corbosman/laravel-passport-claims
Composer 安装命令:
composer require corbosman/laravel-passport-claims
包简介
Add claims to Laravel Passport JWT Tokens
README 文档
README
This package allows you to add claims to Laravel Passport JWT Tokens. If you have questions or comments, please open an issue.
Installation
This package only supports Laravel 11 and 12. You can try to use older versions of this package but it's not supported.
Via Composer
composer require corbosman/laravel-passport-claims
Usage
This package sends the AccessToken class through a pipeline of classes to collect all the claims, similar to how laravel middleware works. Each class adds a claim to the token. For each claim that you want to add, you need to create a class like the example below. You can of course add multiple claims in a single class as well.
You can use an artisan command to generate a class for you. Just provide a path from the root of your app folder. The example below will create a class app/Claims/CustomClaim.php
php artisan claim:generate Claims/CustomClaim
<?php namespace App\Claims; use CorBosman\Passport\AccessToken; // extends Laravel\Passport\Bridge\AccessToken class CustomClaim { public function handle(AccessToken $token, $next) { $token->addClaim('my-claim', 'my custom claim data'); return $next($token); } }
Because the Passport AccessToken is sent through the pipeline, you have access to methods on the AccessToken class. This is useful if you want to derive information from the token. For instance, look up user data based on the token user identifier. You can check the AccessToken class to see all the methods you can use.
<?php namespace App\Claims; use App\User; use CorBosman\Passport\AccessToken; // extends Laravel\Passport\Bridge\AccessToken class CustomClaim { public function handle(AccessToken $token, $next) { $user = User::find($token->getUserIdentifier()); $token->addClaim('email', $user->email); return $next($token); } }
config
To tell this package which claims you want to add, you need to publish the config file and add a list of all your classes. To publish the config file, run the following command after installing this package.
php artisan vendor:publish --provider="CorBosman\Passport\ServiceProvider"
The config file will look like this.
<?php return [ /* |-------------------------------------------------------------------------- | JWT Claim Classes |-------------------------------------------------------------------------- | | Here you can add an array of classes that will each be called to add | claims to the passport JWT token. See the readme for the interface that | these classes should adhere to. | */ 'claims' => [ App\Claims\MyCustomClaim::class, App\Claims\MyOtherCustomClaim::class ] ];
middleware
You can set a middleware on a route that checks for the existence of a specific claim. Add the middleware to your \App\Http\Kernel.php class:
protected $routeMiddleware = [ 'claim' => \CorBosman\Passport\Http\Middleware\CheckForClaim::class, ];
Then assign this middleware to a route. Generally you would also add a passport middleware that checks for a valid token.
Route::middleware(['client', 'claim:my-claim'])->get('my-protected-route', function () { return 'protected by claim'; });
You can check if the claim matches a specific value.
Route::middleware(['client', 'claim:my-claim,foobar'])->get('my-protected-route', function () { return 'protected by claim with foobar as its value'; });
You can also check if the claim matches a specific value from multiple values, you just need to add the values separated with |.
Route::middleware(['client', 'claim:my-claim,foo|bar'])->get('my-protected-route', function () { return 'protected by claim with foo or bar as its value'; });
Formatters
This package also allows you to configure custom Formatters. Formatters can be used to modify existing claims. You could even use them to add claims. A common reason to opt for a custom Formatter is to change the DateTime fields in the JWT from floats back to integers. Due to a change in a library, JWTs are now issued with float values, which breaks compatibility with virtually all other JWT libraries. If you run into that problem, all you have to do is add the following to the passport-claims.php config file:
'formatters' => [ \Lcobucci\JWT\Encoding\UnifyAudience::class, \Lcobucci\JWT\Encoding\UnixTimestampDates::class, ]
This swaps out the microsecond formatter with the old unix timestamp formatter. You're of course also free to add any other custom claim formatters.
Change log
Please see the changelog for more information on what has changed recently.
Contributing
Please see contributing.md for details.
Security
If you discover any security related issues, please email author email instead of using the issue tracker.
Credits
License
Please see the license file for more information.
corbosman/laravel-passport-claims 适用场景与选型建议
corbosman/laravel-passport-claims 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 733k 次下载、GitHub Stars 达 88, 最近一次更新时间为 2020 年 04 月 24 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「laravel」 「passport」 「jwt」 「claim」 「laravel-passport-claims」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 corbosman/laravel-passport-claims 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 corbosman/laravel-passport-claims 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 corbosman/laravel-passport-claims 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple library to decode and parse Apple Sign In client tokens.
JWT API authentication driver (Guard) for Laravel.
A package to allow laravel/passport use with mongodb/laravel-mongodb
Multiauth and custom grants for laravel passport
Laravel JWT auth service package
Simple laravel passport multiple user authentication
统计信息
- 总下载量: 733k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 88
- 点击次数: 40
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2020-04-24