From b20282266211a0a19b0294d3459b5fd268807a6c Mon Sep 17 00:00:00 2001 From: Hafez Divandari Date: Mon, 16 Jan 2023 18:22:08 +0330 Subject: [PATCH] Get authenticated user from the guard (#1617) --- src/Http/Controllers/AuthorizationController.php | 8 ++++---- src/TokenRepository.php | 4 ++-- tests/Unit/AuthorizationControllerTest.php | 10 +++++----- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/Http/Controllers/AuthorizationController.php b/src/Http/Controllers/AuthorizationController.php index 597a5c103..afaa9e2fd 100644 --- a/src/Http/Controllers/AuthorizationController.php +++ b/src/Http/Controllers/AuthorizationController.php @@ -94,7 +94,7 @@ public function authorize(ServerRequestInterface $psrRequest, $request->session()->forget('promptedForLogin'); $scopes = $this->parseScopes($authRequest); - $user = $request->user(); + $user = $this->guard->user(); $client = $clients->find($authRequest->getClient()->getIdentifier()); if ($request->get('prompt') !== 'consent' && @@ -137,7 +137,7 @@ protected function parseScopes($authRequest) * Determine if a valid token exists for the given user, client, and scopes. * * @param \Laravel\Passport\TokenRepository $tokens - * @param \Illuminate\Database\Eloquent\Model $user + * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param \Laravel\Passport\Client $client * @param array $scopes * @return bool @@ -153,7 +153,7 @@ protected function hasValidToken($tokens, $user, $client, $scopes) * Approve the authorization request. * * @param \League\OAuth2\Server\RequestTypes\AuthorizationRequest $authRequest - * @param \Illuminate\Database\Eloquent\Model $user + * @param \Illuminate\Contracts\Auth\Authenticatable $user * @return \Illuminate\Http\Response */ protected function approveRequest($authRequest, $user) @@ -173,7 +173,7 @@ protected function approveRequest($authRequest, $user) * Deny the authorization request. * * @param \League\OAuth2\Server\RequestTypes\AuthorizationRequest $authRequest - * @param \Illuminate\Database\Eloquent\Model|null $user + * @param \Illuminate\Contracts\Auth\Authenticatable|null $user * @return \Illuminate\Http\Response */ protected function denyRequest($authRequest, $user = null) diff --git a/src/TokenRepository.php b/src/TokenRepository.php index 8f992b37c..b68f339b8 100644 --- a/src/TokenRepository.php +++ b/src/TokenRepository.php @@ -54,7 +54,7 @@ public function forUser($userId) /** * Get a valid token instance for the given user and client. * - * @param \Illuminate\Database\Eloquent\Model $user + * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param \Laravel\Passport\Client $client * @return \Laravel\Passport\Token|null */ @@ -107,7 +107,7 @@ public function isAccessTokenRevoked($id) /** * Find a valid token for the given user and client. * - * @param \Illuminate\Database\Eloquent\Model $user + * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param \Laravel\Passport\Client $client * @return \Laravel\Passport\Token|null */ diff --git a/tests/Unit/AuthorizationControllerTest.php b/tests/Unit/AuthorizationControllerTest.php index f9d0d825e..03f581913 100644 --- a/tests/Unit/AuthorizationControllerTest.php +++ b/tests/Unit/AuthorizationControllerTest.php @@ -42,6 +42,7 @@ public function test_authorization_view_is_presented() $controller = new AuthorizationController($server, $response, $guard); $guard->shouldReceive('guest')->andReturn(false); + $guard->shouldReceive('user')->andReturn($user = m::mock()); $server->shouldReceive('validateAuthorizationRequest')->andReturn($authRequest = m::mock()); $request = m::mock(Request::class); @@ -49,7 +50,6 @@ public function test_authorization_view_is_presented() $session->shouldReceive('put')->withSomeOfArgs('authToken'); $session->shouldReceive('put')->with('authRequest', $authRequest); $session->shouldReceive('forget')->with('promptedForLogin')->once(); - $request->shouldReceive('user')->andReturn($user = m::mock()); $request->shouldReceive('get')->with('prompt')->andReturn(null); $authRequest->shouldReceive('getClient->getIdentifier')->andReturn(1); @@ -114,6 +114,7 @@ public function test_request_is_approved_if_valid_token_exists() $controller = new AuthorizationController($server, $response, $guard); $guard->shouldReceive('guest')->andReturn(false); + $guard->shouldReceive('user')->andReturn($user = m::mock()); $psrResponse = new Response(); $psrResponse->getBody()->write('approved'); $server->shouldReceive('validateAuthorizationRequest') @@ -125,7 +126,6 @@ public function test_request_is_approved_if_valid_token_exists() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('forget')->with('promptedForLogin')->once(); - $request->shouldReceive('user')->once()->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldNotReceive('session'); $request->shouldReceive('get')->with('prompt')->andReturn(null); @@ -164,6 +164,7 @@ public function test_request_is_approved_if_client_can_skip_authorization() $controller = new AuthorizationController($server, $response, $guard); $guard->shouldReceive('guest')->andReturn(false); + $guard->shouldReceive('user')->andReturn($user = m::mock()); $psrResponse = new Response(); $psrResponse->getBody()->write('approved'); $server->shouldReceive('validateAuthorizationRequest') @@ -175,7 +176,6 @@ public function test_request_is_approved_if_client_can_skip_authorization() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('forget')->with('promptedForLogin')->once(); - $request->shouldReceive('user')->once()->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldNotReceive('session'); $request->shouldReceive('get')->with('prompt')->andReturn(null); @@ -213,6 +213,7 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal $controller = new AuthorizationController($server, $response, $guard); $guard->shouldReceive('guest')->andReturn(false); + $guard->shouldReceive('user')->andReturn($user = m::mock()); $server->shouldReceive('validateAuthorizationRequest') ->andReturn($authRequest = m::mock(AuthorizationRequest::class)); @@ -221,7 +222,6 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal $session->shouldReceive('put')->withSomeOfArgs('authToken'); $session->shouldReceive('put')->with('authRequest', $authRequest); $session->shouldReceive('forget')->with('promptedForLogin')->once(); - $request->shouldReceive('user')->andReturn($user = m::mock()); $request->shouldReceive('get')->with('prompt')->andReturn('consent'); $authRequest->shouldReceive('getClient->getIdentifier')->once()->andReturn(1); @@ -263,6 +263,7 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none() $controller = new AuthorizationController($server, $response, $guard); $guard->shouldReceive('guest')->andReturn(false); + $guard->shouldReceive('user')->andReturn($user = m::mock()); $server->shouldReceive('validateAuthorizationRequest') ->andReturn($authRequest = m::mock(AuthorizationRequest::class)); $server->shouldReceive('completeAuthorizationRequest') @@ -273,7 +274,6 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('forget')->with('promptedForLogin')->once(); - $request->shouldReceive('user')->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldReceive('get')->with('prompt')->andReturn('none');