Compare commits

..

2 Commits

Author SHA1 Message Date
c9a06e5ada
Merge pull request 'add aud to jwt' (!15) from feature/add-oauth-audience into master
All checks were successful
rvr-nextgen/pipeline/head This commit looks good
Reviewed-on: #15
2023-04-12 00:44:52 +02:00
97780eb079
add aud to jwt
All checks were successful
rvr-nextgen/pipeline/pr-master This commit looks good
2023-04-12 00:41:20 +02:00
4 changed files with 19 additions and 2 deletions

View File

@ -0,0 +1,2 @@
ALTER TABLE `oauth_tokens`
ADD `audience` varchar(255) NOT NULL DEFAULT '';

View File

@ -49,7 +49,8 @@ class OAuthAuthController implements ISecured
} }
$redirectUriParsed = parse_url($redirectUri); $redirectUriParsed = parse_url($redirectUri);
$redirectUriBase = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'] . $redirectUriParsed['path']; $redirectUriHost = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'];
$redirectUriBase = $redirectUriHost . $redirectUriParsed['path'];
$redirectUriQuery = []; $redirectUriQuery = [];
if (isset($redirectUriParsed['query'])) { if (isset($redirectUriParsed['query'])) {
parse_str($redirectUriParsed['query'], $redirectUriQuery); parse_str($redirectUriParsed['query'], $redirectUriQuery);
@ -72,6 +73,7 @@ class OAuthAuthController implements ISecured
$token->setUser($user); $token->setUser($user);
$token->setCode($code); $token->setCode($code);
$token->setAccessToken($accessToken); $token->setAccessToken($accessToken);
$token->setAudience($redirectUriHost);
$token->setCreatedDate(new DateTime()); $token->setCreatedDate(new DateTime());
$token->setExpiresDate(new DateTime('+5 minutes')); $token->setExpiresDate(new DateTime('+5 minutes'));
$this->pdm->saveToDb($token); $this->pdm->saveToDb($token);

View File

@ -59,6 +59,7 @@ class OAuthController
'iat' => (int)$token->getCreatedDate()->getTimestamp(), 'iat' => (int)$token->getCreatedDate()->getTimestamp(),
'nbf' => (int)$token->getCreatedDate()->getTimestamp(), 'nbf' => (int)$token->getCreatedDate()->getTimestamp(),
'exp' => (int)$token->getExpiresDate()->getTimestamp(), 'exp' => (int)$token->getExpiresDate()->getTimestamp(),
'aud' => $token->getAudience(),
'nonce' => $token->getNonce() 'nonce' => $token->getNonce()
], $this->getUserInfoInternal( ], $this->getUserInfoInternal(
$this->userRepository->getById($token->getUserId()), $this->userRepository->getById($token->getUserId()),

View File

@ -7,7 +7,7 @@ class OAuthToken extends Model
{ {
protected static string $table = 'oauth_tokens'; protected static string $table = 'oauth_tokens';
protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'created', 'expires']; protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'audience', 'created', 'expires'];
protected static array $relations = ['user' => User::class]; protected static array $relations = ['user' => User::class];
@ -25,6 +25,8 @@ class OAuthToken extends Model
private string $accessToken = ''; private string $accessToken = '';
private string $audience = '';
private DateTime $created; private DateTime $created;
private DateTime $expires; private DateTime $expires;
@ -64,6 +66,11 @@ class OAuthToken extends Model
$this->accessToken = $accessToken; $this->accessToken = $accessToken;
} }
public function setAudience(string $audience): void
{
$this->audience = $audience;
}
public function setCreatedDate(DateTime $created): void public function setCreatedDate(DateTime $created): void
{ {
$this->created = $created; $this->created = $created;
@ -119,6 +126,11 @@ class OAuthToken extends Model
return $this->accessToken; return $this->accessToken;
} }
public function getAudience(): string
{
return $this->audience;
}
public function getCreatedDate(): DateTime public function getCreatedDate(): DateTime
{ {
return $this->created; return $this->created;