sfelix-martins / passport-multiauth Goto Github PK
View Code? Open in Web Editor NEWAdd support to multi-authentication to Laravel Passport
License: MIT License
passport-multiauth's Issues
It will be nice to see an implementation with a frontend
I get stuck when I need to use this part
// `api` guard on end of guards separated by comma
Route::group(['middleware' => ['api', 'auth:admin,api']], function () {
Route::get('/admin', function ($request) {
// Passing `api` guard to `$request->user()` method
// The instance of user authenticated (Admin or User in this case) will be returned
return $request->user('api');
});
});
If I need to to the Registration, like
Route::group(['middleware' => ['api', 'auth:crm_user'],
'prefix' => 'admin',
], function() {
Route::post('register', 'Api\Auth\RegisterController@register');
Route::post('login', 'Auth\LoginController@login');
});
I am lost....
It will be really nice to see an implementation with a frontend. Maybe somebody can share one.
Regards,
Nick
scopes for different users
Thanks for the package now im able to get access token for different types of users. Now I'm on to my next hurdle. I hope you'd be able to help me out.
My question is. How would you add different scopes for different types of auth users in the controller? Or whats the best way of doing this
i have this in my AuthServiceProvider
public function boot()
{
$this->registerPolicies();
Passport::routes();
Passport::tokensExpireIn(Carbon::now()->addMinutes(30));
Passport::refreshTokensExpireIn(Carbon::now()->addDays(30));
Passport::enableImplicitGrant();
Passport::tokensCan([
'purchase-product' => 'Create a new transaction for a specific product',
'manage-products' => 'Create, read, update and delete products',
'purchase-service' => 'Create a new transaction for a specific service',
'manage-services' => 'Create, read, update, and delete services',
'manage-account' => 'Read your account data, id, name, email if verified. Admin does not have access to password. Modify your account data (email and password).',
'read-general' => 'Read general information like categories, purchased products, services, selling products, services, categories bought from sold from, your transactions (purchases and sales',
'user-management' => 'Admin use for managing different type of users in the system',
]);
Route::group(['middleware' => 'oauth.providers'], function () {
Passport::routes(function ($router) {
return $router->forAccessTokens();
});
});
}
Then I usually have something like so my say CustomerController
public function __construct(CustomerRepository $user)
{
parent::__construct();
$this->middleware('client.credentials')->only(['store', 'resend']);
$this->middleware('transform.input:' . UserTransformer::class)->only(['store', 'update']);
$this->middleware('scope:read-general')->only('show');
$this->middleware('auth:customer-api')->only('show');
$this->user = $user;
}
Then a different scope in my SellerController and another on my AdminController. how do i make the scope work for each Auth User?
Thanks alot
Issue with Accessing others data with token
In my example project, I have three guard, users,partners,admins, but the thing is, If suppose i logged in a got a token of that particular user successfully, but the challenge with the same token I'm accessing other users? How to prevent this loop hole sir, I really need your help in this issue to fix asap
Keep looking inside Users table when using the middleware
Hi Samuel,
currently I'm using your package to implement multi-auth passport. When I am using the middleware on my route like this:
Route::group(['middleware' => 'auth:customer'], function () {
Route::get('foo', function () {
return Auth::guard('customer')->user();
});
});
It returns error:
SQLSTATE[42S02]: Base table or view not found: 1146 Table 'vaff.users' doesn't exist (SQL: select * from userswhereid = 1 limit 1)
note: I'm not using Users table in my project.
I've already configured the providers and the guards.
guards:
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'passport',
'provider' => 'users',
],
'customer' => [
'driver' => 'passport',
'provider' => 'customers',
],
],
provider:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'customers' => [
'driver' => 'eloquent',
'model' => App\Models\Customer::class,
],
],
If I am not using the middleware, it can returns the customer model normally.
