From e1d61dca8c784ccffeac6da82f8aa566ec652319 Mon Sep 17 00:00:00 2001
From: Oleksii Yatsenko <yatsenkolesh@gmail.com>
Date: Mon, 2 Sep 2024 01:03:31 +0100
Subject: [PATCH] Dont create new token on auth

---
 .../Auth/Entities/AccessToken/AccessToken.php | 33 ++++++++-
 Modules/Auth/Services/Auth/Authenticator.php  | 11 ++-
 .../Services/Auth/AuthenticatorWithGoogle.php | 12 +++-
 .../Services/Auth/JwtGetterByUserService.php  | 70 +++++++++++++++++++
 .../Services/Auth/ShortTokenAuthorizer.php    | 13 ++--
 5 files changed, 126 insertions(+), 13 deletions(-)
 create mode 100644 Modules/Auth/Services/Auth/JwtGetterByUserService.php

diff --git a/Modules/Auth/Entities/AccessToken/AccessToken.php b/Modules/Auth/Entities/AccessToken/AccessToken.php
index 3e0b696..1ffb755 100644
--- a/Modules/Auth/Entities/AccessToken/AccessToken.php
+++ b/Modules/Auth/Entities/AccessToken/AccessToken.php
@@ -14,18 +14,41 @@ class AccessToken
      */
     private $accessToken;
 
-    public function __construct(PersonalAccessTokenResult $accessToken)
-    {
+    private ?string $tokenString = null;
+
+    private ?string $expiresAt = null;
+
+    private ?string $entityId = null;
+
+    public function __construct(
+        ?PersonalAccessTokenResult $accessToken,
+        ?string $token = null,
+        ?string $expiresAt = null,
+        ?string $entityId = null
+    ) {
         $this->accessToken = $accessToken;
+        if ($token) {
+            $this->tokenString = $token;
+        }
+        if ($expiresAt) {
+            $this->expiresAt = $expiresAt;
+        }
+        if ($entityId) {
+            $this->entityId = $entityId;
+        }
     }
 
     public function getToken(): string
     {
-        return $this->accessToken->accessToken;
+        return $this->tokenString ?? $this->accessToken->accessToken;
     }
 
     public function expiresAt(): string
     {
+        if ($this->expiresAt) {
+            return $this->expiresAt;
+        }
+
         /**
          * @var Carbon $expiresAt
          */
@@ -35,6 +58,10 @@ public function expiresAt(): string
 
     public function getEntityId(): string
     {
+        if ($this->entityId) {
+            return $this->entityId;
+        }
+
         return $this->accessToken->token->getAttribute('id');
     }
 
diff --git a/Modules/Auth/Services/Auth/Authenticator.php b/Modules/Auth/Services/Auth/Authenticator.php
index 76e2bd2..af18263 100644
--- a/Modules/Auth/Services/Auth/Authenticator.php
+++ b/Modules/Auth/Services/Auth/Authenticator.php
@@ -17,9 +17,14 @@ class Authenticator
      */
     private $userRepository;
 
-    public function __construct(UserRepository $userRepository)
-    {
+    private JwtGetterByUserService $jwtGetterByUserService;
+
+    public function __construct(
+        UserRepository $userRepository,
+        JwtGetterByUserService $jwtGetterByUserService
+    ) {
         $this->userRepository = $userRepository;
+        $this->jwtGetterByUserService = $jwtGetterByUserService;
     }
 
     /**
@@ -37,7 +42,7 @@ public function auth(AuthRequestDTO $authRequestDTO): UserWithAccessToken
 
         return new UserWithAccessToken(
             $user,
-            new AccessToken($user->createToken('default')),
+            $this->jwtGetterByUserService->getByUser($user),
             false
         );
     }
diff --git a/Modules/Auth/Services/Auth/AuthenticatorWithGoogle.php b/Modules/Auth/Services/Auth/AuthenticatorWithGoogle.php
index ea0024b..0a54049 100644
--- a/Modules/Auth/Services/Auth/AuthenticatorWithGoogle.php
+++ b/Modules/Auth/Services/Auth/AuthenticatorWithGoogle.php
@@ -24,10 +24,16 @@ class AuthenticatorWithGoogle
      */
     private $password;
 
