2025-07-29 16:46:46 +02:00
7 changed files with 407 additions and 248 deletions
--- a/composer.json
+++ b/composer.json
@ -47,7 +47,8 @@
        "symfony/web-link": "7.2.*",
        "symfony/yaml": "7.2.*",
        "twig/extra-bundle": "^2.12|^3.0",
-        "twig/twig": "^2.12|^3.0"
+        "twig/twig": "^2.12|^3.0",
+      "ext-openssl": "*"
    },
    "config": {
        "allow-plugins": {
--- a/composer.lock
+++ b/composer.lock
--- a/config/services.yaml
+++ b/config/services.yaml
@ -25,6 +25,9 @@ services:
    App\EventSubscriber\ScopeResolveListener:
        tags:
            - { name: kernel.event_listener, event: league.oauth2_server.event.scope_resolve, method: onScopeResolve }
+    League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface:
+        class: App\Repository\AccessTokenRepository
+        decorates: 'League\Bundle\OAuth2ServerBundle\Repository\AccessTokenRepository'

    # add more service definitions when explicit configuration is needed
    # please note that last definitions always *replace* previous ones
--- a/migrations/Version20250521124056.php
+++ b/migrations/Version20250521124056.php
@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+namespace DoctrineMigrations;
+
+use Doctrine\DBAL\Schema\Schema;
+use Doctrine\Migrations\AbstractMigration;
+
+/**
+ * Auto-generated Migration: Please modify to your needs!
+ */
+final class Version20250521124056 extends AbstractMigration
+{
+    public function getDescription(): string
+    {
+        return '';
+    }
+
+    public function up(Schema $schema): void
+    {
+        // this up() migration is auto-generated, please modify it to your needs
+
+    }
+
+    public function down(Schema $schema): void
+    {
+        // this down() migration is auto-generated, please modify it to your needs
+        $this->addSql(<<<'SQL'
+            CREATE SCHEMA public
+        SQL);
+    }
+}
--- a/src/Entity/AccessToken.php
+++ b/src/Entity/AccessToken.php
@ -0,0 +1,37 @@
+<?php
+
+namespace App\Entity;
+
+use DateTimeImmutable;
+use Doctrine\ORM\EntityManagerInterface;
+use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
+use League\OAuth2\Server\Entities\Traits\AccessTokenTrait;
+use League\OAuth2\Server\Entities\Traits\EntityTrait;
+use League\OAuth2\Server\Entities\Traits\TokenEntityTrait;
+use App\Repository\UsersOrganizationsRepository;
+use lcobucci\JWT;
+
+final class AccessToken implements AccessTokenEntityInterface
+{
+    use AccessTokenTrait;
+    use EntityTrait;
+    use TokenEntityTrait;
+
+
+    private function convertToJWT()
+    {
+        $this->initJwtConfiguration();
+
+        return $this->jwtConfiguration->builder()
+            ->permittedFor($this->getClient()->getIdentifier())
+            ->identifiedBy($this->getIdentifier())
+            ->issuedAt(new DateTimeImmutable())
+            ->canOnlyBeUsedAfter(new DateTimeImmutable())
+            ->expiresAt($this->getExpiryDateTime())
+            ->relatedTo((string) $this->getUserIdentifier())
+            ->withClaim('scopes', $this->getScopes())
+            ->withClaim('email', $this->getUserIdentifier())
+            ->getToken($this->jwtConfiguration->signer(), $this->jwtConfiguration->signingKey());
+    }
+
+}
--- a/src/Repository/AccessTokenRepository.php
+++ b/src/Repository/AccessTokenRepository.php
@ -0,0 +1,60 @@
+<?php
+
+namespace App\Repository;
+
+use League\Bundle\OAuth2ServerBundle\Repository\AccessTokenRepository as BaseAccessTokenRepository;
+use App\Entity\AccessToken as AccessTokenEntity;
+use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
+use League\OAuth2\Server\Entities\ClientEntityInterface;
+use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;
+
+final class AccessTokenRepository implements AccessTokenRepositoryInterface
+{
+    private BaseAccessTokenRepository $baseAccessTokenRepository;
+
+    public function __construct(BaseAccessTokenRepository $baseAccessTokenRepository)
+    {
+        $this->baseAccessTokenRepository = $baseAccessTokenRepository;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getNewToken(ClientEntityInterface $clientEntity, array $scopes, $userIdentifier = null): AccessTokenEntityInterface
+    {
+        /** @var int|string|null $userIdentifier */
+        $accessToken = new AccessTokenEntity();
+        $accessToken->setClient($clientEntity);
+        $accessToken->setUserIdentifier($userIdentifier);
+
+        foreach ($scopes as $scope) {
+            $accessToken->addScope($scope);
+        }
+
+        return $accessToken;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function persistNewAccessToken(AccessTokenEntityInterface $accessTokenEntity): void
+    {
+        $this->baseAccessTokenRepository->persistNewAccessToken($accessTokenEntity);
+    }
+
+    /**
+     * @param string $tokenId
+     */
+    public function revokeAccessToken($tokenId): void
+    {
+        $this->baseAccessTokenRepository->revokeAccessToken($tokenId);
+    }
+
+    /**
+     * @param string $tokenId
+     */
+    public function isAccessTokenRevoked($tokenId): bool
+    {
+        return $this->baseAccessTokenRepository->isAccessTokenRevoked($tokenId);
+    }
+}
--- a/src/Service/AccessTokenService.php
+++ b/src/Service/AccessTokenService.php
@ -0,0 +1,16 @@
+<?php
+
+namespace App\Service;
+
+use App\Repository\UsersOrganizationsRepository;
+
+class AccessTokenService
+{
+
+
+    public function __construct()
+    {
+    }
+
+
+}