From 20f61a0baafd071cb5387837d3e71b256ddf9b2d Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Fri, 8 Sep 2023 14:31:33 -0700 Subject: [PATCH 1/2] feat: add audience parameter to Client::verifyIdToken --- src/AccessToken/Verify.php | 2 +- src/Client.php | 6 +++--- src/Http/REST.php | 1 + 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/AccessToken/Verify.php b/src/AccessToken/Verify.php index d957908ba..b4c975bfb 100644 --- a/src/AccessToken/Verify.php +++ b/src/AccessToken/Verify.php @@ -91,7 +91,7 @@ public function __construct( * accepted. By default, the id token must have been issued to this OAuth2 client. * * @param string $idToken the ID token in JWT format - * @param string $audience Optional. The audience to verify against JWt "aud" + * @param string $audience Optional. The audience to verify against JWT "aud" * @return array|false the token payload, if successful */ public function verifyIdToken($idToken, $audience = null) diff --git a/src/Client.php b/src/Client.php index 31b3f1d5f..b4d3ce1fc 100644 --- a/src/Client.php +++ b/src/Client.php @@ -443,7 +443,6 @@ public function authorize(ClientInterface $http = null) $this->config['token_callback'] ); } - if ($token = $this->getAccessToken()) { $scopes = $this->prepareScopes(); // add refresh subscriber to request a new token @@ -794,10 +793,11 @@ public function revokeToken($token = null) * @throws LogicException If no token was provided and no token was set using `setAccessToken`. * @throws UnexpectedValueException If the token is not a valid JWT. * @param string|null $idToken The token (id_token) that should be verified. + * @param string|null $audience Optional. The audience to verify against JWT "aud". * @return array|false Returns the token payload as an array if the verification was * successful, false otherwise. */ - public function verifyIdToken($idToken = null) + public function verifyIdToken($idToken = null, string $audience = null) { $tokenVerifier = new Verify( $this->getHttpClient(), @@ -817,7 +817,7 @@ public function verifyIdToken($idToken = null) return $tokenVerifier->verifyIdToken( $idToken, - $this->getClientId() + $audience ?: $this->getClientId() // use the client ID when no audience is supplied ); } diff --git a/src/Http/REST.php b/src/Http/REST.php index 1519f60da..f7ed347d8 100644 --- a/src/Http/REST.php +++ b/src/Http/REST.php @@ -79,6 +79,7 @@ public static function execute( */ public static function doExecute(ClientInterface $client, RequestInterface $request, $expectedClass = null) { + // var_dump($request);exit; try { $httpHandler = HttpHandlerFactory::build($client); $response = $httpHandler($request); From def1f7aee51edd3811839455e2c9b3d0c21c5c07 Mon Sep 17 00:00:00 2001 From: Brent Shaffer Date: Wed, 3 Jan 2024 09:27:22 -0800 Subject: [PATCH 2/2] Update src/Http/REST.php --- src/Http/REST.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Http/REST.php b/src/Http/REST.php index f7ed347d8..1519f60da 100644 --- a/src/Http/REST.php +++ b/src/Http/REST.php @@ -79,7 +79,6 @@ public static function execute( */ public static function doExecute(ClientInterface $client, RequestInterface $request, $expectedClass = null) { - // var_dump($request);exit; try { $httpHandler = HttpHandlerFactory::build($client); $response = $httpHandler($request);