[11.x] Custom authorization view response (#1629)

* Implements authorization view response contract that allows for being overridden with custom views

* Updated namespace

* Updated namespace

* Moved individual arguments to an array of parameters and one argument

* Removed authorize return type

* Remove old return statement

* Add IntelliJ IDE files to gitignore

* Formatting

* Update tests

* Update rest of tests with new response class

* Style fixes and make sure parameters pushed to authorization view are in an array.

* Remove parameters from authorization view function

* Update .gitignore

* Update src/Contracts/AuthorizationViewResponse.php

Co-authored-by: Choraimy Kroonstuiver <[email protected]>

* Update src/Http/Responses/AuthorizationViewResponse.php

Co-authored-by: Choraimy Kroonstuiver <[email protected]>

* Updated doc block return types

* formatting

* remove extra line

---------

Co-authored-by: Dries Vints <[email protected]>
Co-authored-by: Choraimy Kroonstuiver <[email protected]>
Co-authored-by: Taylor Otwell <[email protected]>

Author: 4 people

src/Contracts/AuthorizationViewResponse.php

@@ -0,0 +1,16 @@
+<?php
+
+namespace Laravel\Passport\Contracts;
+
+use Illuminate\Contracts\Support\Responsable;
+
+interface AuthorizationViewResponse extends Responsable
+{
+    /**
+     * Specify the parameters that should be passed to the view.
+     *
+     * @param  array  $parameters
+     * @return $this
+     */
+    public function withParameters($parameters = []);
+}

src/Http/Controllers/AuthorizationController.php

@@ -3,11 +3,11 @@
 namespace Laravel\Passport\Http\Controllers;
 
 use Illuminate\Contracts\Auth\StatefulGuard;
-use Illuminate\Contracts\Routing\ResponseFactory;
 use Illuminate\Http\Request;
 use Illuminate\Support\Str;
 use Laravel\Passport\Bridge\User;
 use Laravel\Passport\ClientRepository;
+use Laravel\Passport\Contracts\AuthorizationViewResponse;
 use Laravel\Passport\Exceptions\AuthenticationException;
 use Laravel\Passport\Passport;
 use Laravel\Passport\TokenRepository;
@@ -28,34 +28,33 @@ class AuthorizationController
     protected $server;
 
     /**
-     * The response factory implementation.
+     * The guard implementation.
      *
-     * @var \Illuminate\Contracts\Routing\ResponseFactory
+     * @var \Illuminate\Contracts\Auth\StatefulGuard
      */
-    protected $response;
+    protected $guard;
 
     /**
-     * The guard implementation.
+     * The authorization view response implementation.
      *
-     * @var \Illuminate\Contracts\Auth\StatefulGuard
+     * @var \Laravel\Passport\Contracts\AuthorizationViewResponse
      */
-    protected $guard;
+    protected $response;
 
     /**
      * Create a new controller instance.
      *
      * @param  \League\OAuth2\Server\AuthorizationServer  $server
-     * @param  \Illuminate\Contracts\Routing\ResponseFactory  $response
      * @param  \Illuminate\Contracts\Auth\StatefulGuard  $guard
      * @return void
      */
     public function __construct(AuthorizationServer $server,
-                                ResponseFactory $response,
-                                StatefulGuard $guard)
+                                StatefulGuard $guard,
+                                AuthorizationViewResponse $response)
     {
         $this->server = $server;
-        $this->response = $response;
         $this->guard = $guard;
+        $this->response = $response;
     }
 
     /**
@@ -65,7 +64,7 @@ public function __construct(AuthorizationServer $server,
      * @param  \Illuminate\Http\Request  $request
      * @param  \Laravel\Passport\ClientRepository  $clients
      * @param  \Laravel\Passport\TokenRepository  $tokens
-     * @return \Illuminate\Http\Response
+     * @return \Laravel\Passport\Contracts\AuthorizationViewResponse
      */
     public function authorize(ServerRequestInterface $psrRequest,
                               Request $request,
@@ -109,7 +108,7 @@ public function authorize(ServerRequestInterface $psrRequest,
         $request->session()->put('authToken', $authToken = Str::random());
         $request->session()->put('authRequest', $authRequest);
 
