- Added `CustomAuthCodeRepository` to cache and store nonces during authorization. - Introduced `CustomTokenResponseType` to resolve cached nonces during token exchange. - Created `oidc-server.php` configuration for OpenID Connect support, including scopes, claims, and token lifetimes. - Registered custom implementations in `AppServiceProvider` with bindings for `AuthCodeRepository` and `TokenResponseType`. - Added feature tests to validate nonce caching and resolution logic.
29 lines
774 B
PHP
29 lines
774 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\OAuth;
|
|
|
|
use Illuminate\Support\Facades\Cache;
|
|
use Laravel\Passport\Bridge\AuthCodeRepository as PassportAuthCodeRepository;
|
|
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
|
|
|
|
class CustomAuthCodeRepository extends PassportAuthCodeRepository
|
|
{
|
|
/**
|
|
* Persist a new authorization code and cache its nonce if present.
|
|
*/
|
|
public function persistNewAuthCode(AuthCodeEntityInterface $authCodeEntity): void
|
|
{
|
|
parent::persistNewAuthCode($authCodeEntity);
|
|
|
|
if (request()->has('nonce')) {
|
|
Cache::put(
|
|
'oidc_nonce_'.$authCodeEntity->getIdentifier(),
|
|
request()->input('nonce'),
|
|
now()->addMinutes(10)
|
|
);
|
|
}
|
|
}
|
|
}
|