护照密码授予令牌刷新
我执行了本问题中描述的步骤:
从 api 的路线一切正常,我可以注册新用户,读取他们的数据等等。
然后在 AuthServiceProvider 上添加此命令
Passport::tokensExpireIn(Carbon::now()->addMinute(2)); Passport::refreshTokensExpireIn(Carbon::now()->addDays(1));
我在 url {{url}}/oauth/token
Body: application/x-www-form-urlencoded
{
grant_type : 'password'
client_id : {{email with which the user is registered}}
client_secret : {{generate the client secret from the mobile app}}
username : {{email with which the user is registered}}
password : {{password entered by the user}}
scope : ''
}
响应成功
{
"token_type": "Bearer"
"expires_in": 120
"access_token": {{the access_token}}
"refresh_token": {{the refresh_token}}
}
我尝试将令牌生命期刷新为一天发送到 {{url}}/oauth/token
ref => https://laravel.com/docs/5.3/passport#refreshing-tokens
在邮递员中我发送
标头:
Authorization : Bearer {{the access_token}}
Body: application/x-www-form-urlencoded
{
client_secret : {{generate the client secret from the mobile app}}
grant_type : refresh_token
refresh_token : {{the refresh_token}}
client_id : {{email with which the user is registered}}
scope : ''
}
预期响应:
{
"access_token": {{new access_token}}
"token_type": 'Bearer'
"expires_in": 86400
"refresh_token": {{new access_token}}
}
但它没有按预期工作,响应是
{
"access_token": {{new access_token}}
"token_type": 'Bearer'
"expires_in": 120
"refresh_token": {{new access_token}}
}
因为您使用
refresh_token
生成
access_token
。因此它显示
access_token
的到期时间,即 2 分钟,由以下行设置:
Passport::tokensExpireIn(Carbon::now()->addMinute(2));
此外,您应该从 oauth_clients 表发送客户端 ID(id 字段整数)...而不是您的客户端电子邮件地址
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(now()->addDays(1));
Passport::refreshTokensExpireIn(now()->addDays(1));
Passport::personalAccessTokensExpireIn(now()->addMonths(6));
}