-        return $this->response->view('passport::authorize', [
+        return $this->response->withParameters([
             'client' => $client,
             'user' => $user,
             'scopes' => $scopes,

src/Http/Responses/AuthorizationViewResponse.php

@@ -0,0 +1,68 @@
+<?php
+
+namespace Laravel\Passport\Http\Responses;
+
+use Illuminate\Contracts\Support\Responsable;
+use Laravel\Passport\Contracts\AuthorizationViewResponse as AuthorizationViewResponseContract;
+
+class AuthorizationViewResponse implements AuthorizationViewResponseContract
+{
+    /**
+     * The name of the view or the callable used to generate the view.
+     *
+     * @var string
+     */
+    protected $view;
+
+    /**
+     * An array of arguments that may be passed to the view response and used in the view.
+     *
+     * @var string
+     */
+    protected $parameters;
+
+    /**
+     * Create a new response instance.
+     *
+     * @param  callable|string  $view
+     * @return void
+     */
+    public function __construct($view)
+    {
+        $this->view = $view;
+    }
+
+    /**
+     * Add parameters to response.
+     *
+     * @param  array  $parameters
+     * @return $this
+     */
+    public function withParameters($parameters = [])
+    {
+        $this->parameters = $parameters;
+
+        return $this;
+    }
+
+    /**
+     * Create an HTTP response that represents the object.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @return \Symfony\Component\HttpFoundation\Response
+     */
+    public function toResponse($request)
+    {
+        if (! is_callable($this->view) || is_string($this->view)) {
+            return response()->view($this->view, $this->parameters);
+        }
+
+        $response = call_user_func($this->view, $this->parameters);
+
+        if ($response instanceof Responsable) {
+            return $response->toResponse($request);
+        }
+
+        return $response;
+    }
+}

src/Passport.php

@@ -6,6 +6,8 @@
 use DateInterval;
 use DateTimeInterface;
 use Illuminate\Contracts\Encryption\Encrypter;
+use Laravel\Passport\Contracts\AuthorizationViewResponse as AuthorizationViewResponseContract;
+use Laravel\Passport\Http\Responses\AuthorizationViewResponse;
 use League\OAuth2\Server\ResourceServer;
 use Mockery;
 use Psr\Http\Message\ServerRequestInterface;
@@ -644,6 +646,19 @@ public static function tokenEncryptionKey(Encrypter $encrypter)
             $encrypter->getKey();
     }
 
+    /**
+     * Specify which view should be used as the authorization view.
+     *
+     * @param  callable|string  $view
+     * @return void
+     */
+    public static function authorizationView($view)
+    {
+        app()->singleton(AuthorizationViewResponseContract::class, function ($app) use ($view) {
+            return new AuthorizationViewResponse($view);
+        });
+    }
+
     /**
      * Configure Passport to not register its routes.
      *

src/PassportServiceProvider.php

@@ -145,6 +145,8 @@ public function register()
         $this->registerJWTParser();
         $this->registerResourceServer();
         $this->registerGuard();
+
+        Passport::authorizationView('passport::authorize');
     }
 
     /**

tests/Unit/AuthorizationControllerTest.php

@@ -3,14 +3,14 @@
 namespace Laravel\Passport\Tests\Unit;
 
 use Illuminate\Contracts\Auth\StatefulGuard;
-use Illuminate\Contracts\Routing\ResponseFactory;
 use Illuminate\Http\Request;
 use Laravel\Passport\Bridge\Scope;
 use Laravel\Passport\Client;
 use Laravel\Passport\ClientRepository;
 use Laravel\Passport\Exceptions\AuthenticationException;
 use Laravel\Passport\Exceptions\OAuthServerException;
 use Laravel\Passport\Http\Controllers\AuthorizationController;
+use Laravel\Passport\Http\Responses\AuthorizationViewResponse;
 use Laravel\Passport\Passport;
 use Laravel\Passport\Token;
 use Laravel\Passport\TokenRepository;
@@ -37,10 +37,10 @@ public function test_authorization_view_is_presented()
         ]);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $guard->shouldReceive('user')->andReturn($user = m::mock());
@@ -58,21 +58,20 @@ public function test_authorization_view_is_presented()
 
