PHP code example of jundayw / laravel-oauth

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

jundayw / laravel-oauth example snippets

use App\Models\OAuthToken;
use Jundayw\LaravelOAuth\OAuth;

/**
 * 引导应用程序服务。
 *
 * @return void
 */
public function boot()
{
    OAuth::oAuthTokenModelUsing(OAuthToken::class);
}

use App\Models\RefreshToken;
use Jundayw\LaravelOAuth\OAuth;

/**
 * 引导应用程序服务。
 *
 * @return void
 */
public function boot()
{
    OAuth::refreshTokenModelUsing(RefreshToken::class);
}

return [
    // 加密秘钥
    'secret' => env('OAUTH_SECRET', env('APP_KEY')),

    // 加密方法
    'hash' => 'sha256',
    
    // 数据库存储令牌表
    'table' => 'oauth',
    
    // 访问令牌过期时间
    'access_token_expire_in' => 2 * 3600,
    
    // 刷新令牌过期时间
    'refresh_token_expire_in' => 24 * 3600 * 15,
    
    // 多[客户端/设备]是否同时在线，默认：开启
    // 如：同一账户是否允许[手机/电脑]同时在线
    'multiple_devices' => true,
    
    // 相同[客户端/设备]是否同时在线，默认：开启
    // 如：同一账户是否允许电脑端同时在线
    'concurrent_device' => true,
];

return [
    // ...
    'guards' => [
        // 如果只有一个 oauth 看守器 provider 可为 null
        'client' => [
            'driver' => 'oauth',
            'provider' => null,
        ],
        // 如果多个 oauth 看守器 provider 需要配置
        'manager' => [
            'driver' => 'oauth',
            'provider' => 'managers',
        ],
    
        'user' => [
            'driver' => 'oauth',
            'provider' => 'users',
        ],
    ],

    'providers' => [
        'managers' => [
            'driver' => 'eloquent',
            'model' => App\Models\Manager::class,
        ],
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],
    ],
    // ...
];

use Jundayw\LaravelOAuth\Contracts\HasAccessTokensContract;
use Jundayw\LaravelOAuth\HasAccessTokens;
use Laravel\Sanctum\HasApiTokens;

class User extends Authenticatable implements HasAccessTokensContract
{
    use HasApiTokens, HasAccessTokens {
        HasAccessTokens::currentAccessToken insteadof HasApiTokens;
        HasAccessTokens::withAccessToken insteadof HasApiTokens;
        HasAccessTokens::createToken insteadof HasApiTokens;
        HasAccessTokens::tokens insteadof HasApiTokens;
        HasAccessTokens::tokenCan insteadof HasApiTokens;
    }
}

use Jundayw\LaravelOAuth\Contracts\HasAccessTokensContract;
use Jundayw\LaravelOAuth\HasAccessTokens;

class User extends Authenticatable implements HasAccessTokensContract
{
    use HasAccessTokens;
}

use Jundayw\LaravelOAuth\Contracts\HasAccessTokensContract;
use Jundayw\LaravelOAuth\HasAccessTokens;

class User extends Authenticatable implements HasAccessTokensContract
{
    use HasAccessTokens;
}

use Illuminate\Http\Request;

Route::post('/tokens/create', function(Request $request) {
    return $request->user()
        ->createToken($request->token_name, $request->device_name, ['check-status', 'place-orders'])
        ->toArray();
});

foreach($user->tokens as $token) {
    //
}

use Illuminate\Http\Request;
use Jundayw\LaravelOAuth\RefreshToken;

Route::post('/tokens/refresh', function(Request $request, RefreshToken $refreshToken) {
    return $refreshToken->refreshToken($refreshToken->findTokenByRequest($request))->toArray();
});

Route::get('/orders', function() {
    // Token has both "check-status" and "place-orders" abilities...
})->middleware(['auth:client', 'scopes:check-status,place-orders']);

Route::get('/orders', function() {
    // Token has the "check-status" or "place-orders" ability...
})->middleware(['auth:client', 'scope:check-status,place-orders']);

use Illuminate\Http\Request;

Route::middleware(['api', 'auth:client'])->get('/user', function(Request $request) {
    return $request->user();
});

return [
    // ...
    'guards' => [
        'manager' => [
            'driver' => 'oauth',
            'provider' => 'managers',
        ],
    
        'user' => [
            'driver' => 'oauth',
            'provider' => 'users',
        ],
    ],

    'providers' => [
        'managers' => [
            'driver' => 'eloquent',
            'model' => App\Models\Manager::class,
        ],
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],
    ],
    // ...
];

use Jundayw\LaravelOAuth\Contracts\HasAccessTokensContract;
use Jundayw\LaravelOAuth\HasAccessTokens;

class User extends Authenticatable implements HasAccessTokensContract
{
    use HasAccessTokens;
}

use Jundayw\LaravelOAuth\Contracts\HasAccessTokensContract;
use Jundayw\LaravelOAuth\HasAccessTokens;

class Manager extends Authenticatable implements HasAccessTokensContract
{
    use HasAccessTokens;
}

use App\Models\User;
use App\Models\Manager;
use Illuminate\Http\Request;
use Jundayw\LaravelOAuth\RefreshToken;

// 发布 user 令牌
Route::get('/user', function(User $user) {
    return $user->first()?->createToken('测试-user', 'APP')->toArray();
});

// 发布 manager 令牌，有作用域
Route::get('/manager', function(Manager $manager) {
    return $manager->first()
        ?->createToken('测试-manager', 'PC', ['snsapi_base', 'snsapi_userinfo'])
        ->toArray();
});

// 获取 user 当前账户
Route::middleware(['auth:user'])->post('/user-info', function(Request $request) {
    return $request->user();
});

// 获取 manager 当前账户，验证作用域
Route::middleware(['auth:manager', ['scope:snsapi_userinfo']])
    ->post('/manager-info', function(Request $request) {
        return $request->user();
    });

// 刷新当前账户
Route::get('/refresh', function(\Illuminate\Http\Request $request, \Jundayw\LaravelOAuth\RefreshToken $refreshToken) {
    return $refreshToken->refreshToken($refreshToken->findTokenByRefreshToken($request->bearerToken()))->toArray();
});

shell
php artisan vendor:publish --provider="Jundayw\LaravelOAuth\OAuthServiceProvider"

shell
php artisan vendor:publish --tag=oauth-config

shell
php artisan vendor:publish --tag=oauth-migrations

shell
php artisan migrate --path=database/migrations/2022_07_23_160710_create_oauth_table.php

shell
php artisan vendor:publish --tag=oauth-migrations