- Introduced `CaptureOidcNonce` middleware to capture and store nonce in session during GET requests. - Updated `CustomAuthCodeRepository` to resolve nonce from session if not present in POST requests, ensuring seamless handling. - Registered middleware in `bootstrap/app.php` for web routes. - Adjusted `LoginResponse` to use `redirect()->intended` for improved redirection logic. - Added comprehensive feature tests to validate nonce capture, session storage, and cache resolution workflows.
35 lines
979 B
PHP
35 lines
979 B
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\OAuth;
|
|
|
|
use Illuminate\Support\Facades\Cache;
|
|
use Laravel\Passport\Bridge\AuthCodeRepository as PassportAuthCodeRepository;
|
|
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
|
|
|
|
class CustomAuthCodeRepository extends PassportAuthCodeRepository
|
|
{
|
|
/**
|
|
* Persist a new authorization code and cache its nonce if present.
|
|
*/
|
|
public function persistNewAuthCode(AuthCodeEntityInterface $authCodeEntity): void
|
|
{
|
|
parent::persistNewAuthCode($authCodeEntity);
|
|
|
|
$nonce = request()->input('nonce') ?? (request()->hasSession() ? request()->session()->get('oidc_nonce') : null);
|
|
|
|
if ($nonce) {
|
|
Cache::put(
|
|
'oidc_nonce_'.$authCodeEntity->getIdentifier(),
|
|
$nonce,
|
|
now()->addMinutes(10)
|
|
);
|
|
|
|
if (request()->hasSession()) {
|
|
request()->session()->forget('oidc_nonce');
|
|
}
|
|
}
|
|
}
|
|
}
|