ErrorException: Array to string conversion in GuardChecker.php
{
"status": "error",
"code": 0,
"message": "Array to string conversion",
"exception": "ErrorException: Array to string conversion in /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php:54\nStack trace:\n#0 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(54): Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(8, 'Array to string...', '/vagrant/www/ve...', 54, Array)\n#1 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(42): SMartins\PassportMultiauth\Guards\GuardChecker::defaultGuardProvider(Array)\n#2 /vagrant/www/vendor/laravel/framework/src/Illuminate/Support/Collection.php(1009): SMartins\PassportMultiauth\Guards\GuardChecker::SMartins\PassportMultiauth\Guards\{closure}(Array, 0)\n#3 /vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php(43): Illuminate\Support\Collection->mapWithKeys(Object(Closure))\n#4 /vagrant/www/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php(124): SMartins\PassportMultiauth\Guards\GuardChecker::getGuardsProviders(Array)\n#5 /vagrant/www/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php(82): SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate->authenticateTokenGuard(Object(SMartins\PassportMultiauth\Provider), Array)\n#6 /vagrant/www/infrastructure/Auth/Middleware/MultiTokenAccessChecker.php(43): SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate->handle(Object(Illuminate\Http\Request), Object(Closure), Array)\n#7 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Infrastructure\Auth\Middleware\MultiTokenAccessChecker->handle(Object(Illuminate\Http\Request), Object(Closure), 'admin')\n#8 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#9 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#10 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(667): Illuminate\Pipeline\Pipeline->then(Object(Closure))\n#11 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(642): Illuminate\Routing\Router->runRouteWithinStack(Object(Illuminate\Routing\Route), Object(Illuminate\Http\Request))\n#12 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(608): Illuminate\Routing\Router->runRoute(Object(Illuminate\Http\Request), Object(Illuminate\Routing\Route))\n#13 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(597): Illuminate\Routing\Router->dispatchToRoute(Object(Illuminate\Http\Request))\n#14 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\Routing\Router->dispatch(Object(Illuminate\Http\Request))\n#15 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): Illuminate\Foundation\Http\Kernel->Illuminate\Foundation\Http\{closure}(Object(Illuminate\Http\Request))\n#16 /vagrant/www/vendor/barryvdh/laravel-cors/src/HandleCors.php(36): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#17 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Barryvdh\Cors\HandleCors->handle(Object(Illuminate\Http\Request), Object(Closure))\n#18 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#19 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(31): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#20 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\TransformsRequest->handle(Object(Illuminate\Http\Request), Object(Closure))\n#21 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#22 /vagrant/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#23 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse->handle(Object(Illuminate\Http\Request), Object(Closure))\n#24 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#25 /vagrant/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#26 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Cookie\Middleware\EncryptCookies->handle(Object(Illuminate\Http\Request), Object(Closure))\n#27 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#28 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(62): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#29 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode->handle(Object(Illuminate\Http\Request), Object(Closure))\n#30 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#31 /vagrant/www/vendor/hyn/multi-tenant/src/Middleware/EagerIdentification.php(29): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#32 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Hyn\Tenancy\Middleware\EagerIdentification->handle(Object(Illuminate\Http\Request), Object(Closure))\n#33 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#34 /vagrant/www/vendor/hyn/multi-tenant/src/Middleware/HostnameActions.php(76): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#35 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(151): Hyn\Tenancy\Middleware\HostnameActions->handle(Object(Illuminate\Http\Request), Object(Closure))\n#36 /vagrant/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): Illuminate\Pipeline\Pipeline->Illuminate\Pipeline\{closure}(Object(Illuminate\Http\Request))\n#37 /vagrant/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(104): Illuminate\Routing\Pipeline->Illuminate\Routing\{closure}(Object(Illuminate\Http\Request))\n#38 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): Illuminate\Pipeline\Pipeline->then(Object(Closure))\n#39 /vagrant/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): Illuminate\Foundation\Http\Kernel->sendRequestThroughRouter(Object(Illuminate\Http\Request))\n#40 /vagrant/www/public/index.php(53): Illuminate\Foundation\Http\Kernel->handle(Object(Illuminate\Http\Request))\n#41 {main}",
"line": 54,
"file": "/vagrant/www/vendor/smartins/passport-multiauth/src/Guards/GuardChecker.php"
}
Token payload
{
"aud": "2",
[...]
"sub": "1",
"scopes": [],
"provider": "admins"
}
My solution: Change $guards to $guards[0]
public static function getGuardsProviders($guards) { return collect($guards[0])->mapWithKeys(function ($guard) { return [GuardChecker::defaultGuardProvider($guard) => $guard]; }); }
I send provider name with tokens and I have problem like on top. I found solution but I'm not sure it is good. I know, I shouldn't change files at package but I was searching a problem and discovered something like that. Someone have that same problem, and have better idea?
I cant Login: OAuthServerException
Am getting this error:
League\OAuth2\Server\Exception\OAuthServerException: The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed. in file .../../vendor/league/oauth2-server/src/Exception/OAuthServerException.php on line 114
This is my login code - Was working well with passport.
public function login(Request $request)
{
request()->validate([
'email' => 'required|email|max:255',
'password' => 'required|max:255|min:6',
]);
$params =[
'grant_type' => 'password',
'client_id' => $this->client->id,
'client_secret' => $this->client->secret,
'username' => request('email'),
'password' => request('password'),
'provider' => 'users',
'scope' => '*',
];
$request->request->add($params);
// dd($request->all());
$proxy = Request::create('oauth/token','POST');
//dd($proxy);
return Route::dispatch($proxy);
}MultiAuthenticate Middleware missing
Hi,
Im getting this error in my laravel app.
