Skip to content

Commit

Permalink
fix: ensure authentication server use config
Browse files Browse the repository at this point in the history
  • Loading branch information
warlof committed Aug 19, 2022
1 parent a1660bf commit 8319ead
Showing 1 changed file with 24 additions and 11 deletions.
35 changes: 24 additions & 11 deletions src/Socialite/EveOnline/Provider.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
/*
* This file is part of SeAT
*
* Copyright (C) 2015 to 2021 Leon Jacobs
* Copyright (C) 2015 to 2022 Leon Jacobs
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
Expand Down Expand Up @@ -52,12 +52,12 @@ class Provider extends AbstractProvider
/**
* Get the authentication URL for the provider.
*
* @param string $state
* @param string $state
* @return string
*/
protected function getAuthUrl($state)
{
return $this->buildAuthUrlFromBase('https://login.eveonline.com/v2/oauth/authorize', $state);
return $this->buildAuthUrlFromBase(sprintf('%s/v2/oauth/authorize', $this->getAuthenticationBaseUri()), $state);
}

/**
Expand All @@ -67,13 +67,13 @@ protected function getAuthUrl($state)
*/
protected function getTokenUrl()
{
return 'https://login.eveonline.com/v2/oauth/token';
return sprintf('%s/v2/oauth/token', $this->getAuthenticationBaseUri());
}

/**
* Get the raw user for the given access token.
*
* @param string $token
* @param string $token
* @return array
*/
protected function getUserByToken($token)
Expand All @@ -84,7 +84,7 @@ protected function getUserByToken($token)
/**
* Map the raw user array to a Socialite User instance.
*
* @param array $user
* @param array $user
* @return \Laravel\Socialite\Two\User
*/
protected function mapUserToObject(array $user)
Expand Down Expand Up @@ -112,22 +112,34 @@ protected function mapUserToObject(array $user)
/**
* Get the POST fields for the token request.
*
* @param string $code
*
* @param string $code
* @return array
*/
protected function getTokenFields($code)
{
return array_merge(parent::getTokenFields($code), ['grant_type' => 'authorization_code']);
}

/**
* Return authentication server base URI.
*
* @return string
*/
private function getAuthenticationBaseUri()
{
return sprintf('%s://%s:%d',
config('esi.eseye_sso_scheme', 'https'), // authentication server scheme
config('esi.eseye_sso_host', 'login.eveonline.com'), // authentication server host
config('esi.eseye_sso_port', 443)); // authentication server port
}

/**
* @return string
*/
private function getJwkUri(): string
{
$response = $this->getHttpClient()
->get('https://login.eveonline.com/.well-known/oauth-authorization-server');
->get(sprintf('%s/.well-known/oauth-authorization-server', $this->getAuthenticationBaseUri()));

$metadata = json_decode($response->getBody());

Expand All @@ -148,8 +160,9 @@ private function getJwkSets(): array
}

/**
* @param string $access_token
* @param string $access_token
* @return array
*
* @throws \Exception
*/
private function validateJwtToken(string $access_token): array
Expand All @@ -166,7 +179,7 @@ private function validateJwtToken(string $access_token): array
$jws = Load::jws($access_token)
->algs(['RS256', 'ES256', 'HS256'])
->exp()
->iss('login.eveonline.com')
->iss(config('esi.eseye_sso_host', 'login.eveonline.com'))
->header('typ', new TypeChecker(['JWT'], true))
->claim('scp', new ScpChecker($scopes))
->claim('sub', new SubEveCharacterChecker())
Expand Down

0 comments on commit 8319ead

Please sign in to comment.