/** * {@inheritdoc} */ public function prepareGrantTypeResponse(ServerRequestInterface $request, GrantTypeResponseInterface &$grant_type_response) { $assertion = RequestBody::getParameter($request, 'assertion'); if (null === $assertion) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Parameter "assertion" is missing.'); } $jwt = $this->getJWTLoader()->load($assertion); if (!$jwt instanceof JWSInterface) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Assertion does not contain signed claims.'); } if (!$jwt->hasClaim('sub')) { throw $this->getExceptionManager()->getException(ExceptionManagerInterface::BAD_REQUEST, ExceptionManagerInterface::INVALID_REQUEST, 'Assertion does not contain "sub" claims.'); } //We modify the response: // - We add the subject as the client public id // - We transmit the JWT to the response for further needs $grant_type_response->setClientPublicId($jwt->getClaim('sub')); $grant_type_response->setAdditionalData('jwt', $jwt); }
/** * {@inheritdoc} */ public function prepareGrantTypeResponse(ServerRequestInterface $request, GrantTypeResponseInterface &$grant_type_response) { $assertion = RequestBody::getParameter($request, 'assertion'); try { Assertion::notNull($assertion, 'Parameter "assertion" is missing.'); $jwt = $this->getJWTLoader()->load($assertion, $this->key_encryption_key_set, $this->encryption_required); Assertion::isInstanceOf($jwt, JWSInterface::class, 'Assertion does not contain signed claims.'); Assertion::true($jwt->hasClaim('sub'), 'Assertion does not contain "sub" claims.'); } catch (\Exception $e) { throw $this->getExceptionManager()->getBadRequestException(ExceptionManagerInterface::ERROR_INVALID_REQUEST, $e->getMessage()); } //We modify the response: // - We add the subject as the client public id // - We transmit the JWT to the response for further needs $grant_type_response->setClientPublicId($jwt->getClaim('sub')); $grant_type_response->setAdditionalData('jwt', $jwt); }