From c7c5fe7979af12b780f9aeb05d33c8f2dd955536 Mon Sep 17 00:00:00 2001
From: Hugo Sales <hugo@hsal.es>
Date: Tue, 25 Jan 2022 16:07:39 +0000
Subject: [PATCH] [PLUGIN][OAuth2] Add 'me' field to token responses

---
 plugins/OAuth2/OAuth2.php                     |  2 +
 .../Util/ExpandedBearerTokenResponse.php      | 50 +++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 plugins/OAuth2/Util/ExpandedBearerTokenResponse.php

diff --git a/plugins/OAuth2/OAuth2.php b/plugins/OAuth2/OAuth2.php
index fb6a18d912..26e4051e12 100644
--- a/plugins/OAuth2/OAuth2.php
+++ b/plugins/OAuth2/OAuth2.php
@@ -43,6 +43,7 @@ use League\OAuth2\Server\AuthorizationServer;
 use League\OAuth2\Server\CryptKey;
 use League\OAuth2\Server\Grant\AuthCodeGrant;
 use Plugin\OAuth2\Controller as C;
+use Plugin\OAuth2\Util\ExpandedBearerTokenResponse;
 use XML_XRD_Element_Link;
 
 /**
@@ -71,6 +72,7 @@ class OAuth2 extends Plugin
             new Repository\Scope,
             privateKey: new CryptKey(keyPath: Common::config('oauth2', 'private_key'), passPhrase: Common::config('oauth2', 'private_key_password')),
             encryptionKey: Common::config('oauth2', 'encryption_key'),
+            responseType: new ExpandedBearerTokenResponse(),
         );
 
         self::$authorization_server->enableGrantType(
diff --git a/plugins/OAuth2/Util/ExpandedBearerTokenResponse.php b/plugins/OAuth2/Util/ExpandedBearerTokenResponse.php
new file mode 100644
index 0000000000..7de0868c47
--- /dev/null
+++ b/plugins/OAuth2/Util/ExpandedBearerTokenResponse.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types = 1);
+
+// {{{ License
+// This file is part of GNU social - https://www.gnu.org/software/social
+//
+// GNU social is free software: you can redistribute it and/or modify
+// it under the terms of the GNU Affero General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// GNU social is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU Affero General Public License for more details.
+//
+// You should have received a copy of the GNU Affero General Public License
+// along with GNU social.  If not, see <http://www.gnu.org/licenses/>.
+// }}}
+
+/**
+ * Token response including a `me` attribute
+ *
+ * @package   GNUsocial
+ * @category  API
+ *
+ * @author    Hugo Sales <hugo@hsal.es>
+ * @copyright 2022 Free Software Foundation, Inc http://www.fsf.org
+ * @license   https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
+ */
+
+namespace Plugin\OAuth2\Util;
+
+use App\Entity\Actor;
+use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
+use League\OAuth2\Server\ResponseTypes\BearerTokenResponse;
+
+class ExpandedBearerTokenResponse extends BearerTokenResponse
+{
+    /**
+     * @return array
+     */
+    protected function getExtraParams(AccessTokenEntityInterface $access_token)
+    {
+        return [
+            'me' => Actor::getById($access_token->getUserIdentifier())->getUri(),
+        ];
+    }
+}