From 99814ce73476acc77837d8d6f4cd9837df2d61ed Mon Sep 17 00:00:00 2001 From: sgorshkov Date: Thu, 4 Apr 2019 11:47:03 +0400 Subject: [PATCH] Add ability to configure refresh token parameter name (#99) (#142) * Add ability to configure refresh token parameter name (#99) - add optional parameter token_parameter_name to bundle configuration; - update readme; - fix phpspec tests; * Add ability to configure refresh token parameter name (#99) - fix readme: delete explicit config file name declaration; --- DependencyInjection/Configuration.php | 1 + .../GesdinetJWTRefreshTokenExtension.php | 1 + .../AttachRefreshTokenOnSuccessListener.php | 16 ++++++++++---- README.md | 9 ++++++++ Request/RequestRefreshToken.php | 8 +++---- Resources/config/services.yml | 4 ++-- .../RefreshTokenAuthenticator.php | 11 ++++++++-- ...ttachRefreshTokenOnSuccessListenerSpec.php | 6 +++-- spec/Request/RequestRefreshTokenSpec.php | 22 ++++++++++--------- .../RefreshTokenAuthenticatorSpec.php | 3 ++- 10 files changed, 56 insertions(+), 25 deletions(-) diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php index ce953521..0400336e 100644 --- a/DependencyInjection/Configuration.php +++ b/DependencyInjection/Configuration.php @@ -57,6 +57,7 @@ public function getConfigTreeBuilder() ->defaultNull() ->info('Deprecated, use object_manager instead') ->end() + ->scalarNode('token_parameter_name')->defaultValue('refresh_token')->end() ->end(); return $treeBuilder; diff --git a/DependencyInjection/GesdinetJWTRefreshTokenExtension.php b/DependencyInjection/GesdinetJWTRefreshTokenExtension.php index e83596c3..5a24a8bc 100644 --- a/DependencyInjection/GesdinetJWTRefreshTokenExtension.php +++ b/DependencyInjection/GesdinetJWTRefreshTokenExtension.php @@ -39,6 +39,7 @@ public function load(array $configs, ContainerBuilder $container) $container->setParameter('gesdinet_jwt_refresh_token.security.firewall', $config['firewall']); $container->setParameter('gesdinet_jwt_refresh_token.user_provider', $config['user_provider']); $container->setParameter('gesdinet_jwt_refresh_token.user_identity_field', $config['user_identity_field']); + $container->setParameter('gesdinet_jwt_refresh_token.token_parameter_name', $config['token_parameter_name']); $refreshTokenClass = 'Gesdinet\JWTRefreshTokenBundle\Entity\RefreshToken'; $objectManager = 'doctrine.orm.entity_manager'; diff --git a/EventListener/AttachRefreshTokenOnSuccessListener.php b/EventListener/AttachRefreshTokenOnSuccessListener.php index 434efc89..239ad3b2 100644 --- a/EventListener/AttachRefreshTokenOnSuccessListener.php +++ b/EventListener/AttachRefreshTokenOnSuccessListener.php @@ -46,6 +46,11 @@ class AttachRefreshTokenOnSuccessListener */ protected $userIdentityField; + /** + * @var string + */ + protected $tokenParameterName; + /** * AttachRefreshTokenOnSuccessListener constructor. * @@ -54,19 +59,22 @@ class AttachRefreshTokenOnSuccessListener * @param ValidatorInterface $validator * @param RequestStack $requestStack * @param string $userIdentityField + * @param string $tokenParameterName */ public function __construct( RefreshTokenManagerInterface $refreshTokenManager, $ttl, ValidatorInterface $validator, RequestStack $requestStack, - $userIdentityField + $userIdentityField, + $tokenParameterName ) { $this->refreshTokenManager = $refreshTokenManager; $this->ttl = $ttl; $this->validator = $validator; $this->requestStack = $requestStack; $this->userIdentityField = $userIdentityField; + $this->tokenParameterName = $tokenParameterName; } public function attachRefreshToken(AuthenticationSuccessEvent $event) @@ -79,10 +87,10 @@ public function attachRefreshToken(AuthenticationSuccessEvent $event) return; } - $refreshTokenString = RequestRefreshToken::getRefreshToken($request); + $refreshTokenString = RequestRefreshToken::getRefreshToken($request, $this->tokenParameterName); if ($refreshTokenString) { - $data['refresh_token'] = $refreshTokenString; + $data[$this->tokenParameterName] = $refreshTokenString; } else { $datetime = new \DateTime(); $datetime->modify('+'.