"ReflectionException
Class SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate does not exist"
When I checked in the vendor\smartins\passport-multiauth directory MultiAuthenticate.php is missing in the Middleware folder.
Im able to get this working by manually replacing the files with those files in package's github. I just want to ask if there is a way to solve this aside from manually copying files.
Thank you very much.
How To Create Password Grant Tokens
I'm using Password Grant Clients for my use case and therefore only want to create Password Grant Tokens for my Models. However when I do the following,
// Controller
$passportToken = $admin->createToken('Password Grant Token');
$passportToken->token->update(['expires_at' => Carbon::now()->addDays(5)]);
// api.php
Route::post('v1/adminprofile/{token}', 'AdminProfileController@store')->name('adminprofile.store')->middleware('multiauth:admin-api');
But I keep getting ERROR: Personal access client not found. Please create one. {"exception":"[object] (RuntimeException(code: 0): Personal access client not found. Please create one.
Auth middleware: Too few arguments to function
After setting up the package according to the instructions I get the following error:
Symfony\Component\Debug\Exception\FatalThrowableError: Too few arguments to function Illuminate\Auth\Middleware\Authenticate::authenticate(), 1 passed in /app/vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php on line 141 and exactly 2 expected in file /app/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php on line 55
when using the middleware auth:api (or with any guard).
It looks like in some recent version of Laravel, the authenticate method signature was changed to include the request (commit), in Illuminate\Auth\Middleware\Authenticate. This makes the attached middleware in this package incompatible with this version of Laravel.
Should be fixable by calling authenticate like this: $this->authenticate($request, $guards); on line 66 in SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate. Don't know if anything else has been changed that might affect this.
Running:
- Laravel 5.7.1
- Passport: 7.0.1
- passport-multiauth: 3.0.0
Symfony \ Component \ Debug \ Exception \ FatalThrowableError (E_ERROR) Call to a member function setCookie() on null
I get this error when i try to access the site after i implemented the package on my site
// If don't has any guard follow the flow
if (empty($guards)) {
return $this->authenticate($guards);
}
i fixed it by returning changing the method in MultiAuthenticate middleware class like so
// If don't has any guard follow the flow
if (empty($guards)) {
$this->authenticate($guards);
return $next($request);
}
maybe im doing something wrong.... but after that change, everything works perfectly
choose the provider SMartins\PassportMultiauth\Providers\MultiauthServiceProvider
Hi I stack here please help
on this point you said choose the provider SMartins\PassportMultiauth\Providers\MultiauthServiceProvider
What do you mean choose the provider
Unable to determine authentication model from configuration.
Issue when using admin auth
Personal access token
Hello sir, thank you for this package.
But I seem to have problems with generating the personal access token. I looked up with other issues in which you provided some sample but it still does not work.
I faced a strange issue
if the name of the model is like 'model_a' then it does not work there should not be any _ in model
Token issue with same id
I am facing issue with token on get detail on user.If i add token of same id it get user based on id...BUG
Too few arguments to function Illuminate\\Routing\\Router::{closure}(), 0 passed in /Users/markvilludo/Documents/Activity/MultiAuth/vendor/laravel/framework/src/Illuminate/Routing/Route.php on line 198 and exactly 1 expected
Hi Sir!
After setting up the package according to the instructions I get the following error when accessing the auth:admin middleware.
Too few arguments to function Illuminate\Routing\Router::{closure}(), 0 passed in /Users/markvilludo/Documents/Activity/MultiAuth/vendor/laravel/framework/src/Illuminate/Routing/Route.php on line 198 and exactly 1 expected.
Please help to fixed this issues. Thanks!
how to create revoke for tokens
@sfelix-martins
how can i create revoke for token in your package
it got this "Method Illuminate\\Database\\Query\\Builder::getAuthIdentifierName does not exist"
pass to other auth
Thank you for make passport-multiauth.
It helps me a lot of works.
I can pass to take multi models.
but The problem is i can pass from both in auth:admin route.
If you have any solutions, i am appreciated let me know.
cant install on laravel 5.5
I just setup new laravel 5.5 project and tried to install this package and I get the following. I will paste it all in here.
What can I do to make it install.
composer require smartins/passport-multiauth
Using version ^3.0 for smartins/passport-multiauth
./composer.json has been updated
Loading composer repositories with package information
Updating dependencies (including require-dev)
Your requirements could not be resolved to an installable set of packages.
