From 30e175f3876a9838b5d5b4eafe2711221e958883 Mon Sep 17 00:00:00 2001
From: Eric Tendian <erictendian@gmail.com>
Date: Mon, 10 Sep 2018 21:06:57 -0500
Subject: [PATCH] Updating PassportServiceProvider to use a Key object for
 faster encryption/decryption, when combined with oauth2-server package patch
 from https://github.com/thephpleague/oauth2-server/pull/814

---
 src/PassportServiceProvider.php | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/src/PassportServiceProvider.php b/src/PassportServiceProvider.php
index 35eb22aab..355ffc2fe 100644
--- a/src/PassportServiceProvider.php
+++ b/src/PassportServiceProvider.php
@@ -3,6 +3,8 @@
 namespace Laravel\Passport;
 
 use DateInterval;
+use Defuse\Crypto\Key as EncryptionKey;
+use Defuse\Crypto\Encoding as EncryptionEncoding;
 use Illuminate\Auth\RequestGuard;
 use Illuminate\Auth\Events\Logout;
 use Illuminate\Support\Facades\Auth;
@@ -204,7 +206,7 @@ public function makeAuthorizationServer()
             $this->app->make(Bridge\AccessTokenRepository::class),
             $this->app->make(Bridge\ScopeRepository::class),
             $this->makeCryptKey('private'),
-            app('encrypter')->getKey()
+            $this->makeEncryptionKey(app('encrypter')->getKey())
         );
     }
 
@@ -240,6 +242,27 @@ protected function makeCryptKey($type)
         return new CryptKey($key, null, false);
     }
 
+    /**
+     * Create a Key instance for encrypting the refresh token
+     *
+     * @param string $keyBytes
+     * @return \Defuse\Crypto\Key
+     */
+    protected function makeEncryptionKey($keyBytes)
+    {
+        // First, we will encode Laravel's encryption key into a format that the Defuse\Crypto\Key class can use,
+        // so we can instantiate a new Key object. We need to do this as the Key class has a private constructor method
+        // which means we cannot directly instantiate the class based on our Laravel encryption key.
+        $encryptionKeyAscii = EncryptionEncoding::saveBytesToChecksummedAsciiSafeString(
+            EncryptionKey::KEY_CURRENT_VERSION,
+            $keyBytes
+        );
+
+        // Instantiate a Key object so we can take advantage of significantly faster encryption/decryption
+        // from https://github.com/thephpleague/oauth2-server/pull/814. The improvement is 200x-300x faster.
+        return EncryptionKey::loadFromAsciiSafeString($encryptionKeyAscii);
+    }
+
     /**
      * Register the token guard.
      *