Получение нового маркера доступа в обмен на маркер обновления

ilimurzin · Sep 15, 2024 · 3f6784c · 3f6784c
1 parent bbe0995
commit 3f6784c
Show file tree

Hide file tree

Showing 3 changed files with 121 additions and 1 deletion.
diff --git a/src/Esia/OpenId.php b/src/Esia/OpenId.php
@@ -167,7 +167,55 @@ public function getToken(string $code): string
             'scope' => $this->config->getScopeString(),
             'timestamp' => $timestamp,
             'token_type' => 'Bearer',
-            'refresh_token' => $state,
+        ];
+
+        $payload = $this->sendRequest(
+            new Request(
+                'POST',
+                $this->config->getTokenUrl(),
+                [
+                    'Content-Type' => 'application/x-www-form-urlencoded',
+                ],
+                http_build_query($body)
+            )
+        );
+
+        $this->logger->debug('Payload: ', $payload);
+
+        $token = $payload['access_token'];
+        $this->config->setToken($token);
+        $this->config->setRefreshToken($payload['refresh_token']);
+
+        # get object id from token
+        $chunks = explode('.', $token);
+        $payload = json_decode($this->base64UrlSafeDecode($chunks[1]), true);
+        $this->config->setOid($payload['urn:esia:sbj_id']);
+
+        return $token;
+    }
+
+    public function refreshToken(): string
+    {
+        $timestamp = $this->getTimeStamp();
+        $state = $this->buildState();
+
+        $clientSecret = $this->signer->sign(
+            $this->config->getScopeString()
+            . $timestamp
+            . $this->config->getClientId()
+            . $state
+        );
+
+        $body = [
+            'client_id' => $this->config->getClientId(),
+            'grant_type' => 'refresh_token',
+            'client_secret' => $clientSecret,
+            'state' => $state,
+            'redirect_uri' => $this->config->getRedirectUrl(),
+            'scope' => $this->config->getScopeString(),
+            'timestamp' => $timestamp,
+            'token_type' => 'Bearer',
+            'refresh_token' => $this->config->getRefreshToken(),
         ];
 
         $payload = $this->sendRequest(

diff --git a/tests/unit/OpenIdCliOpensslTest.php b/tests/unit/OpenIdCliOpensslTest.php
@@ -83,4 +83,46 @@ public function testGetTokenRememberRefreshToken(): void
         $openId->getToken('test');
         self::assertSame($refreshToken, $openId->getConfig()->getRefreshToken());
     }
+
+    public function testRefreshToken(): void
+    {
+        $config = new Config($this->config);
+        $client = $this->buildClientWithResponses([
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "first"}'),
+        ]);
+        $openId = new OpenId($config, $client);
+        $openId->setSigner(new CliSignerPKCS7(
+            $this->config['certPath'],
+            $this->config['privateKeyPath'],
+            $this->config['privateKeyPassword'],
+            $this->config['tmpPath']
+        ));
+
+        $openId->refreshToken();
+
+        self::assertSame('first', $openId->getConfig()->getRefreshToken());
+    }
+
+    public function testMultipleRefreshToken(): void
+    {
+        $config = new Config($this->config);
+        $client = $this->buildClientWithResponses([
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "first"}'),
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "second"}'),
+        ]);
+        $openId = new OpenId($config, $client);
+        $openId->setSigner(new CliSignerPKCS7(
+            $this->config['certPath'],
+            $this->config['privateKeyPath'],
+            $this->config['privateKeyPassword'],
+            $this->config['tmpPath']
+        ));
+
+        $openId->refreshToken();
+        $first = $openId->getConfig()->getRefreshToken();
+        $openId->refreshToken();
+        $second = $openId->getConfig()->getRefreshToken();
+
+        self::assertSame(['first','second'], [$first, $second]);
+    }
 }
diff --git a/tests/unit/OpenIdTest.php b/tests/unit/OpenIdTest.php
@@ -80,6 +80,36 @@ public function testGetTokenRememberRefreshToken(): void
         self::assertSame($refreshToken, $openId->getConfig()->getRefreshToken());
     }
 
+    public function testRefreshToken(): void
+    {
+        $config = new Config($this->config);
+        $client = $this->buildClientWithResponses([
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "first"}'),
+        ]);
+        $openId = new OpenId($config, $client);
+
+        $openId->refreshToken();
+
+        self::assertSame('first', $openId->getConfig()->getRefreshToken());
+    }
+
+    public function testMultipleRefreshToken(): void
+    {
+        $config = new Config($this->config);
+        $client = $this->buildClientWithResponses([
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "first"}'),
+            new Response(200, [], '{"access_token": "test.' . base64_encode('{"urn:esia:sbj_id": 123}') . '.test", "refresh_token": "second"}'),
+        ]);
+        $openId = new OpenId($config, $client);
+
+        $openId->refreshToken();
+        $first = $openId->getConfig()->getRefreshToken();
+        $openId->refreshToken();
+        $second = $openId->getConfig()->getRefreshToken();
+
+        self::assertSame(['first','second'], [$first, $second]);
+    }
+
     /**
      * @throws InvalidConfigurationException
      * @throws AbstractEsiaException