$this->ttl.' seconds'); @@ -111,7 +119,7 @@ public function attachRefreshToken(AuthenticationSuccessEvent $event) } $this->refreshTokenManager->save($refreshToken); - $data['refresh_token'] = $refreshToken->getRefreshToken(); + $data[$this->tokenParameterName] = $refreshToken->getRefreshToken(); } $event->setData($data); diff --git a/README.md b/README.md index 66c71188..118841b2 100644 --- a/README.md +++ b/README.md @@ -191,6 +191,15 @@ gesdinet_jwt_refresh_token: firewall: api ``` +### Config Refresh token parameter Name + +You can define refresh token parameter name. Default value is refresh_token. You can change this value adding this line to your config file: + +```yaml +gesdinet_jwt_refresh_token: + token_parameter_name: refreshToken +``` + ### Config UserProvider You can define your own UserProvider. By default we use our custom UserProvider. You can change this value by adding this line to your config: diff --git a/Request/RequestRefreshToken.php b/Request/RequestRefreshToken.php index dbddbc8f..42dd1970 100644 --- a/Request/RequestRefreshToken.php +++ b/Request/RequestRefreshToken.php @@ -15,15 +15,15 @@ class RequestRefreshToken { - public static function getRefreshToken(Request $request) + public static function getRefreshToken(Request $request, $tokenParameterName) { $refreshTokenString = null; if (false !== strpos($request->getContentType(), 'json')) { $content = $request->getContent(); $params = !empty($content) ? json_decode($content, true) : array(); - $refreshTokenString = isset($params['refresh_token']) ? trim($params['refresh_token']) : null; - } elseif (null !== $request->get('refresh_token')) { - $refreshTokenString = $request->get('refresh_token'); + $refreshTokenString = isset($params[$tokenParameterName]) ? trim($params[$tokenParameterName]) : null; + } elseif (null !== $request->get($tokenParameterName)) { + $refreshTokenString = $request->get($tokenParameterName); } return $refreshTokenString; diff --git a/Resources/config/services.yml b/Resources/config/services.yml index d4f10ee1..6c532b14 100644 --- a/Resources/config/services.yml +++ b/Resources/config/services.yml @@ -1,7 +1,7 @@ services: gesdinet.jwtrefreshtoken.send_token: class: Gesdinet\JWTRefreshTokenBundle\EventListener\AttachRefreshTokenOnSuccessListener - arguments: [ "@gesdinet.jwtrefreshtoken.refresh_token_manager", "%gesdinet_jwt_refresh_token.ttl%", "@validator", "@request_stack", "%gesdinet_jwt_refresh_token.user_identity_field%" ] + arguments: [ "@gesdinet.jwtrefreshtoken.refresh_token_manager", "%gesdinet_jwt_refresh_token.ttl%", "@validator", "@request_stack", "%gesdinet_jwt_refresh_token.user_identity_field%", "%gesdinet_jwt_refresh_token.token_parameter_name%" ] tags: - { name: kernel.event_listener, event: lexik_jwt_authentication.on_authentication_success, method: attachRefreshToken } @@ -21,7 +21,7 @@ services: gesdinet.jwtrefreshtoken.authenticator: class: Gesdinet\JWTRefreshTokenBundle\Security\Authenticator\RefreshTokenAuthenticator - arguments: [ "@gesdinet.jwtrefreshtoken.user_checker" ] + arguments: [ "@gesdinet.jwtrefreshtoken.user_checker", "%gesdinet_jwt_refresh_token.token_parameter_name%" ] Gesdinet\JWTRefreshTokenBundle\Command\: resource: '../../Command/*' diff --git a/Security/Authenticator/RefreshTokenAuthenticator.php b/Security/Authenticator/RefreshTokenAuthenticator.php index 2e2bc77a..706abb23 100644 --- a/Security/Authenticator/RefreshTokenAuthenticator.php +++ b/Security/Authenticator/RefreshTokenAuthenticator.php @@ -42,19 +42,26 @@ class RefreshTokenAuthenticator extends RefreshTokenAuthenticatorBase implements */ private $userChecker; + /** + * @var string + */ + protected $tokenParameterName; + /** * Constructor. * * @param UserCheckerInterface $userChecker + * @param string $tokenParameterName */ - public function __construct(UserCheckerInterface $userChecker) + public function __construct(UserCheckerInterface $userChecker, $tokenParameterName) { $this->userChecker = $userChecker; + $this->tokenParameterName = $tokenParameterName; } public function createToken(Request $request, $providerKey) { - $refreshTokenString = RequestRefreshToken::getRefreshToken($request); + $refreshTokenString = RequestRefreshToken::getRefreshToken($request, $this->tokenParameterName); return new PreAuthenticatedToken( '', diff --git a/spec/EventListener/AttachRefreshTokenOnSuccessListenerSpec.php b/spec/EventListener/AttachRefreshTokenOnSuccessListenerSpec.php