laravel - 如何在Laravel Passport中处理OAuth异常？(How to handle OAuth exception in Laravel Passport?)

Question

I am working on laravel passport package.

(我正在研究laravel护照包。)

When i revoke token and access the authenticated endpoint it throws an exception.

(当我撤消令牌并访问经过身份验证的端点时，它将引发异常。)

The logs file contain "The resource owner or authorization server denied the request".

(日志文件包含“资源所有者或授权服务器拒绝了该请求”。)

To handle is exception i created OAuth middleware and placed exception code in it as mentioned in this link: https://www.kingpabel.com/oauth2-exception-custom-error-message/

(要处理的是异常，我创建了OAuth中间件，并在此链接中提到了将异常代码放入其中： https : //www.kingpabel.com/oauth2-exception-custom-error-message/)

public function handle($request, Closure $next)
    {
        //return $next($request);
         try {
            $response = $next($request);
            // Was an exception thrown? If so and available catch in our middleware
            if (isset($response->exception) && $response->exception) {
                throw $response->exception;
            }
            return $response;
        } catch (OAuthException $e) {
            $data = [
//                'error' => $e->errorType,
//                'error_description' => $e->getMessage(),
                'error' => 'Custom Error',
                'error_description' => 'Custom Description',
            ];
            return Response::json($data, $e->httpStatusCode, $e->getHttpHeaders());
        }
    }

I want to return the error in json format like:

(我想以json格式返回错误，例如：)

{
    "error": "Token is invalid!"
}

I will appreciate if anyone guide me in this regard.

(如果有人在这方面指导我，我将不胜感激。)

Thanks,

(谢谢，)

  ask by Amir Khan translate from so

Answer 1

I managed to get it in this way, in the handler.php

(我设法以这种方式在handler.php得到它)

use LeagueOAuth2ServerExceptionOAuthServerException;
use IlluminateAuthAuthenticationException;
....

public function report(Exception $exception)
    {   
        if ($exception instanceof OAuthServerException || $exception instanceof AuthenticationException) {

            if(isset($exception->guards) && isset($exception->guards()[0]) ==='api')
            response()->json('Unauthorized', 401) ;
            else if ($exception instanceof OAuthServerException)
            response()->json('Unauthorized', 401) ;
        }

        parent::report($exception);
    }

then in order to prevent cross origin error on browser added a middleware as follows NOTE: make middleware secure in production kernal.php

(然后为了防止浏览器上的跨源错误，添加了如下middleware注意：使中间件在生产环境kernal.php安全)

protected $middleware = [
        ....
        AppHttpMiddlewareCors::class,
    ];

cors.php

use Closure;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {

        return $next($request)
        ->header('Access-Control-Allow-Origin', '*')
          ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
          ->header('Access-Control-Allow-Headers',' Origin, Content-Type, Accept, Authorization, X-Request-With')
          ->header('Access-Control-Allow-Credentials',' true');

    }
}