搜索benbjurstrom / passport-custom-jwt-claims
自定义Laravel Passport访问令牌中的JWT声明
Requires
- php: ^7.0
- laravel/passport: ^4.0
Requires (Dev)
- orchestra/testbench: ^3.5
- phpunit/phpunit: ~6.0
- dev-master
- 0.0.4
- 0.0.3
- 0.0.2
- 0.0.1
- dev-dependabot/composer/guzzlehttp/guzzle-6.5.8
- dev-dependabot/composer/erusev/parsedown-1.7.4
- dev-dependabot/composer/guzzlehttp/psr7-1.8.5
- dev-dependabot/composer/symfony/http-kernel-3.4.49
- dev-dependabot/composer/phpseclib/phpseclib-2.0.31
- dev-dependabot/composer/symfony/http-foundation-3.4.36
This package is not auto-updated.
Last update: 2024-09-22 12:19:58 UTC
README
自定义Laravel/Passport访问令牌中的JWT声明
什么是JWT声明?
由Laravel/Passport签发的所有访问令牌实际上都是JSON Web Tokens (JWT)。每个令牌包含一组由JSON键值对组成的声明。因为令牌是使用公钥/私钥RSA密钥对进行加密签名的,所以我们有理由相信令牌中的声明是由Laravel/Passport签发的。
以下是一个包含默认Laravel/Passport声明的示例令牌
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjllNzAxMjhmOTkwZTFlZjI0NGFmMDc0YjQzMzA2YTRmNDViZWFiNjU1MzM5NjE2ODIyOGJmODc2Y2UwMTAwNTIyNGZhMTc5MzdkMGYwMTU3In0.eyJhdWQiOiJjOGUxMDRmMC0wNTYyLTExZTctOTA1Yi0zZDc3ZGY5N2YyZjgiLCJqdGkiOiI5ZTcwMTI4Zjk5MGUxZWYyNDRhZjA3NGI0MzMwNmE0ZjQ1YmVhYjY1NTMzOTYxNjgyMjhiZjg3NmNlMDEwMDUyMjRmYTE3OTM3ZDBmMDE1NyIsImlhdCI6MTQ4OTkwMTc1NSwibmJmIjoxNDg5OTAxNzU1LCJleHAiOjE1MjE0Mzc3NTUsInN1YiI6ImM4ZGY5OWEwLTA1NjItMTFlNy05MDgyLWJmZDdhYTMzMTFlOCIsInNjb3BlcyI6W119.qFGwfeWezJZZaxNIZyPfnnGHkUdAPhHvJ3Nf3NYa8Y5Ba2ubfil21KgzeugY1aDSU93oWLMcUzGkoVblT1U79IlPV6JiGhMA4x7jHB5yJPKZeH-maaB8HKzQ8CoFG0YEAc_60G2ZwCDLv-NhuaxgDOXFc7FaX1qc3U1MpyJixEIjZc0xQ_CuRRVf3Kzx1rTXedJpbqFxTDYGDnKx4HLo5l96t8mdlmiToU6TphYDRAIkQjsTZKP9YRRIahm3cZF56nO9qaqpTpANjhiV4IJqejDki53NkBEqnhDLS4ZPJFK2qLD62Aiw7wBxKhmfNyYQJNxeC6D1PaftFzudbAi7RtQikn0xIgzKl1jmMpgjyGmAPQfnqMlE68rMIw-KqICh2nPQJcr5OO8ZsBMzL5EbjBOjemBHAm2sBViijqaU2-Ig3bwCB_kfKLrtumuUPIDbWV3tTMzBBSdY6P9dnVGJZawYiheU4rAqiru1fWZ8WpdGASrAxfRmiRTqDnRMQ82unbi5MC-f-NJhmhRwFN4QAgmxGm2T4gy0uRdKZ3ER_FDE4MEsKGb0qIkkGtjt77eLBq_jA6GXbVP948lbJAKTJsi3KOR5rMhZSAI-MywTMXWUISn5ZwgCAHfwUofPJNpGqRAkm9l5lcjMVTf2-VYCB7VdREizvg-fidZ9HcYUfSo
如果我们解码这个令牌,你会得到以下JWT有效载荷对象
{
"aud": "c8e104f0-0562-11e7-905b-3d77df97f2f8",
"jti": "9e70128f990e1ef244af074b43306a4f45beab6553396168228bf876ce01005224fa17937d0f0157",
"iat": 1489901755,
"nbf": 1489901755,
"exp": 1521437755,
"sub": "c8df99a0-0562-11e7-9082-bfd7aa3311e8",
"scopes": []
}
为了参考,声明aud是签发令牌的Laravel/Passport客户端ID,而键sub指的是你laravel用户表中的用户ID。请注意,我的客户端ID和用户ID列是UUID数据类型。
为什么你需要自定义声明?
OpenID Connect协议需要JWT声明,这些声明不包括在Laravel/Passport访问令牌中。添加自定义声明允许我们使用Laravel/Passport签发的访问令牌通过OpenID Connect与其它服务进行认证。例如,使用这个包,你可以使用Laravel/Passport访问令牌在Couchbase Sync Gateway服务器上认证Laravel用户。
安装
使用composer安装此包
composer require benbjurstrom/passport-custom-jwt-claims
将服务提供者添加到config/app.php的providers数组中。
// config/app.php 'providers' => [ ... BenBjurstrom\JwtClaims\JwtClaimsServiceProvider::class ];
不要在providers数组中包含Laravel\Passport\PassportServiceProvider,因为JwtClaimsServiceProvider是从它扩展的。
配置
要设置自定义声明,你必须发布配置文件
php artisan vendor:publish --provider="JwtClaimsServiceProvider"
这是发布文件的包含内容。根据需要添加额外的声明。
return [ /* |-------------------------------------------------------------------------- | User Claims |-------------------------------------------------------------------------- | | User claims will be loaded from the properties of the auth providers model | specified in the auth config file. | */ 'user_claims' => [ 'name' => 'name', 'email' => 'email', ], /* |-------------------------------------------------------------------------- | App claims |-------------------------------------------------------------------------- | | App claims are static and will be given the specified value across all | tokens issued by the app. | */ 'app_claims' => [ 'iss' => url('') ] ];