Compare commits

...

5 Commits

Author SHA1 Message Date
4dc08dffc9
Merge pull request 'feature/fix-oauth-audience' (!16) from feature/fix-oauth-audience into master
All checks were successful
rvr-nextgen/pipeline/head This commit looks good
Reviewed-on: #16
2023-04-12 02:11:53 +02:00
87b811f716
client id can be anything
All checks were successful
rvr-nextgen/pipeline/pr-master This commit looks good
2023-04-12 02:10:33 +02:00
eb4ebb9582
send clientId as aud 2023-04-12 02:05:44 +02:00
6af7813e3d
drop audience from oauth_tokens 2023-04-12 02:04:56 +02:00
31ff9b287d
Revert "add aud to jwt"
This reverts commit 97780eb079.
2023-04-12 02:03:15 +02:00
6 changed files with 10 additions and 19 deletions

View File

@ -0,0 +1,2 @@
ALTER TABLE `oauth_tokens`
DROP `audience`;

View File

@ -0,0 +1,2 @@
ALTER TABLE `oauth_clients`
MODIFY `client_id` varchar(255) CHARACTER SET ascii COLLATE ascii_bin NOT NULL;

View File

@ -14,12 +14,13 @@ class AddOAuthClientCommand extends Command
{
$this->setName('oauth:add-client')
->setDescription('Adding of OAuth client.')
->addArgument('client-id', InputArgument::OPTIONAL, 'Client ID')
->addArgument('preapproved', InputArgument::OPTIONAL, 'Preapproved');
}
public function execute(InputInterface $input, OutputInterface $output): int
{
$clientId = bin2hex(random_bytes(8));
$clientId = $input->getArgument('client-id') ? $input->getArgument('client-id') : bin2hex(random_bytes(8));
$clientSecret = bin2hex(random_bytes(20));
$oAuthClient = new OAuthClient();
@ -27,7 +28,7 @@ class AddOAuthClientCommand extends Command
$oAuthClient->setClientSecret($clientSecret);
$oAuthClient->setCreatedDate(new DateTime());
if ($input->hasArgument('preapproved') && $input->getArgument('preapproved')) {
if ($input->getArgument('preapproved')) {
$oAuthClient->setPreapproved($input->getArgument('preapproved'));
}

View File

@ -49,8 +49,7 @@ class OAuthAuthController implements ISecured
}
$redirectUriParsed = parse_url($redirectUri);
$redirectUriHost = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'];
$redirectUriBase = $redirectUriHost . $redirectUriParsed['path'];
$redirectUriBase = $redirectUriParsed['scheme'] . '://' . $redirectUriParsed['host'] . $redirectUriParsed['path'];
$redirectUriQuery = [];
if (isset($redirectUriParsed['query'])) {
parse_str($redirectUriParsed['query'], $redirectUriQuery);
@ -73,7 +72,6 @@ class OAuthAuthController implements ISecured
$token->setUser($user);
$token->setCode($code);
$token->setAccessToken($accessToken);
$token->setAudience($redirectUriHost);
$token->setCreatedDate(new DateTime());
$token->setExpiresDate(new DateTime('+5 minutes'));
$this->pdm->saveToDb($token);

View File

@ -59,7 +59,7 @@ class OAuthController
'iat' => (int)$token->getCreatedDate()->getTimestamp(),
'nbf' => (int)$token->getCreatedDate()->getTimestamp(),
'exp' => (int)$token->getExpiresDate()->getTimestamp(),
'aud' => $token->getAudience(),
'aud' => $clientId,
'nonce' => $token->getNonce()
], $this->getUserInfoInternal(
$this->userRepository->getById($token->getUserId()),

View File

@ -7,7 +7,7 @@ class OAuthToken extends Model
{
protected static string $table = 'oauth_tokens';
protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'audience', 'created', 'expires'];
protected static array $fields = ['scope', 'nonce', 'user_id', 'code', 'access_token', 'created', 'expires'];
protected static array $relations = ['user' => User::class];
@ -25,8 +25,6 @@ class OAuthToken extends Model
private string $accessToken = '';
private string $audience = '';
private DateTime $created;
private DateTime $expires;
@ -66,11 +64,6 @@ class OAuthToken extends Model
$this->accessToken = $accessToken;
}
public function setAudience(string $audience): void
{
$this->audience = $audience;
}
public function setCreatedDate(DateTime $created): void
{
$this->created = $created;
@ -126,11 +119,6 @@ class OAuthToken extends Model
return $this->accessToken;
}
public function getAudience(): string
{
return $this->audience;
}
public function getCreatedDate(): DateTime
{
return $this->created;