Squashed commit of the following:

commit fcebc08f6d89437ba84288a25498ae094fd4f16d Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Wed Jan 10 21:59:33 2018 +0000 update changelog commit 74491698857cb2e111006efb349e1f10c2e3cf1d Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Wed Jan 10 21:58:25 2018 +0000 Modify the micropub controller to look for the token in the right palce (as set by the token middleware commit 0fd11ff8391062fbe70f3a28d6a98694dc25b36b Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Wed Jan 10 21:57:40 2018 +0000 If the access token is sent as a bearer token in the http headers, merge it into the request data so the controllers only have one place to look commit 9e154ec4bc17be3071280409a3f6bb7f02dad816 Author: Jonny Barnes <jonny@jonnybarnes.uk> Date: Wed Jan 10 21:56:33 2018 +0000 Add a test with the access token being form encoded
2018-01-10 22:00:03 +00:00 · 2018-01-10 22:00:03 +00:00 · 8772db973b
commit 8772db973b
parent a5f17944d2
4 changed files with 37 additions and 9 deletions
--- a/app/Http/Controllers/MicropubController.php
+++ b/app/Http/Controllers/MicropubController.php
@ -45,7 +45,8 @@ class MicropubController extends Controller
    public function post()
    {
        try {
-            $tokenData = $this->tokenService->validateToken(request()->bearerToken());
+            info(request()->input('access_token'));
+            $tokenData = $this->tokenService->validateToken(request()->input('access_token'));
        } catch (InvalidTokenException $e) {
            return $this->invalidTokenResponse();
        }
@ -254,7 +255,7 @@ class MicropubController extends Controller
    private function getClientId(): string
    {
        return resolve(TokenService::class)
-            ->validateToken(request()->bearerToken())
+            ->validateToken(request()->input('access_token'))
            ->getClaim('client_id');
    }

--- a/app/Http/Middleware/VerifyMicropubToken.php
+++ b/app/Http/Middleware/VerifyMicropubToken.php
@ -15,14 +15,20 @@ class VerifyMicropubToken
     */
    public function handle($request, Closure $next)
    {
-        if ($request->bearerToken() === null) {
-            return response()->json([
-                'response' => 'error',
-                'error' => 'unauthorized',
-                'error_description' => 'No access token was provided in the request',
-            ], 401);
+        if ($request->input('access_token')) {
+            return $next($request);
        }

-        return $next($request);
+        if ($request->bearerToken()) {
+            return $next($request->merge([
+                'access_token' => $request->bearerToken(),
+            ]));
+        }
+
+        return response()->json([
+            'response' => 'error',
+            'error' => 'unauthorized',
+            'error_description' => 'No access token was provided in the request',
+        ], 401);
    }
 }