Feat: Introduce custom OIDC client to enforce authorization prompts

- Created `CustomOidcClient` to override default `OidcClient` behavior, ensuring authorization prompts are always displayed.
- Updated `oidc-server.php` configuration to use the custom client model.
This commit is contained in:
= 2026-06-17 08:45:11 +00:00
parent 02455fc71c
commit 2682a234d4
2 changed files with 20 additions and 1 deletions

View File

@ -0,0 +1,19 @@
<?php
declare(strict_types=1);
namespace App\OAuth;
use Admin9\OidcServer\Models\OidcClient;
use Illuminate\Contracts\Auth\Authenticatable;
class CustomOidcClient extends OidcClient
{
/**
* Determine if the client should skip the authorization prompt.
*/
public function skipsAuthorization(Authenticatable $user, array $scopes): bool
{
return false; // Always show the approve/deny page
}
}

View File

@ -65,7 +65,7 @@
| authorization prompt for first-party clients. | authorization prompt for first-party clients.
| |
*/ */
'client_model' => Admin9\OidcServer\Models\OidcClient::class, 'client_model' => App\OAuth\CustomOidcClient::class,
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------