Default to login url to keep backwards compatibility for OAuth JWT (#343)

omniphx · web-flow · commit 7768ac2054b9 · 2024-03-23T13:44:45.000-04:00
* Default to login url to keep backwards compatibility

* Remove extra instanceURL

* Instance url is no longer required for JWT auth

* Clean up

* Update docs
diff --git a/README.md b/README.md
@@ -56,7 +56,7 @@ This will publish a `config/forrest.php` file that can switch between authentica
 
 After adding the config file, update your `.env` to include the following values (details for getting a consumer key and secret are outlined below):
 
-```
+```txt
 SF_CONSUMER_KEY=123455
 SF_CONSUMER_SECRET=ABCDEF
 SF_CALLBACK_URI=https://test.app/callback
@@ -69,7 +69,6 @@ SF_PASSWORD=password123
 ```
 
 > For Lumen, you should copy the config file from `src/config/config.php` and add it to a `forrest.php` configuration file under a config directory in the root of your application.
-
 > For Laravel 4, run `php artisan config:publish omniphx/forrest` which create `app/config/omniphx/forrest/config.php`
 
 ## Getting Started
@@ -125,7 +124,6 @@ Route::get('/authenticate', function()
 });
 ```
 
-
 #### Client Credentials authentication flow
 
 With the Client Credentials flow, you can directly authenticate with the `Forrest::authenticate()` method.
@@ -198,7 +196,7 @@ Next you need to pre-authorize a profile (As of now, can only do this step in Cl
 5. Go to Settings > Manage Users > Profiles and edit the profile of the associated user (i.e., Salesforce Administrator)
 6. Under 'Connected App Access' check the corresponding app name
 
-The implementation is exactly the same as UserPassword
+The implementation is exactly the same as UserPassword (e.g., will need to explicitly specify a username and password)
 
 ```php
 Route::get('/authenticate', function()
@@ -208,6 +206,14 @@ Route::get('/authenticate', function()
 });
 ```
 
+For connecting to Lightning orgs you will need to configure an `instanceUrl` inside your `forrest.php` config:
+
+```txt
+Lightning: https://<YOUR_ORG>.my.salesforce.com
+Lightning Sandbox: https://<YOUR_ORG>--<SANDBOX_NAME>.sandbox.my.salesforce.com
+Developer Org: https://<DEV_DOMAIN>.develop.my.salesforce.com
+```
+
 #### Custom login urls
 
 Sometimes users will need to connect to a sandbox or custom url. To do this, simply pass the url as an argument for the authenticatation method:
diff --git a/src/Omniphx/Forrest/Authentications/OAuthJWT.php b/src/Omniphx/Forrest/Authentications/OAuthJWT.php
@@ -21,9 +21,18 @@ public static function getJWT($iss, $aud, $sub, $privateKey)
         return JWT::encode($payload, $privateKey, 'RS256');
     }
 
+    private function getDefaultInstanceURL()
+    {
+        if (isset($this->settings['instanceURL']) && !empty($this->settings['instanceURL'])) {
+            return $this->settings['instanceURL'];
+        } else {
+            return $this->credentials['loginURL'];
+        }
+    }
+
     public function authenticate($fullInstanceUrl = null)
     {
-        $fullInstanceUrl = $fullInstanceUrl ?? $this->getInstanceURL() . '/services/oauth2/token';
+        $fullInstanceUrl = $fullInstanceUrl ?? $this->getDefaultInstanceURL() . '/services/oauth2/token';
 
         $consumerKey = $this->credentials['consumerKey'];
         $loginUrl = $this->credentials['loginURL'];
diff --git a/src/config/config.php b/src/config/config.php
@@ -78,7 +78,12 @@
     'version' => '',
 
     /*
-     * Optional (and not recommended) if you need to override the instance_url returned from Saleforce
+     * Optional (and not recommended) if you need to override the instance_url returned from Salesforce
+     *
+     * This is useful for configuring lightning or lightning sandboxes with OAuthJWT:
+     * Lightning: https://<YOUR_ORG>.my.salesforce.com
+     * Lightning Sandbox: https://<YOUR_ORG>--<SANDBOX_NAME>.sandbox.my.salesforce.com
+     * Developer Org: https://<DEV_DOMAIN>.develop.my.salesforce.com
      */
     'instanceURL' => '',
 
