diff --git a/src/TochkaApi/Client.php b/src/TochkaApi/Client.php index aa189a6..0489589 100644 --- a/src/TochkaApi/Client.php +++ b/src/TochkaApi/Client.php @@ -7,8 +7,6 @@ use TochkaApi\Exceptions\TochkaApiClientException; use TochkaApi\HttpAdapters\HttpClientInterface; use TochkaApi\Models\BaseModel; -use TochkaApi\Utilities\TochkaPermissionsJWT; - /** * @method \TochkaApi\Models\Balance balance($id = null) @@ -176,18 +174,16 @@ public function getTokenUrl() { return static::HOST . "/connect/token"; } - - /** - * @param string $jwt - * @return string - */ - public function generateAuthorizeUrl($jwt) + + public function generateAuthorizeUrlByParams(string $consentId, ?string $state = null): string { $data = [ "client_id" => $this->getClientId(), - "redirect_uri" => $this->getRedirectUri(), - "request" => $jwt, "response_type" => "code", + "state" => $state ?: uniqid(), + "redirect_uri" => $this->getRedirectUri(), + 'scope' => $this->getScopes(), + 'consent_id' => $consentId, ]; return static::HOST . "/connect/authorize?" . http_build_query($data); @@ -245,7 +241,7 @@ protected function setClientSecret($client_secret) * @return string * @throws TochkaApiClientException */ - public function authorize() + public function authorize(?string $state = null) { $data = [ "client_id" => $this->getClientId(), @@ -261,9 +257,7 @@ public function authorize() throw new TochkaApiClientException($e->getMessage()); } - $jwt = TochkaPermissionsJWT::generateJWT($response["Data"]["consentId"], static::HOST, $this->getClientId(), $this->getRedirectUri(), $this->getScopes()); - - return $this->generateAuthorizeUrl($jwt); + return $this->generateAuthorizeUrlByParams($response["Data"]["consentId"], $state); } /** @@ -364,4 +358,4 @@ public function __call($name, $arguments) return $model; } -} \ No newline at end of file +} diff --git a/src/TochkaApi/Utilities/TochkaPermissionsJWT.php b/src/TochkaApi/Utilities/TochkaPermissionsJWT.php deleted file mode 100644 index cd932c5..0000000 --- a/src/TochkaApi/Utilities/TochkaPermissionsJWT.php +++ /dev/null @@ -1,55 +0,0 @@ - 'JWT', 'alg' => 'none']); - - $payload = json_encode([ - "iss" => "tochka", - "aud" => $host, - "response_type" => "code", - "client_id" => $clientId, - "redirect_uri" => $redirectUri, - "scope" => $scopes, - "max_age" => "86400", - "claims" => [ - "userinfo" => [ - "openbanking_intent_id" => [ - "value" => $consentId, - "essential" => true - ] - ], - "id_token" => [ - "openbanking_intent_id" => [ - "value" => $consentId, - "essential" => true - ], - "acr" => [ - "values" => [ - "urn:rubanking:sca", - "urn:rubanking:ca" - ], - "essential" => true - ] - ] - ] - ]); - - $base64UrlHeader = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($header)); - $base64UrlPayload = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($payload)); - - $signature = hash_hmac('sha256', $base64UrlHeader . "." . $base64UrlPayload, '', true); - - $base64UrlSignature = str_replace(['+', '/', '='], ['-', '_', ''], base64_encode($signature)); - - return $base64UrlHeader . "." . $base64UrlPayload . "." . $base64UrlSignature; - } -} \ No newline at end of file diff --git a/tests/ClientTest.php b/tests/ClientTest.php index e8a8b9a..84ad521 100644 --- a/tests/ClientTest.php +++ b/tests/ClientTest.php @@ -7,7 +7,6 @@ use TochkaApi\Auth\BearerAuth; use TochkaApi\Client; use TochkaApi\HttpAdapters\CurlHttpClient; -use TochkaApi\Utilities\TochkaPermissionsJWT; class ClientTest extends TestCase { @@ -41,14 +40,6 @@ public function testClient() $client->token("test"); } - public function testJWT() - { - $jwt = TochkaPermissionsJWT::generateJWT("test", "https://example.com", "test", "https://example.com", ""); - - $this->assertNotEmpty($jwt); - $this->assertContains(".", $jwt); - } - public function testAccessTokenClass() { $token = new AccessToken("test", 7200, "test"); @@ -68,4 +59,4 @@ public function testBearerAuthClass() $this->assertArrayHasKey("Authorization", $bearerAuth->getHeaders()); } -} \ No newline at end of file +}