add create token by user object

xtwoend · xtwoend · commit 38b4cdac9da5 · 2021-03-15T12:14:47.000+07:00
diff --git a/src/AuthorizationServerFactory.php b/src/AuthorizationServerFactory.php
@@ -3,6 +3,7 @@
 namespace OAuthServer;
 
 use OAuthServer\Grant\OtpGrant;
+use OAuthServer\Grant\UserGrant;
 use Hyperf\Contract\ConfigInterface;
 use Psr\Container\ContainerInterface;
 use OAuthServer\OneTimePasswordInterface;
@@ -62,6 +63,11 @@ public function __invoke()
                 $tokenExpiresIn
             );
 
+            $server->enableGrantType(
+                $this->makeUserGrant(),
+                $tokenExpiresIn
+            );
+
             return $server;
         });
     }
@@ -120,4 +126,14 @@ public function makeOtpGrant()
             $grant->setRefreshTokenTTL(new \DateInterval('P1M'));
         });
     }
+
+    public function makeUserGrant()
+    {
+        $userRepository = make(UserRepository::class);
+        $refreshTokenRepository = make(RefreshTokenRepository::class);
+
+        return tap(new UserGrant($userRepository, $refreshTokenRepository), function ($grant) {
+            $grant->setRefreshTokenTTL(new \DateInterval('P1M'));
+        });
+    }
 }
diff --git a/src/ConfigProvider.php b/src/ConfigProvider.php
@@ -26,6 +26,9 @@ public function __invoke(): array
                 ScopeRepository::class => ScopeRepository::class,
                 UserRepository::class => UserRepository::class,
                 TokenRepository::class => TokenRepository::class,
+
+                // Token By User
+                Token::class => Token::class
             ],
             'listeners' => [
                 //
diff --git a/src/Grant/UserGrant.php b/src/Grant/UserGrant.php
@@ -0,0 +1,103 @@
+<?php
+
+namespace OAuthServer\Grant;
+
+use DateInterval;
+use OAuthServer\Entities\UserEntity;
+use League\OAuth2\Server\RequestEvent;
+use OAuthServer\OneTimePasswordInterface;
+use Psr\Http\Message\ServerRequestInterface;
+use League\OAuth2\Server\Grant\AbstractGrant;
+use League\OAuth2\Server\Entities\UserEntityInterface;
+use League\OAuth2\Server\Entities\ClientEntityInterface;
+use League\OAuth2\Server\Exception\OAuthServerException;
+use League\OAuth2\Server\ResponseTypes\ResponseTypeInterface;
+use League\OAuth2\Server\Repositories\UserRepositoryInterface;
+use League\OAuth2\Server\Repositories\RefreshTokenRepositoryInterface;
+
+/**
+ * User grant class.
+ */
+class UserGrant extends AbstractGrant
+{
+    /**
+     * @param UserRepositoryInterface         $userRepository
+     * @param RefreshTokenRepositoryInterface $refreshTokenRepository
+     * @param OneTimePasswordInterface $otp
+     */
+    public function __construct(
+        UserRepositoryInterface $userRepository,
+        RefreshTokenRepositoryInterface $refreshTokenRepository
+    ) {
+        $this->setUserRepository($userRepository);
+        $this->setRefreshTokenRepository($refreshTokenRepository);
+
+        $this->refreshTokenTTL = new DateInterval('P1M');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function respondToAccessTokenRequest(
+        ServerRequestInterface $request,
+        ResponseTypeInterface $responseType,
+        DateInterval $accessTokenTTL
+    ) {
+        // Validate request
+        $client = $this->validateClient($request);
+        $scopes = $this->validateScopes($this->getRequestParameter('scope', $request, $this->defaultScope));
+        $user = $this->validateUser($request, $client);
+
+        // Finalize the requested scopes
+        $finalizedScopes = $this->scopeRepository->finalizeScopes($scopes, $this->getIdentifier(), $client, $user->getIdentifier());
+
+        // Issue and persist new access token
+        $accessToken = $this->issueAccessToken($accessTokenTTL, $client, $user->getIdentifier(), $finalizedScopes);
+        $this->getEmitter()->emit(new RequestEvent(RequestEvent::ACCESS_TOKEN_ISSUED, $request));
+        $responseType->setAccessToken($accessToken);
+
+        // Issue and persist new refresh token if given
+        $refreshToken = $this->issueRefreshToken($accessToken);
+
+        if ($refreshToken !== null) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::REFRESH_TOKEN_ISSUED, $request));
+            $responseType->setRefreshToken($refreshToken);
+        }
+
+        return $responseType;
+    }
+
+    /**
+     * Undocumented function
+     *
+     * @param ServerRequestInterface $request
+     * @param ClientEntityInterface $client
+     * @return void
+     */
+    protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client)
+    {
+        $user = $request->getAttribute('user');
+
+        if(\is_null($user)) {
+            throw OAuthServerException::invalidRequest('user not register');
+        }
+
+        $user = new UserEntity($user->id);
+
+        if ($user instanceof UserEntityInterface === false) {
+            $this->getEmitter()->emit(new RequestEvent(RequestEvent::USER_AUTHENTICATION_FAILED, $request));
+
+            throw OAuthServerException::invalidGrant();
+        }
+
+        return $user;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getIdentifier()
+    {
+        return 'user';
+    }
+}
diff --git a/src/Repositories/UserRepository.php b/src/Repositories/UserRepository.php
@@ -90,7 +90,9 @@ public function getUserByProviderUserId($id, $client)
 