Problem 1
- Conclusion: remove laravel/framework v5.5.43
- Conclusion: don't install laravel/framework v5.5.43
- laravel/passport v5.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.2 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v5.0.3 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.2 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.3 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.4 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.5 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.6 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v6.0.7 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v7.0.0 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- laravel/passport v7.0.1 requires illuminate/http ~5.6 -> satisfiable by illuminate/http[v5.6.0, v5.6.1, v5.6.10, v5.6.11, v5.6.12, v5.6.13, v5.6.14, v5.6.15, v5.6.16, v5.6.17, v5.6.19, v5.6.2, v5.6.20, v5.6.21, v5.6.22, v5.6.23, v5.6.24, v5.6.25, v5.6.26, v5.6.27, v5.6.28, v5.6.29, v5.6.3, v5.6.30, v5.6.31, v5.6.32, v5.6.33, v5.6.34, v5.6.35, v5.6.36, v5.6.37, v5.6.38, v5.6.4, v5.6.5, v5.6.6, v5.6.7, v5.6.8, v5.6.9, v5.7.0, v5.7.1, v5.7.2].
- don't install illuminate/http v5.6.0|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.1|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.10|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.11|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.12|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.13|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.14|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.15|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.16|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.17|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.19|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.2|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.20|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.21|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.22|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.23|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.24|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.25|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.26|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.27|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.28|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.29|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.3|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.30|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.31|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.32|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.33|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.34|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.35|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.36|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.37|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.38|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.4|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.5|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.6|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.7|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.8|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.6.9|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.0|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.1|don't install laravel/framework v5.5.43
- don't install illuminate/http v5.7.2|don't install laravel/framework v5.5.43
- Installation request for laravel/framework (locked at v5.5.43, required as 5.5.*) -> satisfiable by laravel/framework[v5.5.43].
- Installation request for smartins/passport-multiauth ^3.0 -> satisfiable by smartins/passport-multiauth[v3.0.0].
- Conclusion: don't install paragonie/random_compat v9.99.99|install laravel/passport v5.0.0|install laravel/passport v5.0.1|install laravel/passport v5.0.2|install laravel/passport v5.0.3|install laravel/passport v6.0.0|install laravel/passport v6.0.1|install laravel/passport v6.0.2|install laravel/passport v6.0.3|install laravel/passport v6.0.4|install laravel/passport v6.0.5|install laravel/passport v6.0.6|install laravel/passport v6.0.7|install laravel/passport v7.0.0|install laravel/passport v7.0.1
- Conclusion: remove paragonie/random_compat v9.99.99|install laravel/passport v5.0.0|install laravel/passport v5.0.1|install laravel/passport v5.0.2|install laravel/passport v5.0.3|install laravel/passport v6.0.0|install laravel/passport v6.0.1|install laravel/passport v6.0.2|install laravel/passport v6.0.3|install laravel/passport v6.0.4|install laravel/passport v6.0.5|install laravel/passport v6.0.6|install laravel/passport v6.0.7|install laravel/passport v7.0.0|install laravel/passport v7.0.1
- smartins/passport-multiauth v3.0.0 requires laravel/passport ^3.0|^4.0|^5.0|^6.0|^7.0 -> satisfiable by laravel/passport[v3.0.0, v3.0.1, v3.0.2, v4.0.0, v4.0.1, v4.0.2, v4.0.3, v5.0.0, v5.0.1, v5.0.2, v5.0.3, v6.0.0, v6.0.1, v6.0.2, v6.0.3, v6.0.4, v6.0.5, v6.0.6, v6.0.7, v7.0.0, v7.0.1].
- laravel/passport v3.0.0 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v3.0.1 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v3.0.2 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.0 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.1 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.2 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- laravel/passport v4.0.3 requires league/oauth2-server ^6.0 -> satisfiable by league/oauth2-server[6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1].
- league/oauth2-server 6.0.0 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.0.1 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.0.2 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.1.0 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- league/oauth2-server 6.1.1 requires paragonie/random_compat ^2.0 -> satisfiable by paragonie/random_compat[v2.0.0, v2.0.1, v2.0.10, v2.0.11, v2.0.12, v2.0.13, v2.0.14, v2.0.15, v2.0.16, v2.0.17, v2.0.2, v2.0.3, v2.0.4, v2.0.5, v2.0.6, v2.0.7, v2.0.8, v2.0.9].
- Can only install one of: paragonie/random_compat[v2.0.0, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.1, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.10, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.11, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.12, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.13, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.14, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.15, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.16, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.17, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.2, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.3, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.4, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.5, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.6, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.7, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.8, v9.99.99].
- Can only install one of: paragonie/random_compat[v2.0.9, v9.99.99].
- Installation request for paragonie/random_compat (locked at v9.99.99) -> satisfiable by paragonie/random_compat[v9.99.99].
Installation failed, reverting ./composer.json to its original content.
Create token manually
When i'm using laravel passport, i can create new token manually and send i to user, this function createToken works well but not with multiauth, what is the function that i can use to do that ??
