CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
claims example
'username' => 'admin',
'password' => 'shopware',
'scope' => [],
];
$client->request('POST', '/api/oauth/token', $authPayload);
static::assertNotFalse($client->getResponse()->getContent());
$data = \json_decode($client->getResponse()->getContent(), true, 512, \JSON_THROW_ON_ERROR);
$parsedAccessToken = $jwtTokenParser->parse($data['access_token']);
static::assertInstanceOf(UnencryptedToken::class, $parsedAccessToken);
$accessTokenScopes = $parsedAccessToken->claims()->get('scopes');
static::assertEqualsCanonicalizing(['admin', 'write'], $accessTokenScopes);
}
public function testUniqueAccessTokenScopes(): void
{
$client = $this->getBrowser(false);
$configuration = $this->getContainer()->get('shopware.jwt_config');
$jwtTokenParser = $configuration->parser();
$authPayload = [
'password' => 'shopware',
'scope' => [],
];
$client->request('POST', '/api/oauth/token', $authPayload);
static::assertNotFalse($client->getResponse()->getContent());
$data = \json_decode($client->getResponse()->getContent(), true, 512, \JSON_THROW_ON_ERROR);
$parsedAccessToken = $jwtTokenParser->parse($data['access_token']);
static::assertInstanceOf(UnencryptedToken::class, $parsedAccessToken);
$accessTokenScopes = $parsedAccessToken->claims()->get('scopes');
static::assertEqualsCanonicalizing(['admin', 'write'], $accessTokenScopes);
}
public function testUniqueAccessTokenScopes(): void
{
$client = $this->getBrowser(false);
$configuration = $this->getContainer()->get('shopware.jwt_config');
$jwtTokenParser = $configuration->parser();
$authPayload = [
$request = $this->decorated->validateAuthorization($request);
$header = $request->getHeader('authorization');
$jwt = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $header[0]) ?? '');
/** @var UnencryptedToken $token */
$token = $this->configuration->parser()->parse($jwt);
if ($userId = $request->getAttribute(PlatformRequest::ATTRIBUTE_OAUTH_USER_ID)) {
$this->validateAccessTokenIssuedAt($token->claims()->get('iat', 0), $userId);
}
return $request;
}
/** * @throws OAuthServerException */
private function validateAccessTokenIssuedAt(\DateTimeImmutable $tokenIssuedAt, string $userId): void
{
$lastUpdatedPasswordAt = $this->connection->createQueryBuilder()
throw PaymentException::invalidToken($token, $e);
}
if (!$this->configuration->validator()->validate($jwtToken, ...$this->configuration->validationConstraints())) {
throw PaymentException::invalidToken($token);
}
if (!$this->has($token)) {
throw PaymentException::tokenInvalidated($token);
}
$errorUrl = $jwtToken->claims()->get('eul');
/** @var \DateTimeImmutable $expires */
$expires = $jwtToken->claims()->get('exp');
return new TokenStruct(
$jwtToken->claims()->get('jti'),
$token,
$jwtToken->claims()->get('pmi'),
$jwtToken->claims()->get('sub'),
$jwtToken->claims()->get('ful'),
$expires->getTimestamp(),
}
if (!$this->configuration->validator()->validate($jwtToken, ...$this->configuration->validationConstraints())) {
throw PaymentException::invalidToken($token);
}
if (!$this->has($token)) {
throw PaymentException::tokenInvalidated($token);
}
$errorUrl = $jwtToken->claims()->get('eul');
/** @var \DateTimeImmutable $expires */
$expires = $jwtToken->claims()->get('exp');
return new TokenStruct(
$jwtToken->claims()->get('jti'),
$token,
$jwtToken->claims()->get('pmi'),
$jwtToken->claims()->get('sub'),
$jwtToken->claims()->get('ful'),
$expires->getTimestamp(),