         $query = Db::connection($provider);
         $user = $query->table('users')->find($id);
+        
         unset($user->password);
-        return $user;
+
+        return new UserEntity($user->id);
     }
 }
diff --git a/src/Token.php b/src/Token.php
@@ -0,0 +1,52 @@
+<?php
+
+namespace OAuthServer;
+
+use Psr\Http\Message\ServerRequestInterface;
+use League\OAuth2\Server\AuthorizationServer;
+use Hyperf\HttpServer\Contract\ResponseInterface;
+use OAuthServer\Exception\AuthenticationException;
+use League\OAuth2\Server\Exception\OAuthServerException;
+
+
+class Token
+{
+    protected $request;
+    protected $response;
+    protected $server;
+
+    public function __construct(
+        ServerRequestInterface $request,
+        ResponseInterface $response,
+        AuthorizationServer $server
+    ) {
+        $this->request = $request;
+        $this->response = $response;
+        $this->server = $server;
+    }
+
+    public function byUser($user, $client, array $scopes = [])
+    {
+        $request = $this->request->withParsedBody([
+            'grant_type'    => 'user',
+            'client_id'     => $client->id,
+            'client_secret' => $client->secret,
+            'scope'         => implode(' ', $scopes)
+        ]);
+
+        $request = $request->withAttribute('user', $user);
+
+        return $this->issueToken($request, $this->response);
+    }
+
+    public function issueToken(ServerRequestInterface $request, ResponseInterface $response)
+    {
+        try {
+            return $this->server->respondToAccessTokenRequest($request, $response);
+        } catch (OAuthServerException $e) {
+            return $e->generateHttpResponse($response);
+        } catch (\Exception $e) {
+            throw new AuthenticationException("Unauthorize: {$e->getMessage()}");
+        }
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,9 @@ public function getUserByProviderUserId($id, $client)`
`90`	`90`
`91`	`91`	`$query = Db::connection($provider);`
`92`	`92`	`$user = $query->table('users')->find($id);`
	`93`	`+`
`93`	`94`	`unset($user->password);`
`94`		`- return $user;`
	`95`	`+`
	`96`	`+ return new UserEntity($user->id);`
`95`	`97`	`}`
`96`	`98`	`}`