Use LaravelSessionStore in the SessionStateHandler.

Also, by binding them both to your container you can extend or overwrite the behaviour a bit more easily. Which should help with testing or implemting different auth flows.
auth0 · Jul 21, 2019 · 7ab8879 · 7ab8879
1 parent bdd27ad
commit 7ab8879
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 18 deletions.
diff --git a/src/Auth0/Login/Auth0Service.php b/src/Auth0/Login/Auth0Service.php
@@ -2,33 +2,46 @@
 
 namespace Auth0\Login;
 
-use Config;
-use Auth0\SDK\API\Authentication;
+use Auth0\SDK\API\Helpers\State\SessionStateHandler;
 use Auth0\SDK\Auth0;
-use Auth0\SDK\JWTVerifier;
 use Auth0\SDK\Helpers\Cache\CacheHandler;
+use Auth0\SDK\JWTVerifier;
+use Auth0\SDK\Store\StoreInterface;
+use Config;
 use Illuminate\Contracts\Container\BindingResolutionException;
 
 /**
  * Service that provides access to the Auth0 SDK.
  */
 class Auth0Service
 {
-    private $auth0Config;
+    /**
+     * @var Auth0
+     */
     private $auth0;
-    private $authApi;
+
     private $apiuser;
     private $_onLoginCb = null;
     private $rememberUser = false;
 
-    public function __construct() {
-      $this->auth0Config = config('laravel-auth0');
-
-      $this->auth0Config['store'] = new LaravelSessionStore();
-
-      $this->authApi = new Authentication($this->auth0Config['domain'], $this->auth0Config['client_id']);
+    /**
+     * Auth0Service constructor.
+     *
+     * @param array $auth0Config
+     * @param StoreInterface $sessionStorage
+     *
+     * @throws \Auth0\SDK\Exception\CoreException
+     */
+    public function __construct(
+        array $auth0Config,
+        StoreInterface $sessionStorage,
+        SessionStateHandler $sessionStateHandler
+    )
+    {
+        $auth0Config['store'] = $sessionStorage;
+        $auth0Config['state_handler'] = $sessionStateHandler;
 
-      $this->auth0 = new Auth0($this->auth0Config);
+        $this->auth0 = new Auth0($auth0Config);
     }
 
     /**
@@ -139,7 +152,7 @@ public function decodeJWT($encUser)
         $secret_base64_encoded = config('laravel-auth0.secret_base64_encoded');
 
         if (is_null($secret_base64_encoded)) {
-          $secret_base64_encoded = true;
+            $secret_base64_encoded = true;
         }
 
         $verifier = new JWTVerifier([

diff --git a/src/Auth0/Login/LoginServiceProvider.php b/src/Auth0/Login/LoginServiceProvider.php
@@ -2,11 +2,14 @@
 
 namespace Auth0\Login;
 
-use Illuminate\Support\ServiceProvider;
 use Auth0\SDK\API\Helpers\ApiClient;
 use Auth0\SDK\API\Helpers\InformationHeaders;
+use Auth0\SDK\API\Helpers\State\SessionStateHandler;
+use Auth0\SDK\Store\StoreInterface;
+use Illuminate\Support\ServiceProvider;
 
-class LoginServiceProvider extends ServiceProvider {
+class LoginServiceProvider extends ServiceProvider
+{
 
     const SDK_VERSION = "4.0.4";
 
@@ -49,12 +52,24 @@ public function boot()
      */
     public function register()
     {
+        $this->app->bind(StoreInterface::class, function () {
+            return new LaravelSessionStore();
+        });
+
+        $this->app->bind(SessionStateHandler::class, function ($app) {
+            return new SessionStateHandler($app->make(LaravelSessionStore::class));
+        });
+
         // Bind the auth0 name to a singleton instance of the Auth0 Service
-        $this->app->singleton(Auth0Service::class, function () {
-              return new Auth0Service();
+        $this->app->singleton(Auth0Service::class, function ($app) {
+            return new Auth0Service(
+                $app->make('config')->get('laravel-auth0'),
+                $app->make(StoreInterface::class),
+                $app->make(SessionStateHandler::class)
+            );
         });
         $this->app->singleton('auth0', function () {
-              return $this->app->make(Auth0Service::class);
+            return $this->app->make(Auth0Service::class);
         });
 
         // When Laravel logs out, logout the auth0 SDK trough the service