Updated the validation to BearerTokenResponse

This commit is contained in:
Alex Bilbie 2016-01-17 13:57:07 +00:00
parent c7a904ca40
commit d755a8c01d

View File

@ -12,6 +12,7 @@
namespace League\OAuth2\Server\ResponseTypes;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Parser;
use Lcobucci\JWT\Signer\Key;
use Lcobucci\JWT\Signer\Rsa\Sha256;
use League\OAuth2\Server\Entities\Interfaces\RefreshTokenEntityInterface;
@ -78,8 +79,28 @@ class BearerTokenResponse extends AbstractResponseType
public function determineAccessTokenInHeader(ServerRequestInterface $request)
{
$header = $request->getHeader('authorization');
$accessToken = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
$jwt = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header));
return ($accessToken === 'Bearer') ? '' : $accessToken;
try {
// Attempt to parse and validate the JWT
$token = (new Parser())->parse($jwt);
if ($token->verify(new Sha256(), $this->pathToPublicKey) === false) {
return $request;
}
// Check if token has been revoked
if ($this->accessTokenRepository->isAccessTokenRevoked($token->getClaim('jwt'))) {
return $request;
}
// Return the request with additional attributes
return $request->withAttribute('oauth_access_token', $token->getClaim('jti'))
->withAttribute('oauth_client_id', $token->getClaim('aud'))
->withAttribute('oauth_user_id', $token->getClaim('sub'))
->withAttribute('oauth_scopes', $token->getClaim('scopes'));
} catch (\InvalidArgumentException $e) {
// JWT couldn't be parsed so return the request as is
return $request;
}
}
}