Fix login query

OXID-eSales · Feb 14, 2024 · 5931530 · 5931530
1 parent dc21739
commit 5931530
Show file tree

Hide file tree

Showing 3 changed files with 42 additions and 29 deletions.
diff --git a/src/Controller/Login.php b/src/Controller/Login.php
@@ -10,13 +10,13 @@
 namespace OxidEsales\GraphQL\Base\Controller;
 
 use OxidEsales\GraphQL\Base\DataType\Login as DataTypeLogin;
-use OxidEsales\GraphQL\Base\Service\AccessToken as AccessTokenService;
+use OxidEsales\GraphQL\Base\Service\RefreshToken as RefreshTokenService;
 use TheCodingMachine\GraphQLite\Annotations\Query;
 
 class Login
 {
     public function __construct(
-        protected AccessTokenService $accessTokenService
+        protected RefreshTokenService $tokenService
     ) {
     }
 

diff --git a/src/Infrastructure/RefreshToken.php b/src/Infrastructure/RefreshToken.php
@@ -13,6 +13,7 @@
 use OxidEsales\EshopCommunity\Internal\Framework\Database\QueryBuilderFactoryInterface;
 use OxidEsales\GraphQL\Base\DataType\RefreshToken as RefreshTokenDataType;
 use OxidEsales\GraphQL\Base\DataType\User as UserDataType;
+use OxidEsales\GraphQL\Base\Exception\InvalidToken;
 use OxidEsales\GraphQL\Base\Infrastructure\Model\RefreshToken as RefreshTokenModel;
 use PDO;
 
@@ -120,6 +121,24 @@ public function tokenDelete(?UserDataType $user = null, ?string $tokenId = null,
         return is_object($result) ? $result->columnCount() : (int)$result;
     }
 
+    public function getTokenUser(string $token): UserDataType
+    {
+        $queryBuilder = $this->queryBuilderFactory->create()
+            ->select('OXUSERID')
+            ->from('oegraphqlrefreshtoken')
+            ->where('TOKEN = :token')
+            ->setParameter('token', $token);
+        $userId = $queryBuilder->execute()->fetchOne();
+
+        if ($userId === false) {
+            throw new InvalidToken('Invalid refresh token');
+        }
+
+        $userModel = $this->legacyInfrastructure->getUserModel($userId);
+
+        return new UserDataType($userModel);
+    }
+
     public function userHasToken(UserDataType $user, string $tokenId): bool
     {
         $queryBuilder = $this->queryBuilderFactory->create();

diff --git a/src/Service/AccessToken.php b/src/Service/AccessToken.php
@@ -17,7 +17,8 @@
 use OxidEsales\GraphQL\Base\Exception\InvalidToken;
 use OxidEsales\GraphQL\Base\Exception\TokenQuota;
 use OxidEsales\GraphQL\Base\Infrastructure\Legacy;
-use OxidEsales\GraphQL\Base\Infrastructure\AccessToken as TokenInfrastructure;
+use OxidEsales\GraphQL\Base\Infrastructure\AccessToken as AccessTokenInfrastructure;
+use OxidEsales\GraphQL\Base\Infrastructure\RefreshToken as RefreshTokenInfrastructure;
 use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use TheCodingMachine\GraphQLite\Types\ID;
 
@@ -51,23 +52,28 @@ class AccessToken
     /** @var ModuleConfiguration */
     private $moduleConfiguration;
 
