Fix request token event

thephpleague · Oct 7, 2021 · f14c02d · f14c02d
1 parent 464dfa8
commit f14c02d
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 10 deletions.
diff --git a/src/Controller/TokenController.php b/src/Controller/TokenController.php
@@ -70,11 +70,11 @@ public function indexAction(Request $request): Response
         $renderedResponse = $this->httpFoundationFactory->createResponse($response);
 
         /** @var TokenRequestResolveEvent $event */
-        $this->eventDispatcher->dispatch(
+        $event = $this->eventDispatcher->dispatch(
             new TokenRequestResolveEvent($renderedResponse),
             OAuth2Events::TOKEN_REQUEST_RESOLVE
         );
 
-        return $renderedResponse;
+        return $event->getResponse();
     }
 }
diff --git a/tests/Acceptance/TokenEndpointTest.php b/tests/Acceptance/TokenEndpointTest.php
@@ -105,20 +105,32 @@ public function testSuccessfulRefreshTokenRequest(): void
             ->get(RefreshTokenManagerInterface::class)
             ->find(FixtureFactory::FIXTURE_REFRESH_TOKEN);
 
-        $this->client->request('POST', '/token', [
-            'client_id' => 'foo',
-            'client_secret' => 'secret',
-            'grant_type' => 'refresh_token',
-            'refresh_token' => TestHelper::generateEncryptedPayload($refreshToken),
-        ]);
-
         $this->client
             ->getContainer()
             ->get('event_dispatcher')
             ->addListener(OAuth2Events::TOKEN_REQUEST_RESOLVE, static function (TokenRequestResolveEvent $event): void {
                 $event->getResponse()->headers->set('foo', 'bar');
             });
 
+        $this->client
+            ->getContainer()
+            ->get('event_dispatcher')
+            ->addListener(OAuth2Events::TOKEN_REQUEST_RESOLVE, static function (TokenRequestResolveEvent $event): void {
+                if ('bar' === $event->getResponse()->headers->get('foo')) {
+                    $newResponse = clone $event->getResponse();
+                    $newResponse->headers->remove('foo');
+                    $newResponse->headers->set('baz', 'qux');
+                    $event->setResponse($newResponse);
+                }
+            }, -1);
+
+        $this->client->request('POST', '/token', [
+            'client_id' => 'foo',
+            'client_secret' => 'secret',
+            'grant_type' => 'refresh_token',
+            'refresh_token' => TestHelper::generateEncryptedPayload($refreshToken),
+        ]);
+
         $response = $this->client->getResponse();
 
         $this->assertSame(200, $response->getStatusCode());
@@ -131,7 +143,8 @@ public function testSuccessfulRefreshTokenRequest(): void
         $this->assertGreaterThan(0, $jsonResponse['expires_in']);
         $this->assertNotEmpty($jsonResponse['access_token']);
         $this->assertNotEmpty($jsonResponse['refresh_token']);
-        $this->assertEmpty($response->headers->get('foo'), 'bar');
+        $this->assertFalse($response->headers->has('foo'));
+        $this->assertSame($response->headers->get('baz'), 'qux');
     }
 
     public function testSuccessfulAuthorizationCodeRequest(): void