Closed
Description
I want encrypt the user_id in access_token.
Passport is flexible, I only need to do two things.
- Extend src/Http/Controllers/ApproveAuthorizationController.php
public function approve(Request $request)
{
return $this->withErrorHandling(function () use ($request) {
$authRequest = $this->getAuthRequestFromSession($request);
+ $user = $authRequest->getUser();
+ $user->setIdentifier(Crypt::encryptId($user->getIdentifier()));
return $this->convertResponse(
$this->server->completeAuthorizationRequest($authRequest, new Psr7Response)
);
});
}
- Extend /src/AuthCode.php
+ public function setUserIdAttribute($value)
+ {
+ $this->attributes['user_id'] = Crypt::decryptId($value);
+ }
But in /src/Bridge/AuthCodeRepository.php persistNewAuthCode
method use setRawAttributes
store data.
public function persistNewAuthCode(AuthCodeEntityInterface $authCodeEntity)
{
$attributes = [
'id' => $authCodeEntity->getIdentifier(),
'user_id' => $authCodeEntity->getUserIdentifier(),
'client_id' => $authCodeEntity->getClient()->getIdentifier(),
'scopes' => $this->formatScopesForStorage($authCodeEntity->getScopes()),
'revoked' => false,
'expires_at' => $authCodeEntity->getExpiryDateTime(),
];
Passport::authCode()->setRawAttributes($attributes)->save();
}
setRawAttributes
cannot trigger setUserIdAttribute .
Why not use create
method like src/Bridge/AccessTokenRepository.php
public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEntity)
{
$this->tokenRepository->create([
'id' => $accessTokenEntity->getIdentifier(),
'user_id' => $accessTokenEntity->getUserIdentifier(),
'client_id' => $accessTokenEntity->getClient()->getIdentifier(),
'scopes' => $this->scopesToArray($accessTokenEntity->getScopes()),
'revoked' => false,
'created_at' => new DateTime,
'updated_at' => new DateTime,
'expires_at' => $accessTokenEntity->getExpiryDateTime(),
]);
$this->events->dispatch(new AccessTokenCreated(
$accessTokenEntity->getIdentifier(),
$accessTokenEntity->getUserIdentifier(),
$accessTokenEntity->getClient()->getIdentifier()
));
}
Thanks!