singleloginsystem/app/OAuth/CustomAuthCodeRepository.php
= 0921535ae2 Feat: Enhance OIDC nonce handling with middleware and session support
- Introduced `CaptureOidcNonce` middleware to capture and store nonce in session during GET requests.
- Updated `CustomAuthCodeRepository` to resolve nonce from session if not present in POST requests, ensuring seamless handling.
- Registered middleware in `bootstrap/app.php` for web routes.
- Adjusted `LoginResponse` to use `redirect()->intended` for improved redirection logic.
- Added comprehensive feature tests to validate nonce capture, session storage, and cache resolution workflows.
2026-06-17 09:17:06 +00:00

35 lines
979 B
PHP

<?php
declare(strict_types=1);
namespace App\OAuth;
use Illuminate\Support\Facades\Cache;
use Laravel\Passport\Bridge\AuthCodeRepository as PassportAuthCodeRepository;
use League\OAuth2\Server\Entities\AuthCodeEntityInterface;
class CustomAuthCodeRepository extends PassportAuthCodeRepository
{
/**
* Persist a new authorization code and cache its nonce if present.
*/
public function persistNewAuthCode(AuthCodeEntityInterface $authCodeEntity): void
{
parent::persistNewAuthCode($authCodeEntity);
$nonce = request()->input('nonce') ?? (request()->hasSession() ? request()->session()->get('oidc_nonce') : null);
if ($nonce) {
Cache::put(
'oidc_nonce_'.$authCodeEntity->getIdentifier(),
$nonce,
now()->addMinutes(10)
);
if (request()->hasSession()) {
request()->session()->forget('oidc_nonce');
}
}
}
}