Access token works for both Models
The package works fine as it is, but the issued token does work for both providers if they have a user with the same id.
I change the middleware from auth:admin_api to auth:api and on both, it returned user for their respected provider.
And that is a serious security issue.
Any idea how to prevent that?
Use passport-multiauth with CreateFreshApiToken
Hi!
I would like to use passport-multiauth with CreateFreshApiToken class, so I can use my api with my javascript application.
'web' => [ ... \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class ],
When I replace the basic auth class with the multiauth class in $routeMiddleware in Kernel.php, I get 401 Unauthorized error
//'auth' => \Illuminate\Auth\Middleware\Authenticate::class, 'auth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,
Is there any possibility to make it work with multiauth?
When my access token is being created for one model, all other Api guards become athenticated
When i run auth->check for each guard
"hospital-api" => true
"doctor-api" => true
"pharmacy-api" => true
"admin-api" => false
"patient-api" => true
Bypass guard given
I used: auth:admin and test with user authenticated with guard user and this pass the authorization.
I find the issue in ... /vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php : 56
if (empty($guards)) {
return $this->auth->authenticate();
}
This line return the authenticated user bypassing guard validation.
In ... /vendor/smartins/passport-multiauth/src/Http/Middleware/MultiAuthenticate.php : 59
// If don't has any guard follow the flow
if (empty($guards)) {
return $next($request);
}
If don't pass guard this follow the flow, else this must validate this guards...
I fix it overwritting authenticate method:
/**
* Determine if the user is logged in to any of the given guards.
*
* @param array $guards
* @return void
*
* @throws \Illuminate\Auth\AuthenticationException
*/
protected function authenticate(array $guards)
{
foreach ($guards as $guard) {
if ($this->auth->guard($guard)->check()) {
return $this->auth->shouldUse($guard);
}
}
throw new AuthenticationException('Unauthenticated.', $guards);
}
I am doing something wrong?
Auth::guard('admin')->attempt($credentials) is not working
Hi Samuel,
My problem is that Auth::guard('admin')->attempt($credentials) is not working. Error: Method attempt does not exist.
I couldn't find any solution anywhere.
Somebody from this post https://github.com/laravel/framework/issues/21194 says to use \Auth::setUser($token->user); as an workaround, but he also say that I will have
to override register and all auth functions as well
....is getting complicated, I don't understand how to do that.
Can you please advice how this should be done maybe in a more simple way?
Thank you!
Nicolae
Error in ProviderRepository -> SQL column "id" does not exist
Error :
SQLSTATE[42703]: Undefined column: 7 ERROR: column "id" does not exist
LINE 1: ...ed_at", "updated_at") values ($1, $2, $3, $4) returning "id"
^ (SQL: insert into "oauth_access_token_providers" ("oauth_access_token_id", "provider", "created_at", "updated_at") values (6f4ddebe08a9deb4963de652797b8fefdd742862eba62b326a77cf61824ddca13bc8d966e30ec10c, users, 2017-11-09 13:14:03, 2017-11-09 13:14:03) returning "id")
Solution :
Add in SMartins\PassportMultiauth\Provider line:
protected $primaryKey = 'oauth_access_token_id';
Unauthenticated when using auth:admin
When doing a request to any protected route, using, after succesull login
Route::group(['middleware' => 'auth:admins'], function(){ Route::get('customers', 'CustomerController@index'); });
will always return Unauthenticated.
This MultiAuth package was succesfull installed, and I am able to login to any user category I want, like Users or Admins.
From what I know in this expression "auth:admins", admins is the provider defined in auth.php.
If so, I don't understand why is still Unauthenticated when access_token from oauth/token is generated and sent in Header.
My experience with Authentication and access_token started with this project, so I don't have to many knowledge and I suppose my problem is because I don't know how to keep the access_token on the server side and check it again when is a new Request.
Frontend and Backend in my case are 2 separate projects.
For the moment, I am doing the Login (where is the oauth/token call). I return the response from oauth/token that have access_token and refresh_token with expiration date and set The Authentication Header with Beared on Frontend.
In this moment, Frontend has the access_token as header.
If I am doing a new request to Backend, the Request will have the access_token but the Response Headers will not heave it and I think this is the problem. Or not?
I hope my problem description is not too long and hard to understand as I really need to know haw to keep the access_token on Response and compare it on each new request with the access_token sent to Frontend.
Thank you!
How to logout a user who is haven token from your passport api
Error after encapsulate the passport routes
Hi, after add code above:
Passport::routes();
Route::group(['middleware' => 'custom-provider'], function () {
Passport::routes(function ($router) {
return $router->forAccessTokens();
});
});`
At the terminal show me this error, when try execute any command:
[Symfony\Component\Debug\Exception\FatalThrowableError]
Class 'App\Providers\Route' not found
Can't authenticate with client_credentials grant
First of all thanks for this awesome package !
