From dfe607057a4061906ce0c09acb17408281c2fc8e Mon Sep 17 00:00:00 2001
From: Yaro WebDev <yg@think.studio>
Date: Fri, 21 Jan 2022 11:06:09 +0200
Subject: [PATCH 1/3] Allow to use custom authorization server response

---
 src/Passport.php                            |  7 +++
 src/PassportServiceProvider.php             |  3 +-
 tests/Feature/AccessTokenControllerTest.php | 57 +++++++++++++++++++++
 3 files changed, 66 insertions(+), 1 deletion(-)

diff --git a/src/Passport.php b/src/Passport.php
index 8b6fc42b0..d536b06bd 100644
--- a/src/Passport.php
+++ b/src/Passport.php
@@ -36,6 +36,13 @@ class Passport
         //
     ];
 
+    /**
+     * The authorization server response formatter.
+     *
+     * @var \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface|null
+     */
+    public static $authorizationServerResponseType = null;
+
     /**
      * The date when access tokens expire.
      *
diff --git a/src/PassportServiceProvider.php b/src/PassportServiceProvider.php
index 0418d43ca..e87b51846 100644
--- a/src/PassportServiceProvider.php
+++ b/src/PassportServiceProvider.php
@@ -212,7 +212,8 @@ public function makeAuthorizationServer()
             $this->app->make(Bridge\AccessTokenRepository::class),
             $this->app->make(Bridge\ScopeRepository::class),
             $this->makeCryptKey('private'),
-            app('encrypter')->getKey()
+            app('encrypter')->getKey(),
+            Passport::$authorizationServerResponseType
         );
     }
 
diff --git a/tests/Feature/AccessTokenControllerTest.php b/tests/Feature/AccessTokenControllerTest.php
index cb1052482..451107d30 100644
--- a/tests/Feature/AccessTokenControllerTest.php
+++ b/tests/Feature/AccessTokenControllerTest.php
@@ -10,6 +10,7 @@
 use Laravel\Passport\ClientRepository;
 use Laravel\Passport\Database\Factories\ClientFactory;
 use Laravel\Passport\HasApiTokens;
+use Laravel\Passport\Passport;
 use Laravel\Passport\Token;
 use Laravel\Passport\TokenRepository;
 use Lcobucci\JWT\Configuration;
@@ -270,9 +271,65 @@ public function testGettingAccessTokenWithPasswordGrantWithInvalidClientSecret()
 
         $this->assertSame(0, Token::count());
     }
+
+    public function testGettingCustomResponseType()
+    {
+        $this->withoutExceptionHandling();
+        Passport::$authorizationServerResponseType = new IdTokenResponse('foo_bar_open_id_token');
+
+        $user = new User();
+        $user->email = 'foo@gmail.com';
+        $user->password = $this->app->make(Hasher::class)->make('foobar123');
+        $user->save();
+
+        /** @var Client $client */
+        $client = ClientFactory::new()->asClientCredentials()->create(['user_id' => $user->id]);
+
+        $response = $this->post(
+            '/oauth/token',
+            [
+                'grant_type' => 'client_credentials',
+                'client_id' => $client->id,
+                'client_secret' => $client->secret,
+            ]
+        );
+
+        $response->assertOk();
+
+        $decodedResponse = $response->decodeResponseJson()->json();
+
+        $this->assertArrayHasKey('id_token', $decodedResponse);
+        $this->assertSame('foo_bar_open_id_token', $decodedResponse['id_token']);
+    }
 }
 
 class User extends \Illuminate\Foundation\Auth\User
 {
     use HasApiTokens;
 }
+
+class IdTokenResponse extends \League\OAuth2\Server\ResponseTypes\BearerTokenResponse
+{
+    /**
+     * @var string Id token.
+     */
+    protected $idToken;
+
+    /**
+     * @param  string  $idToken
+     */
+    public function __construct($idToken)
+    {
+        $this->idToken = $idToken;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    protected function getExtraParams(\League\OAuth2\Server\Entities\AccessTokenEntityInterface $accessToken)
+    {
+        return [
+            'id_token' => $this->idToken,
+        ];
+    }
+}

From 65102466dbf5274d01120cffafe28e8d483f1ce4 Mon Sep 17 00:00:00 2001
From: yaroslawww <23663794+yaroslawww@users.noreply.github.com>
Date: Fri, 21 Jan 2022 11:13:15 +0200
Subject: [PATCH 2/3] Update src/Passport.php

Remove direct initialisation as "null"

Co-authored-by: Dries Vints <dries@vints.io>
---
 src/Passport.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Passport.php b/src/Passport.php
index d536b06bd..de6a6d02c 100644
--- a/src/Passport.php
+++ b/src/Passport.php
@@ -41,7 +41,7 @@ class Passport
      *
      * @var \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface|null
      */
-    public static $authorizationServerResponseType = null;
+    public static $authorizationServerResponseType;
 
     /**
      * The date when access tokens expire.

From 4922ab7550fd399ff2697bc5e50e87bf298f71e1 Mon Sep 17 00:00:00 2001
From: Taylor Otwell <taylor@laravel.com>
Date: Fri, 21 Jan 2022 08:51:07 -0600
Subject: [PATCH 3/3] Update Passport.php

---
 src/Passport.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/Passport.php b/src/Passport.php
index de6a6d02c..fd5f7c8a8 100644
--- a/src/Passport.php
+++ b/src/Passport.php
@@ -36,13 +36,6 @@ class Passport
         //
     ];
 
-    /**
-     * The authorization server response formatter.
-     *
-     * @var \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface|null
-     */
-    public static $authorizationServerResponseType;
-
     /**
      * The date when access tokens expire.
      *
@@ -189,6 +182,13 @@ class Passport
      */
     public static $withInheritedScopes = false;
 
+    /**
+     * The authorization server response type.
+     *
+     * @var \League\OAuth2\Server\ResponseTypes\ResponseTypeInterface|null
+     */
+    public static $authorizationServerResponseType;
+
     /**
      * Enable the implicit grant type.
      *