-    public function __construct(UserRepository $userRepository, CreateRandomPassword $password)
-    {
+    private JwtGetterByUserService $jwtGetterByUserService;
+
+    public function __construct(
+        UserRepository $userRepository,
+        CreateRandomPassword $password,
+        JwtGetterByUserService $jwtGetterByUserService
+    ) {
         $this->userRepository = $userRepository;
         $this->password = $password;
+        $this->jwtGetterByUserService = $jwtGetterByUserService;
     }
 
     /**
@@ -56,7 +62,7 @@ public function authOrCreate(GooglePayloadDTO $googlePayloadDTO): UserWithAccess
 
         return new UserWithAccessToken(
             $user,
-            new AccessToken($user->createToken('default')),
+            $this->jwtGetterByUserService->getByUser($user),
             $isNew
         );
     }
diff --git a/Modules/Auth/Services/Auth/JwtGetterByUserService.php b/Modules/Auth/Services/Auth/JwtGetterByUserService.php
new file mode 100644
index 0000000..5bcf5dd
--- /dev/null
+++ b/Modules/Auth/Services/Auth/JwtGetterByUserService.php
@@ -0,0 +1,70 @@
+<?php
+declare(strict_types=1);
+
+namespace Modules\Auth\Services\Auth;
+
+use Carbon\Carbon;
+use Laravel\Passport\Bridge\AccessToken;
+use Laravel\Passport\Bridge\Client;
+use League\OAuth2\Server\CryptKey;
+use League\OAuth2\Server\Entities\ClientEntityInterface;
+use Modules\Auth\Entities\AccessToken\AccessToken as AccessTokenEntity;
+use Modules\Auth\Models\User\User;
+use Laravel\Passport\Token;
+
+class JwtGetterByUserService
+{
+    private function getNewToken(
+        ClientEntityInterface $clientEntity,
+        array $scopes,
+        $userIdentifier = null
+    ) {
+        $obj =  (new AccessToken($userIdentifier, $scopes, $clientEntity));
+        $obj
+            ->setExpiryDateTime(new \DateTimeImmutable());
+        $obj->setUserIdentifier($userIdentifier);
+
+        return $obj;
+    }
+
+    public function getByUser(User $user, ?Token $token = null): AccessTokenEntity
+    {
+        if (!$token) {
+            /**
+             * @var Token $token
+             */
+            $token = $user->tokens()->orderByDesc('id')->first();
+            if (!$token) {
+                return new AccessTokenEntity($user->createToken('default'));
+            }
+        }
+
+        /**
+         * @var \Laravel\Passport\Client $client
+         */
+        $client = $token->client()->first();
+        $jwt = $this->getNewToken(new Client(
+            $client->id,
+            $client->name,
+            $client->redirect,
+            true
+        ), [], $user->id);
+
+        $jwt->setPrivateKey(new CryptKey(file_get_contents('/app/storage/oauth-private.key')));
+        $jwt->initJwtConfiguration();
+        $jwt->setIdentifier($token->id);
+        $jwt = (string) $jwt;
+
+        /**
+         * @var Carbon $expires
+         */
+        $expires = $token->getAttribute('expires_at');
+
+        return new AccessTokenEntity(
+            null,
+            $jwt,
+            $expires->toDateTimeString(),
+            $token->id
+        );
+    }
+}
diff --git a/Modules/Auth/Services/Auth/ShortTokenAuthorizer.php b/Modules/Auth/Services/Auth/ShortTokenAuthorizer.php
index 22b64e3..affaef2 100644
--- a/Modules/Auth/Services/Auth/ShortTokenAuthorizer.php
+++ b/Modules/Auth/Services/Auth/ShortTokenAuthorizer.php
@@ -15,10 +15,15 @@ class ShortTokenAuthorizer
      * @var TokenRepository
      */
     private $tokenRepository;
-    
-    public function __construct(TokenRepository $repository)
-    {
+
+    private JwtGetterByUserService $jwtGetterByUserService;
+
+    public function __construct(
+        TokenRepository $repository,
+        JwtGetterByUserService $jwtGetterByUserService
+    ) {
         $this->tokenRepository = $repository;
+        $this->jwtGetterByUserService = $jwtGetterByUserService;
     }
     
     public function authorize(?string $token): ?UserWithAccessToken
@@ -50,7 +55,7 @@ public function authorize(?string $token): ?UserWithAccessToken
         
         $bearer = new UserWithAccessToken(
             $user,
-            new AccessToken($user->createToken('default')),
+            $this->jwtGetterByUserService->getByUser($user, $token),
             false
         );
         return $bearer;