Feat: Introduce custom OIDC client to enforce authorization prompts
- Created `CustomOidcClient` to override default `OidcClient` behavior, ensuring authorization prompts are always displayed. - Updated `oidc-server.php` configuration to use the custom client model.
This commit is contained in:
parent
02455fc71c
commit
2682a234d4
19
app/OAuth/CustomOidcClient.php
Normal file
19
app/OAuth/CustomOidcClient.php
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
declare(strict_types=1);
|
||||||
|
|
||||||
|
namespace App\OAuth;
|
||||||
|
|
||||||
|
use Admin9\OidcServer\Models\OidcClient;
|
||||||
|
use Illuminate\Contracts\Auth\Authenticatable;
|
||||||
|
|
||||||
|
class CustomOidcClient extends OidcClient
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Determine if the client should skip the authorization prompt.
|
||||||
|
*/
|
||||||
|
public function skipsAuthorization(Authenticatable $user, array $scopes): bool
|
||||||
|
{
|
||||||
|
return false; // Always show the approve/deny page
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -65,7 +65,7 @@
|
|||||||
| authorization prompt for first-party clients.
|
| authorization prompt for first-party clients.
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
'client_model' => Admin9\OidcServer\Models\OidcClient::class,
|
'client_model' => App\OAuth\CustomOidcClient::class,
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user