         $clients = m::mock(ClientRepository::class);
         $clients->shouldReceive('find')->with(1)->andReturn($client = m::mock(Client::class));
-
         $client->shouldReceive('skipsAuthorization')->andReturn(false);
 
-        $response->shouldReceive('view')->once()->andReturnUsing(function ($view, $data) use ($client, $user) {
-            $this->assertSame('passport::authorize', $view);
+        $tokens = m::mock(TokenRepository::class);
+        $tokens->shouldReceive('findValidToken')->with($user, $client)->andReturnNull();
+
+        $response->shouldReceive('withParameters')->once()->andReturnUsing(function ($data) use ($client, $user, $request) {
             $this->assertEquals($client, $data['client']);
             $this->assertEquals($user, $data['user']);
+            $this->assertEquals($request, $data['request']);
             $this->assertSame('description', $data['scopes'][0]->description);
 
             return 'view';
         });
 
-        $tokens = m::mock(TokenRepository::class);
-        $tokens->shouldReceive('findValidToken')->with($user, $client)->andReturnNull();
-
         $this->assertSame('view', $controller->authorize(
             m::mock(ServerRequestInterface::class), $request, $clients, $tokens
         ));
@@ -81,10 +80,10 @@ public function test_authorization_view_is_presented()
     public function test_authorization_exceptions_are_handled()
     {
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $server->shouldReceive('validateAuthorizationRequest')->andThrow(LeagueException::invalidCredentials());
@@ -109,10 +108,10 @@ public function test_request_is_approved_if_valid_token_exists()
         ]);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $guard->shouldReceive('user')->andReturn($user = m::mock());
@@ -159,10 +158,10 @@ public function test_request_is_approved_if_client_can_skip_authorization()
         ]);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $guard->shouldReceive('user')->andReturn($user = m::mock());
@@ -208,10 +207,10 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal
         ]);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $guard->shouldReceive('user')->andReturn($user = m::mock());
@@ -235,10 +234,10 @@ public function test_authorization_view_is_presented_if_request_has_prompt_equal
         $tokens = m::mock(TokenRepository::class);
         $tokens->shouldNotReceive('findValidToken');
 
-        $response->shouldReceive('view')->once()->andReturnUsing(function ($view, $data) use ($client, $user) {
-            $this->assertSame('passport::authorize', $view);
+        $response->shouldReceive('withParameters')->once()->andReturnUsing(function ($data) use ($client, $user, $request) {
             $this->assertEquals($client, $data['client']);
             $this->assertEquals($user, $data['user']);
+            $this->assertEquals($request, $data['request']);
             $this->assertSame('description', $data['scopes'][0]->description);
 
             return 'view';
@@ -258,10 +257,10 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none()
         ]);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $guard->shouldReceive('user')->andReturn($user = m::mock());
@@ -300,10 +299,10 @@ public function test_authorization_denied_if_request_has_prompt_equals_to_none()
     public function test_authorization_denied_if_unauthenticated_and_request_has_prompt_equals_to_none()
     {
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(true);
         $server->shouldReceive('validateAuthorizationRequest')
@@ -341,10 +340,10 @@ public function test_logout_and_prompt_login_if_request_has_prompt_equals_to_log
         $this->expectException(AuthenticationException::class);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(false);
         $server->shouldReceive('validateAuthorizationRequest')->once();
@@ -372,10 +371,10 @@ public function test_user_should_be_authenticated()
         $this->expectException(AuthenticationException::class);
 
         $server = m::mock(AuthorizationServer::class);
-        $response = m::mock(ResponseFactory::class);
+        $response = m::mock(AuthorizationViewResponse::class);
         $guard = m::mock(StatefulGuard::class);
 
-        $controller = new AuthorizationController($server, $response, $guard);
+        $controller = new AuthorizationController($server, $guard, $response);
 
         $guard->shouldReceive('guest')->andReturn(true);
         $server->shouldReceive('validateAuthorizationRequest')->once();