mirror of
https://github.com/elyby/oauth2-server.git
synced 2025-01-13 15:22:12 +05:30
BearerTokenResponse now outputs JWTs. Fixes #209
This commit is contained in:
parent
1bdad3ad14
commit
b8732a2f83
@ -11,6 +11,10 @@
|
|||||||
|
|
||||||
namespace League\OAuth2\Server\ResponseTypes;
|
namespace League\OAuth2\Server\ResponseTypes;
|
||||||
|
|
||||||
|
use Lcobucci\JWT\Builder;
|
||||||
|
use Lcobucci\JWT\Signer\Key;
|
||||||
|
use Lcobucci\JWT\Signer\Rsa\Sha256;
|
||||||
|
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Zend\Diactoros\Response;
|
use Zend\Diactoros\Response;
|
||||||
|
|
||||||
@ -21,14 +25,34 @@ class BearerTokenResponse extends AbstractResponseType
|
|||||||
*/
|
*/
|
||||||
public function generateHttpResponse()
|
public function generateHttpResponse()
|
||||||
{
|
{
|
||||||
$values = [
|
$jwtAccessToken = (new Builder())->setAudience($this->accessToken->getClient()->getIdentifier())
|
||||||
'access_token' => $this->accessToken->getIdentifier(),
|
->setId($this->accessToken->getIdentifier(), true)
|
||||||
|
->setIssuedAt(time())
|
||||||
|
->setNotBefore(time())
|
||||||
|
->setExpiration($this->accessToken->getExpiryDateTime()->getTimestamp())
|
||||||
|
->set('uid', $this->accessToken->getUserIdentifier())
|
||||||
|
->set('scopes', $this->accessToken->getScopes())
|
||||||
|
->sign(new Sha256(), new Key($this->pathToPrivateKey))
|
||||||
|
->getToken();
|
||||||
|
|
||||||
|
$responseParams = [
|
||||||
'token_type' => 'Bearer',
|
'token_type' => 'Bearer',
|
||||||
'expires_in' => $this->accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp()
|
'expires_in' => $this->accessToken->getExpiryDateTime()->getTimestamp() - (new \DateTime())->getTimestamp(),
|
||||||
|
'access_token' => (string) $jwtAccessToken,
|
||||||
];
|
];
|
||||||
|
|
||||||
if (!is_null($this->getParam('refresh_token'))) {
|
if ($this->refreshToken instanceof RefreshTokenEntityInterface) {
|
||||||
$values['refresh_token'] = $this->getParam('refresh_token');
|
$jwtRefreshToken = (new Builder())->setAudience($this->accessToken->getClient()->getIdentifier())
|
||||||
|
->setId($this->refreshToken->getIdentifier())
|
||||||
|
->setIssuedAt(time())
|
||||||
|
->setNotBefore(time())
|
||||||
|
->setExpiration($this->refreshToken->getExpiryDateTime()->getTimestamp())
|
||||||
|
->set('accessToken', $this->accessToken->getIdentifier())
|
||||||
|
->set('scopes', $this->accessToken->getScopes())
|
||||||
|
->sign(new Sha256(), new Key($this->pathToPrivateKey))
|
||||||
|
->getToken();
|
||||||
|
|
||||||
|
$responseParams['refresh_token'] = (string) $jwtRefreshToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
$response = new Response(
|
$response = new Response(
|
||||||
@ -40,7 +64,7 @@ class BearerTokenResponse extends AbstractResponseType
|
|||||||
'content-type' => 'application/json;charset=UTF-8'
|
'content-type' => 'application/json;charset=UTF-8'
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
$response->getBody()->write(json_encode($values));
|
$response->getBody()->write(json_encode($responseParams));
|
||||||
|
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
@ -53,8 +77,6 @@ class BearerTokenResponse extends AbstractResponseType
|
|||||||
$header = $request->getHeader('authorization');
|
$header = $request->getHeader('authorization');
|
||||||
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
|
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
|
||||||
|
|
||||||
// ^(?:\s+)?Bearer\s([a-zA-Z0-9-._~+/=]*)
|
|
||||||
|
|
||||||
return ($accessToken === 'Bearer') ? '' : $accessToken;
|
return ($accessToken === 'Bearer') ? '' : $accessToken;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user