From 7832be48df76eca4cdffa1ca80bd87b054f2c7a5 Mon Sep 17 00:00:00 2001 From: Marek Kilimajer Date: Thu, 26 Apr 2018 18:36:47 +0200 Subject: [PATCH 1/2] Add method to return token data and modify validateAuthorization() to use it --- .../AuthorizationValidatorInterface.php | 8 +++++++ .../BearerTokenValidator.php | 24 +++++++++++++------ 2 files changed, 25 insertions(+), 7 deletions(-) diff --git a/src/AuthorizationValidators/AuthorizationValidatorInterface.php b/src/AuthorizationValidators/AuthorizationValidatorInterface.php index 7e49f8477..397b0346b 100644 --- a/src/AuthorizationValidators/AuthorizationValidatorInterface.php +++ b/src/AuthorizationValidators/AuthorizationValidatorInterface.php @@ -13,6 +13,14 @@ interface AuthorizationValidatorInterface { + /** + * Determine the access token in the authorization header and return Token object with configured claims + * + * @param ServerRequestInterface $request + * @return \Lcobucci\JWT\Token + */ + public function validateAuthorizationHeader(ServerRequestInterface $request); + /** * Determine the access token in the authorization header and append OAUth properties to the request * as attributes. diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php index 6f299ce46..0f540b0fa 100644 --- a/src/AuthorizationValidators/BearerTokenValidator.php +++ b/src/AuthorizationValidators/BearerTokenValidator.php @@ -53,7 +53,7 @@ public function setPublicKey(CryptKey $key) /** * {@inheritdoc} */ - public function validateAuthorization(ServerRequestInterface $request) + public function validateAuthorizationHeader(ServerRequestInterface $request) { if ($request->hasHeader('authorization') === false) { throw OAuthServerException::accessDenied('Missing "Authorization" header'); @@ -82,12 +82,8 @@ public function validateAuthorization(ServerRequestInterface $request) throw OAuthServerException::accessDenied('Access token has been revoked'); } - // Return the request with additional attributes - return $request - ->withAttribute('oauth_access_token_id', $token->getClaim('jti')) - ->withAttribute('oauth_client_id', $token->getClaim('aud')) - ->withAttribute('oauth_user_id', $token->getClaim('sub')) - ->withAttribute('oauth_scopes', $token->getClaim('scopes')); + // Return the token + return $token; } catch (\InvalidArgumentException $exception) { // JWT couldn't be parsed so return the request as is throw OAuthServerException::accessDenied($exception->getMessage()); @@ -96,4 +92,18 @@ public function validateAuthorization(ServerRequestInterface $request) throw OAuthServerException::accessDenied('Error while decoding to JSON'); } } + + /** + * {@inheritdoc} + */ + public function validateAuthorization(ServerRequestInterface $request) + { + $token = $this->validateAuthorizationHeader($request); + + return $request + ->withAttribute('oauth_access_token_id', $token->getClaim('jti')) + ->withAttribute('oauth_client_id', $token->getClaim('aud')) + ->withAttribute('oauth_user_id', $token->getClaim('sub')) + ->withAttribute('oauth_scopes', $token->getClaim('scopes')); + } } From ca71a8a11e847f3ab07f341c795bb9968ba94128 Mon Sep 17 00:00:00 2001 From: Marek Kilimajer Date: Thu, 26 Apr 2018 18:40:44 +0200 Subject: [PATCH 2/2] Fix issue? --- src/AuthorizationValidators/AuthorizationValidatorInterface.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/AuthorizationValidators/AuthorizationValidatorInterface.php b/src/AuthorizationValidators/AuthorizationValidatorInterface.php index 397b0346b..e4e441930 100644 --- a/src/AuthorizationValidators/AuthorizationValidatorInterface.php +++ b/src/AuthorizationValidators/AuthorizationValidatorInterface.php @@ -26,7 +26,6 @@ public function validateAuthorizationHeader(ServerRequestInterface $request); * as attributes. * * @param ServerRequestInterface $request - * * @return ServerRequestInterface */ public function validateAuthorization(ServerRequestInterface $request);