Skip to content

Allow configuring the JWT builder when generating a token #1328

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 11 commits into
base: master
Choose a base branch
from
Open

Allow configuring the JWT builder when generating a token #1328

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
55cd32d
allow configuring the JWT builder when generating a token
hafezdivandari Feb 20, 2023
d03456c
fix style
hafezdivandari Feb 20, 2023
14b7943
Merge branch 'thephpleague:master' into patch-2
hafezdivandari Apr 10, 2023
147b5bf
Merge branch 'thephpleague:master' into patch-2
hafezdivandari Aug 3, 2023
950080b
allow configuring the bearer token validator request
hafezdivandari Aug 3, 2023
73f835e
Merge branch 'master' into patch-2
hafezdivandari Mar 29, 2024
6b82aa7
fix styling
hafezdivandari Mar 29, 2024
3357c22
make types strict and remove doc types
hafezdivandari Mar 29, 2024
5b14253
formatting
hafezdivandari Mar 30, 2024
92fb400
better naming
hafezdivandari Oct 23, 2024
b04eea5
Merge branch 'master' into patch-2
hafezdivandari Oct 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 10 additions & 2 deletions src/AuthorizationValidators/BearerTokenValidator.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,14 @@ private function initJwtConfiguration(): void
);
}

/**
* Configure the validated authorization request instance.
*/
protected function withValidatedRequest(ServerRequestInterface $request, UnencryptedToken $token): ServerRequestInterface
{
return $request;
}

/**
* {@inheritdoc}
*/
Expand Down Expand Up @@ -126,10 +134,10 @@ public function validateAuthorization(ServerRequestInterface $request): ServerRe
}

// Return the request with additional attributes
return $request
return $this->withValidatedRequest($request
->withAttribute('oauth_access_token_id', $claims->get('jti'))
->withAttribute('oauth_client_id', $claims->get('aud')[0])
->withAttribute('oauth_user_id', $claims->get('sub'))
->withAttribute('oauth_scopes', $claims->get('scopes'));
->withAttribute('oauth_scopes', $claims->get('scopes')), $token);
}
}
13 changes: 11 additions & 2 deletions src/Entities/Traits/AccessTokenTrait.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
namespace League\OAuth2\Server\Entities\Traits;

use DateTimeImmutable;
use Lcobucci\JWT\Builder;
use Lcobucci\JWT\Configuration;
use Lcobucci\JWT\Signer\Key\InMemory;
use Lcobucci\JWT\Signer\Rsa\Sha256;
Expand Down Expand Up @@ -54,21 +55,29 @@ public function initJwtConfiguration(): void
);
}

/**
* Configure the JWT builder instance.
*/
protected function withJwtBuilder(Builder $builder): Builder
{
return $builder;
}

/**
* Generate a JWT from the access token
*/
private function convertToJWT(): Token
{
$this->initJwtConfiguration();

return $this->jwtConfiguration->builder()
return $this->withJwtBuilder($this->jwtConfiguration->builder()
->permittedFor($this->getClient()->getIdentifier())
->identifiedBy($this->getIdentifier())
->issuedAt(new DateTimeImmutable())
->canOnlyBeUsedAfter(new DateTimeImmutable())
->expiresAt($this->getExpiryDateTime())
->relatedTo($this->getSubjectIdentifier())
->withClaim('scopes', $this->getScopes())
->withClaim('scopes', $this->getScopes()))
->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
}

Expand Down