diff --git a/src/Http/Controllers/AuthorizationController.php b/src/Http/Controllers/AuthorizationController.php index 8f69f2d73..597a5c103 100644 --- a/src/Http/Controllers/AuthorizationController.php +++ b/src/Http/Controllers/AuthorizationController.php @@ -77,25 +77,21 @@ public function authorize(ServerRequestInterface $psrRequest, }); if ($this->guard->guest()) { - if ($request->get('prompt') === 'none') { - return $this->denyRequest($authRequest); - } - - return $this->promptLogin($request); + return $request->get('prompt') === 'none' + ? $this->denyRequest($authRequest) + : $this->promptForLogin($request); } if ($request->get('prompt') === 'login' && - ! $request->session()->get('authLoginPrompted', false)) { + ! $request->session()->get('promptedForLogin', false)) { $this->guard->logout(); - $request->session()->invalidate(); - $request->session()->regenerateToken(); - return $this->promptLogin($request); + return $this->promptForLogin($request); } - $request->session()->forget('authLoginPrompted'); + $request->session()->forget('promptedForLogin'); $scopes = $this->parseScopes($authRequest); $user = $request->user(); @@ -177,7 +173,7 @@ protected function approveRequest($authRequest, $user) * Deny the authorization request. * * @param \League\OAuth2\Server\RequestTypes\AuthorizationRequest $authRequest - * @param null|\Illuminate\Database\Eloquent\Model $user + * @param \Illuminate\Database\Eloquent\Model|null $user * @return \Illuminate\Http\Response */ protected function denyRequest($authRequest, $user = null) @@ -209,15 +205,15 @@ protected function denyRequest($authRequest, $user = null) } /** - * Prompt login. + * Prompt the user to login by throwing an AuthenticationException. * * @param \Illuminate\Http\Request $request * * @throws \Illuminate\Auth\AuthenticationException */ - protected function promptLogin($request) + protected function promptForLogin($request) { - $request->session()->put('authLoginPrompted', true); + $request->session()->put('promptedForLogin', true); throw new AuthenticationException; } diff --git a/src/PassportServiceProvider.php b/src/PassportServiceProvider.php index 8180e5352..efe1361eb 100644 --- a/src/PassportServiceProvider.php +++ b/src/PassportServiceProvider.php @@ -15,6 +15,7 @@ use Laravel\Passport\Bridge\PersonalAccessGrant; use Laravel\Passport\Bridge\RefreshTokenRepository; use Laravel\Passport\Guards\TokenGuard; +use Laravel\Passport\Http\Controllers\AuthorizationController; use Lcobucci\JWT\Configuration; use Lcobucci\JWT\Parser; use League\OAuth2\Server\AuthorizationServer; @@ -135,9 +136,9 @@ public function register() Passport::setClientUuids($this->app->make(Config::class)->get('passport.client_uuids', false)); - $this->app->bind(StatefulGuard::class, function () { - return Auth::guard(); - }); + $this->app->when(AuthorizationController::class) + ->needs(StatefulGuard::class) + ->give(fn () => Auth::guard(config('passport.guard', null))); $this->registerAuthorizationServer(); $this->registerClientRepository(); diff --git a/tests/Unit/AuthorizationControllerTest.php b/tests/Unit/AuthorizationControllerTest.php index 056c9a05a..f9d0d825e 100644 --- a/tests/Unit/AuthorizationControllerTest.php +++ b/tests/Unit/AuthorizationControllerTest.php @@ -48,7 +48,7 @@ public function test_authorization_view_is_presented() $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('put')->withSomeOfArgs('authToken'); $session->shouldReceive('put')->with('authRequest', $authRequest); - $session->shouldReceive('forget')->with('authLoginPrompted')->once(); + $session->shouldReceive('forget')->with('promptedForLogin')->once(); $request->shouldReceive('user')->andReturn($user = m::mock()); $request->shouldReceive('get')->with('prompt')->andReturn(null); @@ -124,7 +124,7 @@ public function test_request_is_approved_if_valid_token_exists() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); - $session->shouldReceive('forget')->with('authLoginPrompted')->once(); + $session->shouldReceive('forget')->with('promptedForLogin')->once(); $request->shouldReceive('user')->once()->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldNotReceive('session'); @@ -174,7 +174,7 @@ public function test_request_is_approved_if_client_can_skip_authorization() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); - $session->shouldReceive('forget')->with('authLoginPrompted')->once(); + $session->shouldReceive('forget')->with('promptedForLogin')->once(); $request->shouldReceive('user')->once()->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldNotReceive('session'); @@ -220,7 +220,7 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('put')->withSomeOfArgs('authToken'); $session->shouldReceive('put')->with('authRequest', $authRequest); - $session->shouldReceive('forget')->with('authLoginPrompted')->once(); + $session->shouldReceive('forget')->with('promptedForLogin')->once(); $request->shouldReceive('user')->andReturn($user = m::mock()); $request->shouldReceive('get')->with('prompt')->andReturn('consent'); @@ -272,7 +272,7 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none() $request = m::mock(Request::class); $request->shouldReceive('session')->andReturn($session = m::mock()); - $session->shouldReceive('forget')->with('authLoginPrompted')->once(); + $session->shouldReceive('forget')->with('promptedForLogin')->once(); $request->shouldReceive('user')->andReturn($user = m::mock()); $user->shouldReceive('getAuthIdentifier')->andReturn(1); $request->shouldReceive('get')->with('prompt')->andReturn('none'); @@ -353,9 +353,9 @@ public function test_logout_and_prompt_login_if_request_has_prompt_equals_to_log $request->shouldReceive('session')->andReturn($session = m::mock()); $session->shouldReceive('invalidate')->once(); $session->shouldReceive('regenerateToken')->once(); - $session->shouldReceive('get')->with('authLoginPrompted', false)->once()->andReturn(false); - $session->shouldReceive('put')->with('authLoginPrompted', true)->once(); - $session->shouldNotReceive('forget')->with('authLoginPrompted'); + $session->shouldReceive('get')->with('promptedForLogin', false)->once()->andReturn(false); + $session->shouldReceive('put')->with('promptedForLogin', true)->once(); + $session->shouldNotReceive('forget')->with('promptedForLogin'); $request->shouldReceive('get')->with('prompt')->andReturn('login'); $clients = m::mock(ClientRepository::class); @@ -382,8 +382,8 @@ public function test_user_should_be_authenticated() $request = m::mock(Request::class); $request->shouldNotReceive('user'); $request->shouldReceive('session')->andReturn($session = m::mock()); - $session->shouldReceive('put')->with('authLoginPrompted', true)->once(); - $session->shouldNotReceive('forget')->with('authLoginPrompted'); + $session->shouldReceive('put')->with('promptedForLogin', true)->once(); + $session->shouldNotReceive('forget')->with('promptedForLogin'); $request->shouldReceive('get')->with('prompt')->andReturn(null); $clients = m::mock(ClientRepository::class);