library auth {🖫 11, ⚐ 4, ★ 0}

jpuminate/auth

laravel package for checking token signature, work on microservice architecture, when we need to ckeck the token validation without sending the request to the Auth server

Thursday, October 5, 2017
by JPuminate
Repository
1 Watchers
0 Stars
11 Installations

PHP
0 Dependents
0 Suggesters
0 Forks
0 Open issues
4 Versions
0 % Grown

The README.md

Introduction

JP Identity is an API for checking authorization token locally., _(*1)

Installation

To get started, install Identity via the Composer package manager:, _(*2)

composer require jpuminate/auth

Next, register the Identity service provider in the providers array of your config/app.php configuration file:, _(*3)

JPuminate\Auth\Identity\IdentityServiceProvider::class,

The Identity service provider registers its own database migration directory with the framework, so you should migrate your database after registering the provider. The Identity migrations will update users table if exist:, _(*4)

php artisan migrate

If you are not going to use Identity's default migrations, you should call the Identity::ignoreMigrations method in the register method of your AppServiceProvider. You may export the default migrations using, _(*5)

php artisan vendor:publish --provider="JPuminate\Auth\Identity\IdentityServiceProvider" --tag=identity-migrations

After running this command, make the your App\User model use JPuminate\Auth\Identity\HasOAuthToken trait., _(*6)

<?php

namespace App;

use Illuminate\Notifications\Notifiable

class User extends Model
{
    use Notifiable, HasOAuthToken;
}

Next, you should publish the Identity config file. by running this command:, _(*7)

php artisan vendor:publish --provider="JPuminate\Auth\Identity\IdentityServiceProvider" --tag=config

In your config/auth.php configuration file, you should set the driver option of the api authentication guard to identity. This will instruct your application to use Identity's Guard when authenticating incoming API requests:, _(*8)

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'identity',
            'provider' => 'users',
        ],
    ],

Finally, Identity needs a public-key to verify tokens, so run this command :, _(*9)

 php artisan identity:public-key

This command generate a file that will contain your public-key's auth server in your storage path., _(*10)

Configuration

Authentication domains

The config/identity.php exports two domains of authentication: users and third-parties(clients). br/ the users domain allows you to configure a part of your application that reachable by the Users br/ and the third-parties domain helps you to manage the requests coming from the microservice instances or other clients hosted in Auth Server, _(*11)

<?php

return [
    "users" => [
       "subject" => [
               "hosted" => true, // if you have your own users in your microservice
               'force-create' => true, // create current user if not exist
               ],
       "claims" => [ // extracted from the token
               "username" => "username", 
               "phone" => "phone",
               "scopes" => "scopes" // if you need to manage scopes
               ]
    ],
    "clients" => [
       "claims" => [ // extracted from the token
               "name" => "client_name",
               "scopes" => "scopes" // if you need to manage scopes
               ]
     ]
];

Users Table

By defaults, identity use 'users' as table name, and jp_user_id as foreign key, If you would like to configure them, you may use the foreignKey and usersTable methods,
These methods should be called from the boot method of your AuthServiceProvider:, _(*12)

public function boot()
{
    $this->registerPolicies();

    Identity::usersTable('x_users');

    Identity::foreignKey('oauth_user_id');
}

Protecting Routes

Guard

Identity includes an authentication guard that will validate access tokens on incoming requests. Once you have configured the api guard to use the identity driver, you only need to specify the auth:api middleware on any routes that require a valid access token:, _(*13)

Route::get('/user', function () {
    //
})->middleware('auth:api');

When calling routes that are protected by Identity, your application's API consumers should specify their access token as a Bearer token in the Authorization header of their request., _(*14)

Checking Scopes

When using scopes as claim value in your identity config file, you will be able to manage scopes in your microservice api, To get started, Identity comes with a scope checker middleware, all you need is to put it in the $routeMiddleware property of your app/Http/Kernel.php file:, _(*15)

 protected $routeMiddleware = [
       // others
        'check_scopes' => \JPuminate\Auth\Identity\Http\Middleware\CheckScopes::class,
    ];

To use it:, _(*16)

use Illuminate\Http\Request;

Route::get('/vehicles', function () {
    // Access token has both "check-status" and "access_vehicles" scopes...
})->middleware('check_scopes:check-status,access_vehicles');

Checking Scopes On A Token Instance

Once an access token authenticated request has entered your application, you may still check if the token has a given scope using the tokenCan method on the authenticated User/Client instance:, _(*17)

use Illuminate\Http\Request;

Route::get('/trackings', function (Request $request) {
    if ($request->user()->tokenCan('access-orders')) {
        //
    }
});

Checking domains

if your microservice api can be consumed by the users and the clients, so you have to check the domain that the current user is belongs to, Identity comes with that checker, all you need is to put this middleware in your app/Http/Kernel.php file:, _(*18)

 protected $routeMiddleware = [
        // others
        'check_domain' => \JPuminate\Auth\Identity\Http\Middleware\CheckAuthDomain::class,
    ];

To use it:, _(*19)

use Illuminate\Http\Request;

Route::get('/users/id/vehicles', function () {
    // Access only for the users
})->middleware('check_domain:AuthDomain::$USERS');

use Illuminate\Http\Request;

Route::get('/trackings', function () {
     // Access only for the clients
})->middleware('check_domain:AuthDomain::$CLIENTS');

Events

Identity raises event when create hosted users if it's possible. You may use these event to add defaults data to your model. You may attach listeners to these events in your application's EventServiceProvider:, _(*20)

/**
 * The event listener mappings for the application.
 *
 * @var array
 */

  protected $listen = [
        'JPuminate\Auth\Identity\Events\HostedUserCreated' => [
            'App\Listeners\HostedUserCreatedListener',
        ],
    ];

The Versions

05/10 2017

1.0

1.0.0.0

laravel package for checking token signature, work on microservice architecture, when we need to ckeck the token validation without sending the request to the Auth server

Sources Download

MIT

The Requires

The Development Requires

by 40Enissay

by YassineX

auth jwt token microservices design auth strategy

05/10 2017

dev-develop

laravel package for checking token signature, work on microservice architecture, when we need to ckeck the token validation without sending the request to the Auth server

Sources Download

MIT

The Requires

The Development Requires

by 40Enissay

auth jwt token microservices design auth strategy

05/10 2017

dev-master

9999999-dev

laravel package for checking token signature, work on microservice architecture, when we need to ckeck the token validation without sending the request to the Auth server

Sources Download

MIT

The Requires

The Development Requires

by 40Enissay

by YassineX

auth jwt token microservices design auth strategy

25/08 2017

v1.x-dev

1.9999999.9999999.9999999-dev

api for checking oauth token locally.

Sources Download

MIT