I seem to have an issue with client_credentials grant that look like this one #33.
When I try to authenticate a client using client_credentials I get an error from the AddCustomProvider rejecting my request because I did not specify a provider.
My request contains the requested parameters for a client_credentials:
grant_type: client_credentials
client_id: 1
client_secret: Vx0HRmHsc7jjc8teYdasrx10ajPUWDH4B90Elznd
The AddCustomProvider answers
The request is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed
If I specify a provider I can authenticate (but I shouldn't have to because I am not trying to authenticate a user).
If I unwrap the Passport::routes in the AuthServiceProvider I can authenticate my client without passing a provider but then the user authentication does not work anymore.
Could it be possible to check for the provider param only in the context of an user authentication ?
I found a bug in MultiAuthenticate function authenticateTokenGuard
Here is the bug screenshot
"message": "Too few arguments to function Illuminate\Auth\Middleware\Authenticate::authenticate(), 1 passed in C:\laragon\www\phoenix\vendor\smartins\passport-multiauth\src\Http\Middleware\MultiAuthenticate.php on line 143 and exactly 2 expected",
It can be solved by these modifications:
function on the line 141 needs two parameters so it has to look like this:
$this->authenticate($request, $authGuards);
and the function on line 81 needs to be called like this:
$this->authenticateTokenGuard($request, $accessToken, $guards);
Can you fix this ASAP?
Details of another user can be access by changing the provider when requesting a refreshing token
I have two auth providers: users and admins.
Let's say I used users provider to retrieve access_token and refresh_token using password grant. Then I can use that refresh_token to refresh the tokens as described here.
So even though I'm using a refresh_token which was issued for a user, if I change the provider param to admins when refreshing the tokens, the new tokens I receive will be linked to an admin instead. So as long as I have an 'admin' with the same id as a 'user' I can access the system as an admin through the user and vice-versa.
How can I prevent this?
can't change expiration of token
Hi, i have a problem with this. I add the next lines to AuthServiceProvider:
Passport::tokensExpireIn(now()->addDays(15));
Passport::refreshTokensExpireIn(now()->addDays(30));
This doesn't work, how can i change expiration time ?
Thanks.
Doesn't seem to work with client_credentials grant.
As the client credentials grant is used for machine to machine authentication, it does not have a provider by default. So I get an error while trying to obtain a token using client credentials grant.
This is the database exception I am getting
SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'provider' cannot be null (SQL: insert into `oauth_access_token_providers` (`oauth_access_token_id`, `provider`, `created_at`, `updated_at`) values (6fc58009ff4ad74ea68041147e3e9985a5a68e735beb5fcea4f831dc5f7d895eb6eca502fc9c6810, , 2018-07-10 11:33:08, 2018-07-10 11:33:08))
HTML Response with Accept: application/json
When I call an API route using a token I get proper response
However without access_token I'm being redirected to the Login Page
Here's my request with token
https://project.test/api/v1/de/user/
Authorization: myPersonalAccessToken
Content-Type: application/json
Accept: application/json
My Request Without Token
https://project.test/api/v1/de/user/
Content-Type: application/json
Accept: application/json
My api.php
Route::prefix("v1")->group(function () {
Route::post("de/login", "API\DeliveryExecutiveController@login");
Route::middleware('auth:de')->group(function () {
Route::get("de/user", "API\DeliveryExecutiveController@user");
});
});
[bug] provider that does not exist is still works
"name": "laravel/framework",
"version": "v5.5.44",
"name": "smartins/passport-multiauth",
"version": "v3.0.0",
"name": "laravel/passport",
"version": "v4.0.3",
provider that does not exist is still works ,my code :
Route::group(['prefix' => 'data', 'middleware' => 'multiauth:api'], function ($route) {
$route->get('readData', 'ChannelFormDataController@readData');
});
and when I cahnge the middleware to a not exist provider , It still works ,and this is the problem .
Route::group(['prefix' => 'data', 'middleware' => 'multiauth:somethingxxx'], function ($route) {
$route->get('readData', 'ChannelFormDataController@readData');
});
the result is the same !
the action method as follow :
public function readData(Request $request)
{
return response()->json([auth()->user()]);
}
my auth.php as follow:
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'api',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'channel_users',
],
'api' => [
'driver' => 'passport',
'provider' => 'channel_users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
'channel_users' => [
'driver' => 'eloquent',
'model' => App\Models\ChannelUser::class,
],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'channel_users',
'table' => 'password_resets',
'expire' => 60,
],
],
];
redirect to many time
when route has auth:{guard} middleware and {guard} has a session driver (not passport driver), Laravel crashes and the browser say TOO_MANY_DIRECTS. I am also using hesto\multi-auth
L5.7 and passport-multiauth v4.0.0
// 'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
'auth' => \SMartins\PassportMultiauth\Http\Middleware\MultiAuthenticate::class,If I use normal 'auth' (\Illuminate\Auth\Middleware\Authenticate::class,), it is ok.
