Eloquent
$app->withEloquent();
// Enable the client middleware and scopes middleware (shipped with Passport)
$app->routeMiddleware([
'client' => \Laravel\Passport\Http\Middleware\CheckClientCredentials::class,
'scopes' => \Laravel\Passport\Http\Middleware\CheckScopes::class,
]);
// Finally register three service providers - original one and Lumen adapter
$app->register(Laravel\Passport\PassportServiceProvider::class);
$app->register(Dusterio\LumenPassport\PassportServiceProvider::class);
$app->register(Gashey\LumenPassportResource\PassportServiceProvider::class);
# Create new tables for Gashey Passport
php artisan migrate
This package requires your public key from your Passport Authorization Server.
Copy the "oauth-public.key" file from the 'storage folder' of your Authorization Server project into the 'storage folder of your Resource Server project.
Edit config/auth.php to suit your needs. A simple example:
return [
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
'guards' => [
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => \App\User::class
]
]
];
Load the config in bootstrap/app.php
since Lumen doesn't load config files automatically:
$app->configure('auth');
Make sure your user model uses Passport's HasApiTokens
trait, eg.:
class User extends Model implements AuthenticatableContract, AuthorizableContract
{
use HasApiTokens, Authenticatable, Authorizable;
/* rest of the model */
}
Add the client and scopes middleware to your routes
$router->group(['middleware' => ['client', 'scopes:...'], 'prefix' => 'api/v1'], function () use ($router) {
});
If you are using Apache web server, it may strip Authorization headers and thus break Passport.
Add the following either to your config directly or to .htaccess
:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
The MIT License (MIT) Copyright (c) 2019 George Kofi Hagan
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.