robsontenorio
commented
2 years ago Hi!
Thanks for your effort. But, there is two issues:
- You have hardcoded keycloak urls.
- By design this package is intended to be passive. It must not call external resources.
this will allow you to check permission like that
Auth::hasPermission('trumobile-api', 'drivers#driver-index');
as mentioned in the keylock documentation link
https://www.keycloak.org/docs/latest/authorization_services/index.html#_service_obtaining_permissions
through curl request, we make an HTTP call to the keylock server
curl -X POST \ http://${host}:${port}/realms/${realm}/protocol/openid-connect/token \ -H "Authorization: Bearer ${access_token}" \ --data "grant_type=urn:ietf:params:oauth:grant-type:uma-ticket" \ --data "audience={resource_server_client_id}" \ --data "permission=Resource A#Scope A" \ --data "permission=Resource B#Scope B"