Merge pull request 'add aud to jwt' (!15) from feature/add-oauth-audience into master
All checks were successful
rvr-nextgen/pipeline/head This commit looks good
All checks were successful
rvr-nextgen/pipeline/head This commit looks good
Reviewed-on: #15
This commit is contained in:
commit
c9a06e5ada
@ -0,0 +1,2 @@
|
|||||||
|
ALTER TABLE `oauth_tokens`
|
||||||
|
ADD `audience` varchar(255) NOT NULL DEFAULT '';
|
@ -49,7 +49,8 @@ class OAuthAuthController implements ISecured
|
|||||||
}
|
}
|
||||||
|
|
||||||
$redirectUriParsed = parse_url($redirectUri);
|
$redirectUriParsed = parse_url($redirectUri);
|
||||||
$redirectUriBase = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'] . $redirectUriParsed['path'];
|
$redirectUriHost = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'];
|
||||||
|
$redirectUriBase = $redirectUriHost . $redirectUriParsed['path'];
|
||||||
$redirectUriQuery = [];
|
$redirectUriQuery = [];
|
||||||
if (isset($redirectUriParsed['query'])) {
|
if (isset($redirectUriParsed['query'])) {
|
||||||
parse_str($redirectUriParsed['query'], $redirectUriQuery);
|
parse_str($redirectUriParsed['query'], $redirectUriQuery);
|
||||||
@ -72,6 +73,7 @@ class OAuthAuthController implements ISecured
|
|||||||
$token->setUser($user);
|
$token->setUser($user);
|
||||||
$token->setCode($code);
|
$token->setCode($code);
|
||||||
$token->setAccessToken($accessToken);
|
$token->setAccessToken($accessToken);
|
||||||
|
$token->setAudience($redirectUriHost);
|
||||||
$token->setCreatedDate(new DateTime());
|
$token->setCreatedDate(new DateTime());
|
||||||
$token->setExpiresDate(new DateTime('+5 minutes'));
|
$token->setExpiresDate(new DateTime('+5 minutes'));
|
||||||
$this->pdm->saveToDb($token);
|
$this->pdm->saveToDb($token);
|
||||||
|
@ -59,6 +59,7 @@ class OAuthController
|
|||||||
'iat' => (int)$token->getCreatedDate()->getTimestamp(),
|
'iat' => (int)$token->getCreatedDate()->getTimestamp(),
|
||||||
'nbf' => (int)$token->getCreatedDate()->getTimestamp(),
|
'nbf' => (int)$token->getCreatedDate()->getTimestamp(),
|
||||||
'exp' => (int)$token->getExpiresDate()->getTimestamp(),
|
'exp' => (int)$token->getExpiresDate()->getTimestamp(),
|
||||||
|
'aud' => $token->getAudience(),
|
||||||
'nonce' => $token->getNonce()
|
'nonce' => $token->getNonce()
|
||||||
], $this->getUserInfoInternal(
|
], $this->getUserInfoInternal(
|
||||||
$this->userRepository->getById($token->getUserId()),
|
$this->userRepository->getById($token->getUserId()),
|
||||||
|
@ -7,7 +7,7 @@ class OAuthToken extends Model
|
|||||||
{
|
{
|
||||||
protected static string $table = 'oauth_tokens';
|
protected static string $table = 'oauth_tokens';
|
||||||
|
|
||||||
protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'created', 'expires'];
|
protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'audience', 'created', 'expires'];
|
||||||
|
|
||||||
protected static array $relations = ['user' => User::class];
|
protected static array $relations = ['user' => User::class];
|
||||||
|
|
||||||
@ -25,6 +25,8 @@ class OAuthToken extends Model
|
|||||||
|
|
||||||
private string $accessToken = '';
|
private string $accessToken = '';
|
||||||
|
|
||||||
|
private string $audience = '';
|
||||||
|
|
||||||
private DateTime $created;
|
private DateTime $created;
|
||||||
|
|
||||||
private DateTime $expires;
|
private DateTime $expires;
|
||||||
@ -64,6 +66,11 @@ class OAuthToken extends Model
|
|||||||
$this->accessToken = $accessToken;
|
$this->accessToken = $accessToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function setAudience(string $audience): void
|
||||||
|
{
|
||||||
|
$this->audience = $audience;
|
||||||
|
}
|
||||||
|
|
||||||
public function setCreatedDate(DateTime $created): void
|
public function setCreatedDate(DateTime $created): void
|
||||||
{
|
{
|
||||||
$this->created = $created;
|
$this->created = $created;
|
||||||
@ -119,6 +126,11 @@ class OAuthToken extends Model
|
|||||||
return $this->accessToken;
|
return $this->accessToken;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function getAudience(): string
|
||||||
|
{
|
||||||
|
return $this->audience;
|
||||||
|
}
|
||||||
|
|
||||||
public function getCreatedDate(): DateTime
|
public function getCreatedDate(): DateTime
|
||||||
{
|
{
|
||||||
return $this->created;
|
return $this->created;
|
||||||
|
Loading…
Reference in New Issue
Block a user