Fix backwards compatibility for aud

thephpleague · Nov 24, 2020 · 7efa91c · 7efa91c
1 parent 9a58173
commit 7efa91c
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 9 deletions.
diff --git a/src/AuthorizationValidators/BearerTokenValidator.php b/src/AuthorizationValidators/BearerTokenValidator.php
@@ -95,13 +95,6 @@ public function validateAuthorization(ServerRequestInterface $request)
             // Attempt to parse and validate the JWT
             $token = $this->jwtConfiguration->parser()->parse($jwt);
 
-            /*$this->jwtConfiguration->setValidationConstraints(
-                new SignedWith(
-                    new Sha256(),
-                    LocalFileReference::file($this->publicKey->getKeyPath())
-                )
-            );*/
-
             $constraints = $this->jwtConfiguration->validationConstraints();
 
             try {
@@ -123,8 +116,20 @@ public function validateAuthorization(ServerRequestInterface $request)
         // Return the request with additional attributes
         return $request
             ->withAttribute('oauth_access_token_id', $claims->get('jti'))
-            ->withAttribute('oauth_client_id', $claims->get('aud'))
+            ->withAttribute('oauth_client_id', $this->convertSingleRecordAudToString($claims->get('aud')))
             ->withAttribute('oauth_user_id', $claims->get('sub'))
             ->withAttribute('oauth_scopes', $claims->get('scopes'));
     }
+
+    /**
+     * Convert single record arrays into strings to ensure backwards compatibility between v4 and v3.x of lcobucci/jwt
+     *
+     * @param $aud
+     *
+     * @return array|string
+     */
+    private function convertSingleRecordAudToString($aud)
+    {
+        return count($aud) === 1 ? $aud[0] : $aud;
+    }
 }
diff --git a/tests/ResponseTypes/BearerResponseTypeTest.php b/tests/ResponseTypes/BearerResponseTypeTest.php
@@ -147,7 +147,7 @@ public function testDetermineAccessTokenInHeaderValidToken()
         $request = $authorizationValidator->validateAuthorization($request);
 
         $this->assertEquals('abcdef', $request->getAttribute('oauth_access_token_id'));
-        $this->assertContains('clientName', $request->getAttribute('oauth_client_id'));
+        $this->assertEquals('clientName', $request->getAttribute('oauth_client_id'));
         $this->assertEquals('123', $request->getAttribute('oauth_user_id'));
         $this->assertEquals([], $request->getAttribute('oauth_scopes'));
     }