Looking for the first provider in case of two guards
Hi.
The package is working perfectly, but I have an issue when using more than one guard:
If I use a token generated for a User that has the same id as an Admin,
Route::group(['middleware' => ['api', 'auth:admin,api']], function () { Route::get('/admin', function ($request) { return $request->user(); }); });
This returns the Admin instance.
config cache problem
Hi,
I am encountering strange issue with multiauth. I am using Laravel inside of docker and right after startup of the docker container everything seems to work as it should, however after few minutes strange things start to happen ๐ .
When I am trying to login through original Laravel User model I got this error:
Client error: POST localhost/oauth/token resulted in a 401 Unauthorized response:{\"error\":\"invalid_client\",\"message\":\"Client authentication failed\"}
What is pretty self-describing, it cannot match passport client with request, however everything is being set properly, because right after startup of docker it worked. Solution for this problem is to run php artisan config:clear . After this command everything works fine so It looks like there is some problem with the config cache, I guess?
Another error related to this issue jumps when I am trying to login through my own added model called Gateway. The symptoms are similar to the issue above, after startup everything works fine and after few minutes this error occurs:
Server error: POST localhost/oauth/token resulted in a 500 Internal Server Error response:<!DOCTYPE html><!--League\\OAuth2\\Server\\Exception\\OAuthServerException: The request is missing a required parameter, (truncated...)"
Again, it is clear to me what it is talking about - it is missing provider parameter from the request, however it is present and was working right after startup. Again, after running of php artisan config:clear everything seems to be working properly.
And my last observation regarding config cache issue is when after few minutes after startup I am trying to access protected endpoint by Bearer token retrieved right after startup. This is the error, please note that I shortened token stated in the error:
SQLSTATE[42S22]: Column not found: 1054 Unknown column 'api_token' in 'where clause' (SQL: select * from users where api_token = eyJ0eXAiOiJKV1QiLCJhb limit 1
Solution for this problem is again in command php artisan config:clear
All leads seem to be pointing into config cache related issue. Hard to say if it is caused by docker environment or not, however these are my tech specs:
Docker for Mac - 18.06.0-ce
Laravel - 5.7.13
Passport - 7.0.3
Multiauth - 4.0
Token work for both models
Hello sfelix,
Thanks for making this amazing package, I have followed your usage about how implemented this package, and its work fine, after I realize, token that I generate for models User can use for models Admin too
On the last issue, you said to add header request Accept: application/json;. Than I add it, but I've still got the same problem.
Any idea to fix this?
Thanks
i got an error Call to undefined method Illuminate\Database\Query\Builder::getAuthPassword()
while posting through post man with this data i got error
"Call to undefined method Illuminate\Database\Query\Builder::getAuthPassword()"
{ "grant_type" : "password", "client_id" : "3", "client_secret": "g6zrsKw7SCel0TraN6T60FV3iwWoRhu0nKu8hYp0", "username": "[email protected]", "password": "[email protected]", "provider" : "customers" }
Argument 2 passed to Illuminate\\Auth\\SessionGuard::__construct()
hello, I'm following all the tutorial but why I always getting this error ?
