Skip to content

Fix issue multi auth #1606

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 14 additions & 5 deletions src/ClientRepository.php
Original file line number Diff line number Diff line change
Expand Up @@ -106,23 +106,31 @@ public function activeForUser($userId)
/**
* Get the personal access token client for the application.
*
* @param string|null $provider
* @return \Laravel\Passport\Client
*
* @throws \RuntimeException
*/
public function personalAccessClient()
public function personalAccessClient($provider = null)
{
if ($this->personalAccessClientId) {
return $this->find($this->personalAccessClientId);
}

$client = Passport::personalAccessClient();

if (! $client->exists()) {
$personalAccessClient = $client
->when($provider, function ($query, $provider) {
$query->whereRelation('client', 'provider', $provider);
})
->latest($client->getKeyName())
->first();

if (is_null($personalAccessClient)) {
throw new RuntimeException('Personal access client not found. Please create one.');
}

return $client->orderBy($client->getKeyName(), 'desc')->first()->client;
return $client->client;
}

/**
Expand Down Expand Up @@ -161,11 +169,12 @@ public function create($userId, $name, $redirect, $provider = null, $personalAcc
* @param int $userId
* @param string $name
* @param string $redirect
* @param string|null $provider
* @return \Laravel\Passport\Client
*/
public function createPersonalAccessClient($userId, $name, $redirect)
public function createPersonalAccessClient($userId, $name, $redirect, $provider = null)
{
return tap($this->create($userId, $name, $redirect, null, true), function ($client) {
return tap($this->create($userId, $name, $redirect, $provider, true), function ($client) {
$accessClient = Passport::personalAccessClient();
$accessClient->client_id = $client->id;
$accessClient->save();
Expand Down
28 changes: 20 additions & 8 deletions src/Console/ClientCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,10 @@ protected function createPersonalClient(ClientRepository $clients)
config('app.name').' Personal Access Client'
);

$provider = $this->choiceProvider();

$client = $clients->createPersonalAccessClient(
null, $name, 'http://localhost'
null, $name, 'http://localhost', $provider
);

$this->info('Personal access client created successfully.');
Expand All @@ -85,13 +87,7 @@ protected function createPasswordClient(ClientRepository $clients)
config('app.name').' Password Grant Client'
);

$providers = array_keys(config('auth.providers'));

$provider = $this->option('provider') ?: $this->choice(
'Which user provider should this client use to retrieve users?',
$providers,
in_array('users', $providers) ? 'users' : null
);
$provider = $this->choiceProvider();

$client = $clients->createPasswordGrantClient(
null, $name, 'http://localhost', $provider
Expand Down Expand Up @@ -170,4 +166,20 @@ protected function outputClientDetails(Client $client)
$this->line('<comment>Client ID:</comment> '.$client->id);
$this->line('<comment>Client secret:</comment> '.$client->plainSecret);
}

/**
* Choice what the provider.
*
* @return string
*/
protected function choiceProvider()
{
$providers = array_keys(config('auth.providers'));

return $this->option('provider') ?: $this->choice(
'Which user provider should this client use to retrieve users?',
$providers,
in_array('users', $providers) ? 'users' : null
);
}
}
2 changes: 1 addition & 1 deletion src/Console/InstallCommand.php
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ public function handle()
$this->configureUuids();
}

$this->call('passport:client', ['--personal' => true, '--name' => config('app.name').' Personal Access Client']);
$this->call('passport:client', ['--personal' => true, '--name' => config('app.name').' Personal Access Client', '--provider' => $provider]);
$this->call('passport:client', ['--password' => true, '--name' => config('app.name').' Password Grant Client', '--provider' => $provider]);
}

Expand Down
31 changes: 29 additions & 2 deletions src/HasApiTokens.php
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,11 @@ public function clients()
*/
public function tokens()
{
return $this->hasMany(Passport::tokenModel(), 'user_id')->orderBy('created_at', 'desc');
return $this->hasMany(Passport::tokenModel(), 'user_id')
->when($this->getProvider(), function ($query, $provider) {
$query->whereRelation('client', 'provider', $provider);
})
->latest('created_at');
}

/**
Expand Down Expand Up @@ -64,7 +68,10 @@ public function tokenCan($scope)
public function createToken($name, array $scopes = [])
{
return Container::getInstance()->make(PersonalAccessTokenFactory::class)->make(
$this->getKey(), $name, $scopes
$this->getKey(),
$name,
$scopes,
$this->getProvider(),
);
}

Expand All @@ -80,4 +87,24 @@ public function withAccessToken($accessToken)

return $this;
}

/**
* Get the provider name of the model.
*
* @return string|null
*/
protected function getProvider()
{
foreach (config('auth.providers', []) as $name => $config) {
if ($config['driver'] == 'eloquent' && is_a($this, $config['model'])) {
return $name;
}

if ($config['driver'] == 'database' && $this->getTable() == $config['table']) {
return $name;
}
}

return null;
}
}
16 changes: 9 additions & 7 deletions src/PersonalAccessTokenFactory.php
Original file line number Diff line number Diff line change
Expand Up @@ -47,11 +47,12 @@ class PersonalAccessTokenFactory
* @param \Lcobucci\JWT\Parser $jwt
* @return void
*/
public function __construct(AuthorizationServer $server,
ClientRepository $clients,
TokenRepository $tokens,
JwtParser $jwt)
{
public function __construct(
AuthorizationServer $server,
ClientRepository $clients,
TokenRepository $tokens,
JwtParser $jwt,
) {
$this->jwt = $jwt;
$this->tokens = $tokens;
$this->server = $server;
Expand All @@ -64,12 +65,13 @@ public function __construct(AuthorizationServer $server,
* @param mixed $userId
* @param string $name
* @param array $scopes
* @param string|null $provider
* @return \Laravel\Passport\PersonalAccessTokenResult
*/
public function make($userId, $name, array $scopes = [])
public function make($userId, $name, array $scopes = [], $provider = null)
{
$response = $this->dispatchRequestToAuthorizationServer(
$this->createRequest($this->clients->personalAccessClient(), $userId, $scopes)
$this->createRequest($this->clients->personalAccessClient($provider), $userId, $scopes)
);

$token = tap($this->findAccessToken($response), function ($token) use ($userId, $name) {
Expand Down