Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/AuthController.php
Show All 14 Lines | class AuthController extends Controller | ||||
/** | /** | ||||
* Get the authenticated User | * Get the authenticated User | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function info() | public function info() | ||||
{ | { | ||||
$user = Auth::guard()->user(); | $user = Auth::guard()->user(); | ||||
$response = V4\UsersController::userResponse($user); | |||||
if (!empty(request()->input('refresh'))) { | if (!empty(request()->input('refresh'))) { | ||||
return $this->refreshAndRespond(request(), $response); | return $this->refreshAndRespond(request(), $user); | ||||
} | } | ||||
$response = V4\UsersController::userResponse($user); | |||||
return response()->json($response); | return response()->json($response); | ||||
} | } | ||||
/** | /** | ||||
* Helper method for other controllers with user auto-logon | * Helper method for other controllers with user auto-logon | ||||
* functionality | * functionality | ||||
* | * | ||||
* @param \App\User $user User model object | * @param \App\User $user User model object | ||||
Show All 9 Lines | public static function logonResponse(User $user, string $password, string $secondFactor = null) | ||||
'client_id' => \config('auth.proxy.client_id'), | 'client_id' => \config('auth.proxy.client_id'), | ||||
'client_secret' => \config('auth.proxy.client_secret'), | 'client_secret' => \config('auth.proxy.client_secret'), | ||||
'scopes' => '[*]', | 'scopes' => '[*]', | ||||
'secondfactor' => $secondFactor | 'secondfactor' => $secondFactor | ||||
]); | ]); | ||||
$tokenResponse = app()->handle($proxyRequest); | $tokenResponse = app()->handle($proxyRequest); | ||||
$response = V4\UsersController::userResponse($user); | return self::respondWithToken($tokenResponse, $user); | ||||
$response['status'] = 'success'; | |||||
return self::respondWithToken($tokenResponse, $response); | |||||
} | } | ||||
/** | /** | ||||
* Get an oauth token via given credentials. | * Get an oauth token via given credentials. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
Show All 33 Lines | public function logout() | ||||
$tokenRepository = app(TokenRepository::class); | $tokenRepository = app(TokenRepository::class); | ||||
$refreshTokenRepository = app(RefreshTokenRepository::class); | $refreshTokenRepository = app(RefreshTokenRepository::class); | ||||
// Revoke an access token... | // Revoke an access token... | ||||
$tokenRepository->revokeAccessToken($tokenId); | $tokenRepository->revokeAccessToken($tokenId); | ||||
// Revoke all of the token's refresh tokens... | // Revoke all of the token's refresh tokens... | ||||
$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId); | $refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId); | ||||
return response()->json([ | return response()->json([ | ||||
'status' => 'success', | 'status' => 'success', | ||||
'message' => \trans('auth.logoutsuccess') | 'message' => \trans('auth.logoutsuccess') | ||||
]); | ]); | ||||
} | } | ||||
/** | /** | ||||
* Refresh a token. | * Refresh a token. | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
public function refresh(Request $request) | public function refresh(Request $request) | ||||
{ | { | ||||
return self::refreshAndRespond($request); | return self::refreshAndRespond($request); | ||||
} | } | ||||
/** | /** | ||||
* Refresh the token and respond with it. | * Refresh the token and respond with it. | ||||
* | * | ||||
* @param \Illuminate\Http\Request $request The API request. | * @param \Illuminate\Http\Request $request The API request. | ||||
* @param array $response Additional response data | * @param ?\App\User $user The user being authenticated | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
protected static function refreshAndRespond(Request $request, array $response = []) | protected static function refreshAndRespond(Request $request, $user = null) | ||||
{ | { | ||||
$proxyRequest = Request::create('/oauth/token', 'POST', [ | $proxyRequest = Request::create('/oauth/token', 'POST', [ | ||||
'grant_type' => 'refresh_token', | 'grant_type' => 'refresh_token', | ||||
'refresh_token' => $request->refresh_token, | 'refresh_token' => $request->refresh_token, | ||||
'client_id' => \config('auth.proxy.client_id'), | 'client_id' => \config('auth.proxy.client_id'), | ||||
'client_secret' => \config('auth.proxy.client_secret'), | 'client_secret' => \config('auth.proxy.client_secret'), | ||||
]); | ]); | ||||
$tokenResponse = app()->handle($proxyRequest); | $tokenResponse = app()->handle($proxyRequest); | ||||
return self::respondWithToken($tokenResponse, $response); | return self::respondWithToken($tokenResponse, $user); | ||||
} | } | ||||
/** | /** | ||||
* Get the token array structure. | * Get the token array structure. | ||||
* | * | ||||
* @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token. | * @param \Illuminate\Http\JsonResponse $tokenResponse The response containing the token. | ||||
* @param array $response Additional response data | * @param ?\App\User $user The user being authenticated | ||||
* | * | ||||
* @return \Illuminate\Http\JsonResponse | * @return \Illuminate\Http\JsonResponse | ||||
*/ | */ | ||||
protected static function respondWithToken($tokenResponse, array $response = []) | protected static function respondWithToken($tokenResponse, $user = null) | ||||
{ | { | ||||
$data = json_decode($tokenResponse->getContent()); | $data = json_decode($tokenResponse->getContent()); | ||||
if ($tokenResponse->getStatusCode() != 200) { | if ($tokenResponse->getStatusCode() != 200) { | ||||
if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) { | if (isset($data->error) && $data->error == 'secondfactor' && isset($data->error_description)) { | ||||
$errors = ['secondfactor' => $data->error_description]; | $errors = ['secondfactor' => $data->error_description]; | ||||
return response()->json(['status' => 'error', 'errors' => $errors], 422); | return response()->json(['status' => 'error', 'errors' => $errors], 422); | ||||
} | } | ||||
return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401); | return response()->json(['status' => 'error', 'message' => \trans('auth.failed')], 401); | ||||
} | } | ||||
if ($user) { | |||||
$response = V4\UsersController::userResponse($user); | |||||
} else { | |||||
$response = []; | |||||
} | |||||
$response['status'] = 'success'; | |||||
mollekopf: If the idea is that we don't call userResponse if the $user == null in a failed login case… | |||||
Done Inline ActionsThis might be hard to see as it ended up being quite a refactoring. We had one instance where we called userResponse() before respondWithToken(). If you consider respondWithToken() could "respond" with an error (on auth failure) the heavy userResponse() call was redundant. Now we do this only on a successful response. machniak: This might be hard to see as it ended up being quite a refactoring. We had one instance where… | |||||
$response['access_token'] = $data->access_token; | $response['access_token'] = $data->access_token; | ||||
$response['refresh_token'] = $data->refresh_token; | $response['refresh_token'] = $data->refresh_token; | ||||
$response['token_type'] = 'bearer'; | $response['token_type'] = 'bearer'; | ||||
$response['expires_in'] = $data->expires_in; | $response['expires_in'] = $data->expires_in; | ||||
return response()->json($response); | return response()->json($response); | ||||
} | } | ||||
} | } |
If the idea is that we don't call userResponse if the $user == null in a failed login case, should we then not also not set the status to 'success' ?
I could be on the wrong track because I don't really recall how exactly this is being called in the first place.