socialde.pt
+21
-16
src/Auth/OAuthEngine.php
+21
-16
src/Auth/OAuthEngine.php
···
17
17
protected DPoPKeyManager $dpopManager,
18
18
protected ClientMetadataManager $metadata,
19
19
protected DPoPClient $dpopClient,
20
+
protected ClientAssertionManager $clientAssertion,
20
21
) {}
21
22
22
23
/**
···
87
88
88
89
$response = $this->dpopClient->request($request->pdsEndpoint, $tokenUrl, 'POST', $request->dpopKey)
89
90
->asForm()
90
-
->post($tokenUrl, [
91
-
'grant_type' => 'authorization_code',
92
-
'code' => $code,
93
-
'redirect_uri' => $this->metadata->getRedirectUris()[0] ?? null,
94
-
'client_id' => $this->metadata->getClientId(),
95
-
'code_verifier' => $request->codeVerifier,
96
-
]);
91
+
->post($tokenUrl, array_merge(
92
+
$this->clientAssertion->getAuthParams($request->pdsEndpoint),
93
+
[
94
+
'grant_type' => 'authorization_code',
95
+
'code' => $code,
96
+
'redirect_uri' => $this->metadata->getRedirectUris()[0] ?? null,
97
+
'code_verifier' => $request->codeVerifier,
98
+
]
99
+
));
97
100
98
101
if ($response->failed()) {
99
102
throw new AuthenticationException('Token exchange failed: '.$response->body());
···
120
123
121
124
$response = $this->dpopClient->request($pdsEndpoint, $parUrl, 'POST', $dpopKey)
122
125
->asForm()
123
-
->post($parUrl, [
124
-
'client_id' => $this->metadata->getClientId(),
125
-
'redirect_uri' => $this->metadata->getRedirectUris()[0] ?? null,
126
-
'response_type' => 'code',
127
-
'scope' => implode(' ', $scopes),
128
-
'code_challenge' => $codeChallenge,
129
-
'code_challenge_method' => 'S256',
130
-
'state' => $state,
131
-
]);
126
+
->post($parUrl, array_merge(
127
+
$this->clientAssertion->getAuthParams($pdsEndpoint),
128
+
[
129
+
'redirect_uri' => $this->metadata->getRedirectUris()[0] ?? null,
130
+
'response_type' => 'code',
131
+
'scope' => implode(' ', $scopes),
132
+
'code_challenge' => $codeChallenge,
133
+
'code_challenge_method' => 'S256',
134
+
'state' => $state,
135
+
]
136
+
));
132
137
133
138
if ($response->failed()) {
134
139
throw new AuthenticationException('PAR failed: '.$response->body());