Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to Override AuthorizationServer to use customised BearerTokenResponse #903

Closed
alexfpoole opened this issue May 18, 2018 · 4 comments · May be fixed by #924
Closed

Unable to Override AuthorizationServer to use customised BearerTokenResponse #903

alexfpoole opened this issue May 18, 2018 · 4 comments · May be fixed by #924

Comments

@alexfpoole
Copy link

Hey guys

I wanted to put a user_id in the token response, and line 66 of BearerTokenResponse says:
/**
* Add custom fields to your Bearer Token response here, then override
* AuthorizationServer::getResponseType() to pull in your version of
* this class rather than the default.

This doesn't work though, as AuthorizationServer->encryptionKey, which is used in
AuthorizationServer::getResponseType() is declared private.

Any chance it could be updated to protected to enable this modification please?

Cheers
Alex

@simonhamp
Copy link

Hi Alex, please feel free to make a PR for this 🙂

Note that there are a number of related issues currently open and some PRs too.

So it may be that this change makes its way into a bigger release.

@christiaangoossens
Copy link
Contributor

While looking at making a PR for making the addition of information to JWT's easier, I found the solution to this problem as well. Line 66 seems to be a documentation error, you should pass in the responseType (linking to your implementation of BearerTokenResponse) as the last parameter when creating the AuthorizationServer, instead of overwriting elements of that class. The documentation block should be changed to reflect that.

@Richard87
Copy link

Hi!

I think I have the same problem when trying to use oauth2-openid-server (steverhoades/oauth2-openid-connect-server#21), the Implicit Grant completley disregards the responseType, so I don't know how to add the id_token response required in OpenID except creating a new OidcImplicitGrant, wich feels wrong....

@Sephster
Copy link
Member

Hey @gingabeard and @Richard87. The way you would normally do this is as follows:

class MyAuthorizationServer extends AuthorizationServer
{
    protected function getResponseType()
    {
        $this->responseType = new MyCustomResponseType();

        return parent::getResponseType();
}

If you implement your custom response like this. It should resolve your issue. I will mark this as resolved but if this doesn't solve your issue, please feel free to get back and I will reopen this issue. Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants