Fix #9297 - V8 API Auth issues on windows

salesagility · Sep 23, 2021 · a880217 · a880217
1 parent ef5bb8c
commit a880217
Showing 1 changed file with 16 additions and 9 deletions.
diff --git a/Api/V8/Config/services/middlewares.php b/Api/V8/Config/services/middlewares.php
@@ -9,6 +9,7 @@
 use Api\V8\OAuth2\Repository\RefreshTokenRepository;
 use Api\V8\OAuth2\Repository\ScopeRepository;
 use Api\V8\OAuth2\Repository\UserRepository;
+use League\OAuth2\Server\Grant\ClientCredentialsGrant;
 use Psr\Container\ContainerInterface as Container;
 use League\OAuth2\Server\AuthorizationServer;
 use League\OAuth2\Server\Grant\PasswordGrant;
@@ -19,7 +20,7 @@
 use League\OAuth2\Server\CryptKey;
 
 return CustomLoader::mergeCustomArray([
-    AuthorizationServer::class => function (Container $container) {
+    AuthorizationServer::class => static function (Container $container) {
         // base dir must exist in entryPoint.php
         $baseDir = $GLOBALS['BASE_DIR'];
 
@@ -41,7 +42,7 @@
                 $shouldCheckPermissions
             ),
             new CryptKey(
-                sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PRIVATE_KEY),
+                sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PUBLIC_KEY),
                 null,
                 $shouldCheckPermissions
             )
@@ -60,8 +61,8 @@
 
         // Client credentials grant
         $server->enableGrantType(
-            new \League\OAuth2\Server\Grant\ClientCredentialsGrant(),
-            new \DateInterval('PT1H')
+            new ClientCredentialsGrant(),
+            new DateInterval('PT1H')
         );
 
         // Password credentials grant
@@ -70,31 +71,37 @@
                 new UserRepository($container->get(BeanManager::class)),
                 new RefreshTokenRepository($container->get(BeanManager::class))
             ),
-            new \DateInterval('PT1H')
+            new DateInterval('PT1H')
         );
 
         $refreshGrant = new RefreshTokenGrant(
             new RefreshTokenRepository($container->get(BeanManager::class))
         );
 
-        $refreshGrant->setRefreshTokenTTL(new \DateInterval('P1M'));
+        $refreshGrant->setRefreshTokenTTL(new DateInterval('P1M'));
 
         $server->enableGrantType(
             $refreshGrant,
-            new \DateInterval('PT1H')
+            new DateInterval('PT1H')
         );
 
         return $server;
     },
-    ResourceServer::class => function (Container $container) {
+    ResourceServer::class => static function (Container $container) {
         $baseDir = $GLOBALS['BASE_DIR'];
 
+        $shouldCheckPermissions = OsHelper::getOS() !== OsHelper::OS_WINDOWS;
+
         return new ResourceServer(
             new AccessTokenRepository(
                 new AccessTokenEntity(),
                 $container->get(BeanManager::class)
             ),
-            sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PUBLIC_KEY)
+            new CryptKey(
+                sprintf('file://%s/%s', $baseDir, ApiConfig::OAUTH2_PUBLIC_KEY),
+                null,
+                $shouldCheckPermissions
+            )
         );
     },
 ], basename(__FILE__));