{ "message": "Argument 2 passed to Illuminate\\Auth\\SessionGuard::__construct() must be an instance of Illuminate\\Contracts\\Auth\\UserProvider, null given, called in D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php on line 123", "exception": "Symfony\\Component\\Debug\\Exception\\FatalThrowableError", "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\SessionGuard.php", "line": 97, "trace": [ { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 123, "function": "__construct", "class": "Illuminate\\Auth\\SessionGuard", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 94, "function": "createSessionDriver", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 68, "function": "resolve", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthManager.php", "line": 54, "function": "guard", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "function": "Illuminate\\Auth\\{closure}", "class": "Illuminate\\Auth\\AuthManager", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Auth\\AuthServiceProvider.php", "line": 86, "function": "call_user_func" }, { "function": "Illuminate\\Auth\\{closure}", "class": "Illuminate\\Auth\\AuthServiceProvider", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Http\\Request.php", "line": 502, "function": "call_user_func" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php", "line": 96, "function": "user", "class": "Illuminate\\Http\\Request", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Middleware\\ThrottleRequests.php", "line": 48, "function": "resolveRequestSignature", "class": "Illuminate\\Routing\\Middleware\\ThrottleRequests", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Routing\\Middleware\\ThrottleRequests", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 104, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 681, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 656, "function": "runRouteWithinStack", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 622, "function": "runRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Router.php", "line": 611, "function": "dispatchToRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 176, "function": "dispatch", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 30, "function": "Illuminate\\Foundation\\Http\\{closure}", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\fideloper\\proxy\\src\\TrustProxies.php", "line": 57, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Fideloper\\Proxy\\TrustProxies", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php", "line": 31, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest.php", "line": 31, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize.php", "line": 27, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode.php", "line": 62, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 151, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Routing\\Pipeline.php", "line": 53, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Pipeline\\Pipeline.php", "line": 104, "function": "Illuminate\\Routing\\{closure}", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 151, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\vendor\\laravel\\framework\\src\\Illuminate\\Foundation\\Http\\Kernel.php", "line": 116, "function": "sendRequestThroughRouter", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\public\\index.php", "line": 55, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "D:\\Project\\darihati_backend\\server.php", "line": 21, "function": "require_once" } ] }
Class 'App\Providers\Route' not found
When I publish the component with this command
php artisan vendor:publish --provider="SMartins\PassportMultiauth\Providers\MultiauthServiceProvider"
I get the following error
In AuthServiceProvider.php line 32:
Class 'App\Providers\Route' not found
I can't figure out what I did wrong.
The package confuses with two different guard and same id on two model (table)
If i try Auth::guard('user-api')->user(); I get a user with id 9, and if I try Auth::guard('admin-api')->user(); I get an admin with id 9. so wierd !!! I checked all the things and they were set correctly but with same token I get two different model instance!
Ignore migration
I need to ignore migration
when i'm using laravel passport it's ignore migration by
Passport::ignoreMigrations();
I need function to ignore migration with this package
Not Able to authenticate
Hi @sfelix-martins ,
How do you authenticate a user from another table?
Like on my side I have User and MerchantAuth Model.
To authenticates users, everything goes well, without any problem.
But I'm struggling to authenticate MerchantsAuth users, I tried to follow all the steps you have provided, but I can't see it working.
This what I got so far:
Guards
Providers
Kernel Middleware Adjustment
AuthController
`public function login(Request $request)
{
$request->validate([
'email' =>'required|email',
'password' =>'required',
'remember_me'=>'boolean'
]);
$credentials = $request->only('email','password');
if(!auth()->attempt($credentials)){
return response()->json([
'errors' =>[
'root' =>'Your email or password doesen\'t match with our records.'
]
],401);
}
$user = $request->user();
$tokenResult = $user->createToken('Personal Access Token');
$token = $tokenResult->token;
if($request->remember_me){
$token->expires_at = Carbon::now()->addWeeks(1);
}
$token->save();
return response()->json([
'data' =>[
'access_token' => $tokenResult->accessToken,
'token_type' => 'Bearer',
'expires_at' =>Carbon::parse(
$tokenResult->token->expires_at
)->toDateTimeString()
]
]);
}`
Postman Test
Results,
From what I can see it's still looking for users table and not be checking the merchant table,
So any help it would be appreciated, and just to mention that in this stage, I just want it to authenticate
Username and Password and not the entire OAuth process.
how to authenticate a user using username only
i have a type of users that have an email acting as username, and there is no password field, so how i can get access_token for this type of users
` $http = new \GuzzleHttp\Client();
$response = $http->post(url('oauth/token'), [
'form_params' => [
'grant_type' => 'password',
'client_id' => env("PASSPORT_KEY"),
'client_secret' => env("PASSPORT_SECRET"),
'username' => $email,
"provider" => "users"
],
]);
return json_decode($response->getBody());`
severe security issue - authenticated user is passing all types of guards
Hi,
I am experiencing severe security issue with version 4.0 . It doesnt appear in version 3.0
Problem is that after retrieval of access token I am able to pass through all of the defined auth guards. I got 2 types of models, however type 1 can go through auth guard 1 and 2 as well and vice versa for model of type 2.
As I have already mentioned, I am not experiencing this bug on version 3.0.
Problematic version combination is:
Laravel - 5.7.15
Passport - 7.0.3
Multiauth - 4.0
EDIT:
I am returning user instance by Auth::user() as response and when I am accessing guard 1 with token from model 2, I am retrieving user from model 1 as response with id that is same as for model 2.
However when I am accessing guard 2 with model 2 I am getting right credentials for that models user. And when I am accessing guard 2 with model 1 I am getting credentials from user of model 1.
Doesn't seem to work with personal access token grant type
I've implemented this package but it seems to not work with personal access tokens. Tokens are being stored with the users provider regardless of the guard applied
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.