-    /** @var TokenInfrastructure */
-    private $tokenInfrastructure;
+    /** @var AccessTokenInfra */
+    private $accessTokenInfra;
+
+    /** @var RefreshTokenInfra */
+    private $refreshTokenInfra;
 
     public function __construct(
         ?UnencryptedToken $token,
         JwtConfigurationBuilder $jwtConfigurationBuilder,
         Legacy $legacyInfrastructure,
         EventDispatcherInterface $eventDispatcher,
         ModuleConfiguration $moduleConfiguration,
-        TokenInfrastructure $tokenInfrastructure
+        AccessTokenInfrastructure $accessTokenInfra,
+        RefreshTokenInfrastructure $refreshTokenInfra
     ) {
         $this->token = $token;
         $this->jwtConfigurationBuilder = $jwtConfigurationBuilder;
         $this->legacyInfrastructure = $legacyInfrastructure;
         $this->eventDispatcher = $eventDispatcher;
         $this->moduleConfiguration = $moduleConfiguration;
-        $this->tokenInfrastructure = $tokenInfrastructure;
+        $this->accessTokenInfra = $accessTokenInfra;
+        $this->refreshTokenInfra = $refreshTokenInfra;
     }
 
     /**
@@ -89,27 +95,15 @@ public function getToken(): ?UnencryptedToken
         return $this->token;
     }
 
-    public function createRefreshToken(?string $username = null, ?string $password = null): string
-    {
-        /** @var UserDataType $user */
-        $user = $this->legacyInfrastructure->login($username, $password);
-        $this->removeExpiredTokens($user);
-
-        $token = 'bla';
-
-        $this->tokenInfrastructure->saveRefreshToken($token);
-
-        return $token;
-    }
-
     /**
      * @throws InvalidLogin
      * @throws TokenQuota
      */
-    public function createToken(?string $username = null, ?string $password = null): UnencryptedToken
+    public function createToken(string $refreshToken): UnencryptedToken
     {
+        $refreshToken = $this->refreshTokenInfra->
         /** @var UserDataType $user */
-        $user = $this->legacyInfrastructure->login($username, $password);
+        $user = $this->refreshTokenInfra->getTokenUser($refreshToken);
         $this->removeExpiredTokens($user);
         $this->canIssueToken($user);
 
@@ -149,17 +143,17 @@ public function deleteToken(ID $tokenId): void
     {
         $tokenId = (string)$tokenId;
 
-        if ($this->tokenInfrastructure->isTokenRegistered($tokenId)) {
-            $this->tokenInfrastructure->tokenDelete(null, $tokenId);
+        if ($this->accessTokenInfra->isTokenRegistered($tokenId)) {
+            $this->accessTokenInfra->tokenDelete(null, $tokenId);
         } else {
             throw InvalidToken::unknownToken();
         }
     }
 
     public function deleteUserToken(UserDataType $user, ID $tokenId): void
     {
-        if ($this->tokenInfrastructure->userHasToken($user, (string)$tokenId)) {
-            $this->tokenInfrastructure->tokenDelete($user, (string)$tokenId);
+        if ($this->accessTokenInfra->userHasToken($user, (string)$tokenId)) {
+            $this->accessTokenInfra->tokenDelete($user, (string)$tokenId);
         } else {
             throw InvalidToken::unknownToken();
         }
@@ -172,15 +166,15 @@ private function registerToken(
         DateTimeImmutable $expire
     ): void {
         if (!$user->isAnonymous()) {
-            $this->tokenInfrastructure->registerToken($token, $time, $expire);
+            $this->accessTokenInfra->registerToken($token, $time, $expire);
         }
     }
 
     private function canIssueToken(UserDataType $user): void
     {
         if (
             !$user->isAnonymous() &&
-            !$this->tokenInfrastructure->canIssueToken($user, $this->moduleConfiguration->getUserTokenQuota())
+            !$this->accessTokenInfra->canIssueToken($user, $this->moduleConfiguration->getUserTokenQuota())
         ) {
             throw TokenQuota::quotaExceeded();
         }
@@ -189,7 +183,7 @@ private function canIssueToken(UserDataType $user): void
     private function removeExpiredTokens(UserDataType $user): void
     {
         if (!$user->isAnonymous()) {
-            $this->tokenInfrastructure->removeExpiredTokens($user);
+            $this->accessTokenInfra->removeExpiredTokens($user);
         }
     }
 }