Skip to content

Commit 1d90eca

Browse files
gdebrauwergdebrauwer
committed
Update 'check client credentials (for any scopes)' middlewares
Use 'oauth_scopes' and 'oauth_client_id' attributes in psr request
1 parent 18178ac commit 1d90eca

File tree

2 files changed

+18
-18
lines changed

2 files changed

+18
-18
lines changed

src/Http/Middleware/CheckClientCredentials.php

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
use Closure;
66
use Illuminate\Auth\AuthenticationException;
77
use Laravel\Passport\Exceptions\MissingScopeException;
8-
use Laravel\Passport\TokenRepository;
8+
use Laravel\Passport\ClientRepository;
99
use League\OAuth2\Server\Exception\OAuthServerException;
1010
use League\OAuth2\Server\ResourceServer;
1111
use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
@@ -24,20 +24,20 @@ class CheckClientCredentials
2424
protected $server;
2525

2626
/**
27-
* Token Repository.
27+
* Client Repository.
2828
*
29-
* @var \Laravel\Passport\TokenRepository
29+
* @var \Laravel\Passport\ClientRepository
3030
*/
3131
protected $repository;
3232

3333
/**
3434
* Create a new middleware instance.
3535
*
3636
* @param \League\OAuth2\Server\ResourceServer $server
37-
* @param \Laravel\Passport\TokenRepository $repository
37+
* @param \Laravel\Passport\ClientRepository $repository
3838
* @return void
3939
*/
40-
public function __construct(ResourceServer $server, TokenRepository $repository)
40+
public function __construct(ResourceServer $server, ClientRepository $repository)
4141
{
4242
$this->server = $server;
4343
$this->repository = $repository;
@@ -82,18 +82,18 @@ public function handle($request, Closure $next, ...$scopes)
8282
*/
8383
protected function validate($psr, $scopes)
8484
{
85-
$token = $this->repository->find($psr->getAttribute('oauth_access_token_id'));
85+
$client = $this->repository->find($psr->getAttribute('oauth_client_id'));
8686

87-
if (! $token || $token->client->firstParty()) {
87+
if (! $client || $client->firstParty()) {
8888
throw new AuthenticationException;
8989
}
9090

91-
if (in_array('*', $token->scopes)) {
91+
if (in_array('*', $tokenScopes = $psr->getAttribute('oauth_scopes'))) {
9292
return;
9393
}
9494

9595
foreach ($scopes as $scope) {
96-
if ($token->cant($scope)) {
96+
if (! in_array($scope, $tokenScopes)) {
9797
throw new MissingScopeException($scope);
9898
}
9999
}

src/Http/Middleware/CheckClientCredentialsForAnyScope.php

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
use Closure;
66
use Illuminate\Auth\AuthenticationException;
77
use Laravel\Passport\Exceptions\MissingScopeException;
8-
use Laravel\Passport\TokenRepository;
8+
use Laravel\Passport\ClientRepository;
99
use League\OAuth2\Server\Exception\OAuthServerException;
1010
use League\OAuth2\Server\ResourceServer;
1111
use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
@@ -24,20 +24,20 @@ class CheckClientCredentialsForAnyScope
2424
protected $server;
2525

2626
/**
27-
* Token Repository.
27+
* Client Repository.
2828
*
29-
* @var \Laravel\Passport\TokenRepository
29+
* @var \Laravel\Passport\ClientRepository
3030
*/
3131
protected $repository;
3232

3333
/**
3434
* Create a new middleware instance.
3535
*
3636
* @param \League\OAuth2\Server\ResourceServer $server
37-
* @param \Laravel\Passport\TokenRepository $repository
37+
* @param \Laravel\Passport\ClientRepository $repository
3838
* @return void
3939
*/
40-
public function __construct(ResourceServer $server, TokenRepository $repository)
40+
public function __construct(ResourceServer $server, ClientRepository $repository)
4141
{
4242
$this->server = $server;
4343
$this->repository = $repository;
@@ -84,18 +84,18 @@ public function handle($request, Closure $next, ...$scopes)
8484
*/
8585
protected function validate($psr, $scopes)
8686
{
87-
$token = $this->repository->find($psr->getAttribute('oauth_access_token_id'));
87+
$client = $this->repository->find($psr->getAttribute('oauth_client_id'));
8888

89-
if (! $token || $token->client->firstParty()) {
89+
if (! $client || $client->firstParty()) {
9090
throw new AuthenticationException;
9191
}
9292

93-
if (in_array('*', $token->scopes)) {
93+
if (in_array('*', $tokenScopes = $psr->getAttribute('oauth_scopes'))) {
9494
return true;
9595
}
9696

9797
foreach ($scopes as $scope) {
98-
if ($token->can($scope)) {
98+
if (in_array($scope, $tokenScopes)) {
9999
return true;
100100
}
101101
}

0 commit comments

Comments
 (0)