Copy audience claims to user roles #15
Conversation
|
Hi Oguz, thanks for the PR. It looks good, but I have 2 issues with it:
Both can be solved by using a type check with a DIP interface. |
|
Hey John, Thanks for the feedback. The reasoning behind this approach was because i couldn't find the setters for the roles in the common interfaces for the Symfony framework. I will look for a more proper solution in the meantime. |
|
Applying the DIP would mean creating a new interface, adding it to JwtBundle, then implement in identity (User) classes that you want to apply this behavior to. Then instead of checking if the method exists (duck typing), you do a type assertion. |
|
Hey John, The PR has been updated but for some unknown reason Scrutinizer has failed on |
|
Just add the missing newline to UserInterface.php and it will trigger again ;) |
|
One last thing: role names in Symfony are by convention upper case and prefixed with "ROLE_". Lets coax audience claims into that format. In future we may want to use something like a RoleFormatter type to define different strategies, but for now, just always upper-casing and prefixing (unless the prefix is already present) will do. |
|
Meaning we'd prefix the claims with "ROLE_" and convert them to uppercase? |
|
Indeed. |
|
Released as v0.12.0. |
|
Thanks 👍 |
This PR will copy the audience claims to the user if the user object has a method "addRole(string $role)"
Added a slightly extended class of symfony's User class (which is final) which has the addRole() method for testing the new method in the Authenticator.