Enable to keep the modified payload after decode

lexik · Apr 14, 2020 · a2e3959 · a2e3959
1 parent 65752dd
commit a2e3959
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 1 deletion.
diff --git a/Resources/doc/2-data-customization.md b/Resources/doc/2-data-customization.md
@@ -139,6 +139,29 @@ public function onJWTDecoded(JWTDecodedEvent $event)
 }
 ```
 
+#### Example: Add additional data to payload - to get it in your [custom UserProvider](8-jwt-user-provider.md)
+
+``` php
+// src/App/EventListener/JWTDecodedListener.php
+
+use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
+
+/**
+ * @param JWTDecodedEvent $event
+ *
+ * @return void
+ */
+public function onJWTDecoded(JWTDecodedEvent $event)
+{
+    $payload = $event->getPayload();
+    $user = $this->userRepository->findOneByUsername($payload['username']);
+
+    $payload['custom_user_data'] = $user->getCustomUserInformations();
+
+    $event->setPayload($user); // Don't forget to regive the payload for next event / step
+}
+```
+
 Events::JWT_AUTHENTICATED - Customizing your security token
 ------------------------------------------------------------
 

diff --git a/Services/JWTManager.php b/Services/JWTManager.php
@@ -108,7 +108,7 @@ public function decode(TokenInterface $token)
             return false;
         }
 
-        return $payload;
+        return $event->getPayload();
     }
 
     /**

diff --git a/Tests/Functional/GetTokenTest.php b/Tests/Functional/GetTokenTest.php
@@ -4,6 +4,8 @@
 
 use Lcobucci\JWT\Parser;
 use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTCreatedEvent;
+use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
+use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTAuthenticatedEvent;
 use Lexik\Bundle\JWTAuthenticationBundle\Events;
 use Lexik\Bundle\JWTAuthenticationBundle\Response\JWTAuthenticationSuccessResponse;
 
@@ -24,6 +26,32 @@ public function testGetToken()
         $this->assertArrayHasKey('token', $body, 'The response should have a "token" key containing a JWT Token.');
     }
 
+    public function testGetTokenWithListener()
+    {
+        static::$client = static::createClient();
+
+        $subscriber = static::$kernel->getContainer()->get('lexik_jwt_authentication.test.jwt_event_subscriber');
+        $subscriber->setListener(Events::JWT_DECODED, function (JWTDecodedEvent $e) {
+            $payload = $e->getPayload();
+            $payload['added_data'] = 'still visible after the event';
+            $e->setPayload($payload);
+        });
+
+        $payloadTested = new \stdClass();
+        $payloadTested->payload = [];
+        $subscriber->setListener(Events::JWT_AUTHENTICATED, function (JWTAuthenticatedEvent $e) use ($payloadTested) {
+            $payloadTested->payload = $e->getPayload();
+        });
+
+        static::$client->request('POST', '/login_check', ['_username' => 'lexik', '_password' => 'dummy']);
+        $body = json_decode(static::$client->getResponse()->getContent(), true);
+
+        static::$client->request('GET', '/api/secured', [], [], [ 'HTTP_AUTHORIZATION' => "Bearer ".$body['token'] ]);
+
+        $this->assertArrayHasKey('added_data', $payloadTested->payload, 'The payload should contains a "added_data" claim.');
+        $this->assertSame('still visible after the event', $payloadTested->payload['added_data'], 'The "added_data" claim should be equal to "still visible after the event".');
+    }
+
     public function testGetTokenWithCustomClaim()
     {
         static::$client = static::createClient();
-Original file line number
+Diff line change
@@ Expand Up / @@ -108,7 +108,7 @@ public function decode(TokenInterface $token) @@
                 return false;
             }
-            return $payload;
+            return $event->getPayload();
         }
         /**
@@ Expand Down @@