diff --git a/src/Http/Controllers/IntrospectionController.php b/src/Http/Controllers/IntrospectionController.php index 678e9c5..5218fc4 100644 --- a/src/Http/Controllers/IntrospectionController.php +++ b/src/Http/Controllers/IntrospectionController.php @@ -2,6 +2,7 @@ namespace Ipunkt\Laravel\OAuthIntrospection\Http\Controllers; +use Illuminate\Contracts\Auth\UserProvider; use Illuminate\Http\JsonResponse; use Laravel\Passport\Bridge\AccessTokenRepository; use Laravel\Passport\ClientRepository; @@ -37,6 +38,16 @@ class IntrospectionController */ private $clientRepository; + /** + * @var Illuminate\Contracts\Auth\UserProvider + */ + private $userProvider; + + /** + * @var string + */ + protected $usernameProperty = 'email'; + /** * constructing IntrospectionController * @@ -44,18 +55,21 @@ class IntrospectionController * @param \League\OAuth2\Server\ResourceServer $resourceServer * @param \Laravel\Passport\Bridge\AccessTokenRepository $accessTokenRepository * @param \Laravel\Passport\ClientRepository + * @param \Illuminate\Contracts\Auth\UserProvider $userProvider */ public function __construct( Parser $jwt, ResourceServer $resourceServer, AccessTokenRepository $accessTokenRepository, - ClientRepository $clientRepository + ClientRepository $clientRepository, + UserProvider $userProvider ) { $this->jwt = $jwt; $this->resourceServer = $resourceServer; $this->accessTokenRepository = $accessTokenRepository; $this->clientRepository = $clientRepository; + $this->userProvider = $userProvider; } /** @@ -89,15 +103,17 @@ public function introspectToken(ServerRequestInterface $request) ]); } - /** @var string $userModel */ - $userModel = config('auth.providers.users.model'); - $user = (new $userModel)->findOrFail($token->getClaim('sub')); + # get user by token subject ID, from the UserProvider + $user = $this->userProvider->retrieveById($token->getClaim('sub')); + if( is_null($user) ) { + return $this->notActiveResponse(); + } return $this->jsonResponse([ 'active' => true, 'scope' => trim(implode(' ', (array)$token->getClaim('scopes', []))), 'client_id' => intval($token->getClaim('aud')), - 'username' => $user->email, + 'username' => $user->{$this->usernameProperty} ?? null, 'token_type' => 'access_token', 'exp' => intval($token->getClaim('exp')), 'iat' => intval($token->getClaim('iat')), diff --git a/src/Providers/OAuthIntrospectionServiceProvider.php b/src/Providers/OAuthIntrospectionServiceProvider.php index a2a4a26..f611c85 100644 --- a/src/Providers/OAuthIntrospectionServiceProvider.php +++ b/src/Providers/OAuthIntrospectionServiceProvider.php @@ -2,11 +2,30 @@ namespace Ipunkt\Laravel\OAuthIntrospection\Providers; +use Illuminate\Contracts\Auth\UserProvider; use Illuminate\Support\AggregateServiceProvider; +use Illuminate\Support\Facades\Auth; +use Ipunkt\Laravel\OAuthIntrospection\Http\Controllers\IntrospectionController; class OAuthIntrospectionServiceProvider extends AggregateServiceProvider { protected $providers = [ RouteProvider::class, ]; + + /** + * Register the service provider. + * + * @return void + */ + public function register() + { + parent::register(); + + $this->app->when(IntrospectionController::class) + ->needs(UserProvider::class) + ->give(function(){ + return Auth::createUserProvider(); + }); + } } \ No newline at end of file diff --git a/src/Providers/RouteProvider.php b/src/Providers/RouteProvider.php index ef4eb2c..6fa6121 100644 --- a/src/Providers/RouteProvider.php +++ b/src/Providers/RouteProvider.php @@ -8,7 +8,7 @@ class RouteProvider extends RouteServiceProvider { protected $packagePath = __DIR__ . '/../../'; - protected $routesNamespace = '\Ipunkt\Laravel\OAuthIntrospection\Http\Controllers'; + protected $routesNamespace = 'Ipunkt\Laravel\OAuthIntrospection\Http\Controllers'; protected $routesMiddleware = null;