Differential D3337 Diff 9682 src/app/Http/Controllers/API/AuthController.php

Changeset View

Standalone View

src/app/Http/Controllers/API/AuthController.php

Show All 14 Lines	class AuthController extends Controller
/**		/**
* Get the authenticated User		* Get the authenticated User
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
*/		*/
public function info()		public function info()
{		{
$user = Auth::guard()->user();		$user = Auth::guard()->user();
$response = V4\UsersController::userResponse($user);

if (!empty(request()->input('refresh'))) {		if (!empty(request()->input('refresh'))) {
return $this->refreshAndRespond(request(), $response);		return $this->refreshAndRespond(request(), $user);
}		}

		$response = V4\UsersController::userResponse($user);

return response()->json($response);		return response()->json($response);
}		}

/**		/**
* Helper method for other controllers with user auto-logon		* Helper method for other controllers with user auto-logon
* functionality		* functionality
*		*
* @param \App\User $user User model object		* @param \App\User $user User model object
Show All 9 Lines	public static function logonResponse(User $user, string $password, string $secondFactor = null)
'client_id' => \config('auth.proxy.client_id'),		'client_id' => \config('auth.proxy.client_id'),
'client_secret' => \config('auth.proxy.client_secret'),		'client_secret' => \config('auth.proxy.client_secret'),
'scopes' => '[*]',		'scopes' => '[*]',
'secondfactor' => $secondFactor		'secondfactor' => $secondFactor
]);		]);

$tokenResponse = app()->handle($proxyRequest);		$tokenResponse = app()->handle($proxyRequest);

$response = V4\UsersController::userResponse($user);		return self::respondWithToken($tokenResponse, $user);
$response['status'] = 'success';

return self::respondWithToken($tokenResponse, $response);
}		}

/**		/**
* Get an oauth token via given credentials.		* Get an oauth token via given credentials.
*		*
* @param \Illuminate\Http\Request $request The API request.		* @param \Illuminate\Http\Request $request The API request.
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
Show All 33 Lines	public function logout()
$tokenRepository = app(TokenRepository::class);		$tokenRepository = app(TokenRepository::class);
$refreshTokenRepository = app(RefreshTokenRepository::class);		$refreshTokenRepository = app(RefreshTokenRepository::class);

// Revoke an access token...		// Revoke an access token...
$tokenRepository->revokeAccessToken($tokenId);		$tokenRepository->revokeAccessToken($tokenId);

// Revoke all of the token's refresh tokens...		// Revoke all of the token's refresh tokens...
$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId);		$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId);

return response()->json([		return response()->json([
'status' => 'success',		'status' => 'success',
'message' => \trans('auth.logoutsuccess')		'message' => \trans('auth.logoutsuccess')
]);		]);
}		}

/**		/**
* Refresh a token.		* Refresh a token.
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
*/		*/
public function refresh(Request $request)		public function refresh(Request $request)
{		{
return self::refreshAndRespond($request);		return self::refreshAndRespond($request);
}		}

/**		/**
* Refresh the token and respond with it.		* Refresh the token and respond with it.
*		*
* @param \Illuminate\Http\Request $request The API request.		* @param \Illuminate\Http\Request $request The API request.
* @param array $response Additional response data		* @param ?\App\User $user The user being authenticated
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
*/		*/
protected static function refreshAndRespond(Request $request, array $response = [])		protected static function refreshAndRespond(Request $request, $user = null)
{		{
$proxyRequest = Request::create('/oauth/token', 'POST', [		$proxyRequest = Request::create('/oauth/token', 'POST', [
'grant_type' => 'refresh_token',		'grant_type' => 'refresh_token',
'refresh_token' => $request->refresh_token,		'refresh_token' => $request->refresh_token,
'client_id' => \config('auth.proxy.client_id'),		'client_id' => \config('auth.proxy.client_id'),
'client_secret' => \config('auth.proxy.client_secret'),		'client_secret' => \config('auth.proxy.client_secret'),
]);		]);

$tokenResponse = app()->handle($proxyRequest);		$tokenResponse = app()->handle($proxyRequest);

return self::respondWithToken($tokenResponse, $response);		return self::respondWithToken($tokenResponse, $user);
}		}

/**		/**
* Get the token array structure.		* Get the token array structure.
*		*
* @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token.		* @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token.
* @param array $response Additional response data		* @param ?\App\User $user The user being authenticated
*		*
* @return \Illuminate\Http\JsonResponse		* @return \Illuminate\Http\JsonResponse
*/		*/
protected static function respondWithToken($tokenResponse, array $response = [])		protected static function respondWithToken($tokenResponse, $user = null)
{		{
$data = json_decode($tokenResponse->getContent());		$data = json_decode($tokenResponse->getContent());

if ($tokenResponse->getStatusCode() != 200) {		if ($tokenResponse->getStatusCode() != 200) {
if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) {		if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) {
$errors = ['secondfactor' => $data->error_description];		$errors = ['secondfactor' => $data->error_description];
return response()->json(['status' => 'error', 'errors' => $errors], 422);		return response()->json(['status' => 'error', 'errors' => $errors], 422);
}		}

return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401);		return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401);
}		}

		if ($user) {
		$response = V4\UsersController::userResponse($user);
		} else {
		$response = [];
		}

		$response['status'] = 'success';
		mollekopfUnsubmitted Not Done Inline Actions If the idea is that we don't call userResponse if the $user == null in a failed login case, should we then not also not set the status to 'success' ? I could be on the wrong track because I don't really recall how exactly this is being called in the first place. mollekopf: If the idea is that we don't call userResponse if the $user == null in a failed login case…
		machniakAuthorUnsubmitted Done Inline Actions This might be hard to see as it ended up being quite a refactoring. We had one instance where we called userResponse() before respondWithToken(). If you consider respondWithToken() could "respond" with an error (on auth failure) the heavy userResponse() call was redundant. Now we do this only on a successful response. machniak: This might be hard to see as it ended up being quite a refactoring. We had one instance where…
$response['access_token'] = $data->access_token;		$response['access_token'] = $data->access_token;
$response['refresh_token'] = $data->refresh_token;		$response['refresh_token'] = $data->refresh_token;
$response['token_type'] = 'bearer';		$response['token_type'] = 'bearer';
$response['expires_in'] = $data->expires_in;		$response['expires_in'] = $data->expires_in;

return response()->json($response);		return response()->json($response);
}		}
}		}