Skip to content

Commit

Permalink
Support issuer ( iss )claim (#34)
Browse files Browse the repository at this point in the history
* Support issuer ( iss )claim

* use only one configuration to set the issuer
  • Loading branch information
abublihi authored Feb 9, 2024
1 parent 322aa80 commit 702e0cd
Show file tree
Hide file tree
Showing 3 changed files with 63 additions and 1 deletion.
13 changes: 12 additions & 1 deletion config/passport-claims.php
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,16 @@
*/
'claims' => [
// App\Claims\CustomClaim::class
]
],

/*
|--------------------------------------------------------------------------
| Issue Claim
|--------------------------------------------------------------------------
|
| Here you config the issue claim. if null will not be set
| NOTE: it will set the `iss` claim ref: https://www.rfc-editor.org/rfc/rfc7519#section-4.1.1
|
*/
'issuer' => env('JWT_ISSUER', null),
];
4 changes: 4 additions & 0 deletions src/AccessToken.php
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,10 @@ private function convertToJWT() : Token
->relatedTo((string) $this->getUserIdentifier())
->withClaim('scopes', $this->getScopes());

if (config('passport-claims.issuer')) {
$jwt = $jwt->issuedBy(config('passport-claims.issuer'));
}

return collect(app(Pipeline::class)
->send($this)
->through(config('passport-claims.claims', []))
Expand Down
47 changes: 47 additions & 0 deletions tests/AccessTokenClaimTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -48,5 +48,52 @@ public function test_can_add_claims_to_token()
$this->assertEquals('test', $jwt->claims()->get('my-claim'));
$this->assertEquals('test', $jwt->claims()->get('another-claim'));
}

public function test_jwt_dose_not_include_iss_claim_by_default()
{
/* set up the environment */
$repository = new AccessTokenRepository(m::mock(TokenRepository::class), m::mock(Dispatcher::class));
$client = new Client('client-id', 'name', 'redirect');
$scopes = [];
$userIdentifier = 1;
$keys = (new RSA())->createKey(2048);

/* create the laravel token */
$token = $repository->getNewToken($client, $scopes, $userIdentifier);
$token->setPrivateKey(new CryptKey($keys['privatekey']));
$token->setExpiryDateTime(CarbonImmutable::now()->addHour());
$token->setIdentifier('test');

/* convert the token to a JWT and parse the JWT back to a Token */
$jwt = (new Parser(new JoseEncoder))->parse($token->__toString());

/* assert our claims were set on the token */
$this->assertEquals(null, $jwt->claims()->get('iss'));
}

public function test_jwt_has_iss_claim_when_configured()
{
/* set up the environment */
$repository = new AccessTokenRepository(m::mock(TokenRepository::class), m::mock(Dispatcher::class));
$client = new Client('client-id', 'name', 'redirect');
$scopes = [];
$userIdentifier = 1;
$keys = (new RSA())->createKey(2048);

/* set custom claims, defined below this test */
app('config')->set('passport-claims.issuer', 'https://example.com');

/* create the laravel token */
$token = $repository->getNewToken($client, $scopes, $userIdentifier);
$token->setPrivateKey(new CryptKey($keys['privatekey']));
$token->setExpiryDateTime(CarbonImmutable::now()->addHour());
$token->setIdentifier('test');

/* convert the token to a JWT and parse the JWT back to a Token */
$jwt = (new Parser(new JoseEncoder))->parse($token->__toString());

/* assert our claims were set on the token */
$this->assertEquals('https://example.com', $jwt->claims()->get('iss'));
}
}

0 comments on commit 702e0cd

Please sign in to comment.