Skip to content

Commit

Permalink
fix client credentials example
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sephster
Sephster committed Mar 25, 2024
1 parent b47472c commit 5ddd3c4
Show file tree
Hide file tree
Showing 3 changed files with 34 additions and 22 deletions.
7 changes: 6 additions & 1 deletion examples/src/Repositories/AccessTokenRepository.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,11 +49,16 @@ public function isAccessTokenRevoked($tokenId): bool
public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null): AccessTokenEntityInterface
{
$accessToken = new AccessTokenEntity();

$accessToken->setClient($clientEntity);

foreach ($scopes as $scope) {
$accessToken->addScope($scope);
}
$accessToken->setUserIdentifier($userIdentifier);

if ($userIdentifier !== null) {
$accessToken->setUserIdentifier($userIdentifier);
}

return $accessToken;
}
Expand Down
19 changes: 12 additions & 7 deletions src/Entities/Traits/AccessTokenTrait.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,12 +59,6 @@ public function initJwtConfiguration(): void
*/
private function convertToJWT(): Token
{
$userIdentifier = $this->getUserIdentifier();

if ($userIdentifier === null) {
throw new RuntimeException('JWT access tokens MUST contain a subject identifier');
}

$this->initJwtConfiguration();

return $this->jwtConfiguration->builder()
Expand All @@ -73,7 +67,7 @@ private function convertToJWT(): Token
->issuedAt(new DateTimeImmutable())
->canOnlyBeUsedAfter(new DateTimeImmutable())
->expiresAt($this->getExpiryDateTime())
->relatedTo($userIdentifier)
->relatedTo($this->getSubjectIdentifier())
->withClaim('scopes', $this->getScopes())
->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
}
Expand Down Expand Up @@ -104,4 +98,15 @@ abstract public function getScopes(): array;
* @return non-empty-string
*/
abstract public function getIdentifier(): string;

private function getSubjectIdentifier(): string
{
$subjectId = $this->getUserIdentifier() ?? $this->getClient()->getIdentifier();

if ($subjectId === null) {
throw new RuntimeException('JWT access tokens MUST contain a subject identifier');
}

return $subjectId;
}
}
30 changes: 16 additions & 14 deletions src/ResponseTypes/BearerTokenResponse.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,21 +34,23 @@ public function generateHttpResponse(ResponseInterface $response): ResponseInter
'access_token' => $this->accessToken->toString(),
];

$refreshTokenPayload = json_encode([
'client_id' => $this->accessToken->getClient()->getIdentifier(),
'refresh_token_id' => $this->refreshToken->getIdentifier(),
'access_token_id' => $this->accessToken->getIdentifier(),
'scopes' => $this->accessToken->getScopes(),
'user_id' => $this->accessToken->getUserIdentifier(),
'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
]);

if ($refreshTokenPayload === false) {
throw new LogicException('Error encountered JSON encoding the refresh token payload');
if (isset($this->refreshToken)) {
$refreshTokenPayload = json_encode([
'client_id' => $this->accessToken->getClient()->getIdentifier(),
'refresh_token_id' => $this->refreshToken->getIdentifier(),
'access_token_id' => $this->accessToken->getIdentifier(),
'scopes' => $this->accessToken->getScopes(),
'user_id' => $this->accessToken->getUserIdentifier(),
'expire_time' => $this->refreshToken->getExpiryDateTime()->getTimestamp(),
]);

if ($refreshTokenPayload === false) {
throw new LogicException('Error encountered JSON encoding the refresh token payload');
}

$responseParams['refresh_token'] = $this->encrypt($refreshTokenPayload);
}

$responseParams['refresh_token'] = $this->encrypt($refreshTokenPayload);


$responseParams = json_encode(array_merge($this->getExtraParams($this->accessToken), $responseParams));

if ($responseParams === false) {
Expand Down

0 comments on commit 5ddd3c4

Please sign in to comment.