Merge branch 'oidc-content-type-issue' into development

2024-12-12 13:33:46 +08:00 · 2024-11-28 16:58:55 +00:00 · 2024-11-28 16:58:55 +00:00 · 978acecdcf
commit 978acecdcf
parent 415cd6a360 bc1f1d92e5
2 changed files with 17 additions and 1 deletions
--- a/app/Access/Oidc/OidcUserinfoResponse.php
+++ b/app/Access/Oidc/OidcUserinfoResponse.php
@ -11,7 +11,9 @@ class OidcUserinfoResponse implements ProvidesClaims

    public function __construct(ResponseInterface $response, string $issuer, array $keys)
    {
-        $contentType = $response->getHeader('Content-Type')[0];
+        $contentTypeHeaderValue = $response->getHeader('Content-Type')[0] ?? '';
+        $contentType = strtolower(trim(explode(';', $contentTypeHeaderValue, 2)[0]));
+
        if ($contentType === 'application/json') {
            $this->claims = json_decode($response->getBody()->getContents(), true);
        }
--- a/tests/Auth/OidcTest.php
+++ b/tests/Auth/OidcTest.php
@ -787,6 +787,20 @@ class OidcTest extends TestCase
        $this->assertTrue($user->hasRole($roleA->id));
    }

+    public function test_userinfo_endpoint_response_with_complex_json_content_type_handled()
+    {
+        $userinfoResponseData = [
+            'sub' => OidcJwtHelper::defaultPayload()['sub'],
+            'name' => 'Barry',
+        ];
+        $userinfoResponse = new Response(200, ['Content-Type'  => 'Application/Json ; charset=utf-8'], json_encode($userinfoResponseData));
+        $resp = $this->runLogin(['name' => null], [$userinfoResponse]);
+        $resp->assertRedirect('/');
+
+        $user = User::where('email', OidcJwtHelper::defaultPayload()['email'])->first();
+        $this->assertEquals('Barry', $user->name);
+    }
+
    public function test_userinfo_endpoint_jwks_response_handled()
    {
        $userinfoResponseData = OidcJwtHelper::idToken(['name' => 'Barry Jwks']);