Skip to content

Commit 9f3edd5

Browse files
ylebreylebre
authored
Merge pull request #17 from pdsinterop/feature/tokencontroller
added token response with id token
2 parents c829f27 + 2601622 commit 9f3edd5

1 file changed

Lines changed: 14 additions & 17 deletions

File tree

src/Controller/TokenController.php

Lines changed: 14 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -10,31 +10,28 @@ class TokenController extends ServerController
1010
{
1111
final public function __invoke(ServerRequestInterface $request, array $args): ResponseInterface
1212
{
13-
$code = $_POST['code'];
14-
$clientId = $_POST['client_id'];
13+
$code = $request->getParsedBody()['code'];
14+
$clientId = $request->getParsedBody()['client_id'];
15+
16+
/*
1517
$DPoP = $_SERVER['HTTP_DPOP'];
16-
1718
$parser = new \Lcobucci\JWT\Parser();
1819
try {
1920
$token = $parser->parse($DPoP);
2021
// var_dump($token);
2122
} catch(\Exception $e) {
2223
return $this->getResponse()->withStatus(409, "Invalid token");
2324
}
24-
25-
$registration = $this->config->getClientRegistration($clientId);
26-
$approval = $this->checkApproval($clientId);
27-
28-
if ($approval) {
29-
$response = new \Laminas\Diactoros\Response();
30-
$server = new \Pdsinterop\Solid\Auth\Server($this->authServerFactory, $this->authServerConfig, $response);
31-
$response = $server->respondToAccessTokenRequest($request);
25+
*/
26+
$response = new \Laminas\Diactoros\Response();
27+
$server = new \Pdsinterop\Solid\Auth\Server($this->authServerFactory, $this->authServerConfig, $response);
28+
$response = $server->respondToAccessTokenRequest($request);
3229

33-
// $response = $this->tokenGenerator->addIdTokenToResponse($response, $clientId, $this->getProfilePage(), $_SESSION['nonce'], $this->config->getPrivateKey());
34-
return $response;
35-
// $idToken = $this->tokenGenerator->generateIdToken($code, $clientId, $this->getProfilePage(), $_SESSION['nonce'], $this->config->getPrivateKey());
36-
// return new JsonResponse(array("token_type" => "DPoP", "id_token" => $idToken));
37-
}
38-
return new JsonResponse(array());
30+
// FIXME: not sure if decoding this here is the way to go.
31+
// FIXME: because this is a public page, the nonce from the session is not available here.
32+
$codeInfo = $this->tokenGenerator->getCodeInfo($code);
33+
$response = $this->tokenGenerator->addIdTokenToResponse($response, $clientId, $codeInfo['user_id'], $_SESSION['nonce'], $this->config->getPrivateKey());
34+
35+
return $response;
3936
}
4037
}

0 commit comments

Comments
 (0)