Made issueby customizable and with feedback

jeremy379 · Dec 17, 2024 · 41def73 · 41def73
1 parent 9520e71
commit 41def73
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 1 deletion.
diff --git a/src/IdTokenResponse.php b/src/IdTokenResponse.php
@@ -36,6 +36,7 @@ public function __construct(
         bool $useMicroseconds = true,
         CurrentRequestServiceInterface $currentRequestService = null,
         $encryptionKey = null,
+        protected ?string $issueBy = null
     ) {
         $this->identityRepository = $identityRepository;
         $this->claimExtractor = $claimExtractor;
@@ -58,12 +59,35 @@ protected function getBuilder(
         return $this->config
             ->builder()
             ->permittedFor($accessToken->getClient()->getIdentifier())
-            ->issuedBy('https://' . $_SERVER['HTTP_HOST'])
+            ->issuedBy($this->getIssueBy())
             ->issuedAt($dateTimeImmutableObject)
             ->expiresAt($dateTimeImmutableObject->add(new DateInterval('PT1H')))
             ->relatedTo($userEntity->getIdentifier());
     }
 
+    private function getIssueBy(): string
+    {
+        if($this->issueBy === 'laravel-url') {
+            return url('/');
+        } elseif($this->issueBy === null || $this->issueBy === 'auto-detect') {
+            $host = $_SERVER['HTTP_HOST'] ?? null;
+
+            if (empty($host)) {
+                return url('/');
+            }
+
+            $scheme = $_SERVER['REQUEST_SCHEME'] ?? null;
+
+            if (empty($scheme)) {
+                $scheme = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
+            }
+
+            return $scheme . '://' . $host;
+        } else {
+            return $this->issueBy;
+        }
+    }
+
     protected function getExtraParams(AccessTokenEntityInterface $accessToken): array {
         /**
          * Include the scope return value, which according to RFC 6749, section 5.1 (and 3.3)

diff --git a/src/Laravel/PassportServiceProvider.php b/src/Laravel/PassportServiceProvider.php
@@ -62,6 +62,7 @@ public function makeAuthorizationServer(): AuthorizationServer
             config('openid.use_microseconds'),
             app(LaravelCurrentRequestService::class),
             $encryptionKey,
+            config('openid.issueBy', null)
         );
 
         return new AuthorizationServer(

diff --git a/src/Laravel/config/openid.php b/src/Laravel/config/openid.php
@@ -81,4 +81,11 @@
      * By default, microseconds are included.
      */
     'use_microseconds' => true,
+
+    /**
+     * Value for the issueBy params. By default: auto-detect to get the scheme and host from the $_SERVER variable.
+     * Use "laravel-url" to use url('/') and let laravel decide
+     * Use any other string for direct use of it.
+     */
+    'issueBy' => 'auto-detect',
 ];