index 6b702139..4db654c2 100644 --- a/spec/EventListener/AttachRefreshTokenOnSuccessListenerSpec.php +++ b/spec/EventListener/AttachRefreshTokenOnSuccessListenerSpec.php @@ -17,11 +17,13 @@ class AttachRefreshTokenOnSuccessListenerSpec extends ObjectBehavior { + const TOKEN_PARAMETER_NAME = 'refresh_token'; + public function let(RefreshTokenManagerInterface $refreshTokenManager, ValidatorInterface $validator, RequestStack $requestStack) { $ttl = 2592000; $userIdentityField = 'username'; - $this->beConstructedWith($refreshTokenManager, $ttl, $validator, $requestStack, $userIdentityField); + $this->beConstructedWith($refreshTokenManager, $ttl, $validator, $requestStack, $userIdentityField, self::TOKEN_PARAMETER_NAME); } public function it_is_initializable() @@ -34,7 +36,7 @@ public function it_attach_token_on_refresh(AuthenticationSuccessEvent $event, Us $event->getData()->willReturn(array()); $event->getUser()->willReturn($user); - $refreshTokenArray = array('refresh_token' => 'thepreviouslyissuedrefreshtoken'); + $refreshTokenArray = array(self::TOKEN_PARAMETER_NAME => 'thepreviouslyissuedrefreshtoken'); $headers = new HeaderBag(array('content_type' => 'not-json')); $request = new Request(); $request->headers = $headers; diff --git a/spec/Request/RequestRefreshTokenSpec.php b/spec/Request/RequestRefreshTokenSpec.php index c348145e..6a086146 100644 --- a/spec/Request/RequestRefreshTokenSpec.php +++ b/spec/Request/RequestRefreshTokenSpec.php @@ -7,43 +7,45 @@ class RequestRefreshTokenSpec extends ObjectBehavior { + const TOKEN_PARAMETER_NAME = 'refresh_token'; + public function it_gets_from_query_param() { $request = Request::createFromGlobals(); - $request->attributes->set('refresh_token', 'abcd'); + $request->attributes->set(self::TOKEN_PARAMETER_NAME, 'abcd'); - $this::getRefreshToken($request)->shouldBe('abcd'); + $this::getRefreshToken($request, self::TOKEN_PARAMETER_NAME)->shouldBe('abcd'); } public function it_gets_from_body() { $request = Request::createFromGlobals(); - $request->request->set('refresh_token', 'abcd'); + $request->request->set(self::TOKEN_PARAMETER_NAME, 'abcd'); - $this::getRefreshToken($request)->shouldBe('abcd'); + $this::getRefreshToken($request, self::TOKEN_PARAMETER_NAME)->shouldBe('abcd'); } public function it_gets_from_json() { - $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array('refresh_token' => 'abcd'))); + $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array(self::TOKEN_PARAMETER_NAME => 'abcd'))); $request->headers->set('content_type', 'application/json'); - $this::getRefreshToken($request)->shouldBe('abcd'); + $this::getRefreshToken($request, self::TOKEN_PARAMETER_NAME)->shouldBe('abcd'); } public function it_gets_from_json_x() { - $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array('refresh_token' => 'abcd'))); + $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array(self::TOKEN_PARAMETER_NAME => 'abcd'))); $request->headers->set('content_type', 'application/x-json'); - $this::getRefreshToken($request)->shouldBe('abcd'); + $this::getRefreshToken($request, self::TOKEN_PARAMETER_NAME)->shouldBe('abcd'); } public function it_gets_from_json_parameter() { - $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array('refresh_token' => 'abcd'))); + $request = Request::create(null, 'POST', array(), array(), array(), array(), json_encode(array(self::TOKEN_PARAMETER_NAME => 'abcd'))); $request->headers->set('content_type', 'application/json;charset=UTF-8'); - $this::getRefreshToken($request)->shouldBe('abcd'); + $this::getRefreshToken($request, self::TOKEN_PARAMETER_NAME)->shouldBe('abcd'); } } diff --git a/spec/Security/Authenticator/RefreshTokenAuthenticatorSpec.php b/spec/Security/Authenticator/RefreshTokenAuthenticatorSpec.php index c961c898..29262361 100644 --- a/spec/Security/Authenticator/RefreshTokenAuthenticatorSpec.php +++ b/spec/Security/Authenticator/RefreshTokenAuthenticatorSpec.php @@ -12,7 +12,8 @@ class RefreshTokenAuthenticatorSpec extends ObjectBehavior { public function let(UserCheckerInterface $userChecker) { - $this->beConstructedWith($userChecker); + $tokenParameterName = 'refresh_token'; + $this->beConstructedWith($userChecker, $tokenParameterName); } public function it_is_initializable()