Bypass auth screen if we already have a token

src/Http/Controllers/AuthorizationController.php

@@ -2,10 +2,15 @@
 
 namespace Laravel\Passport\Http\Controllers;
 
-use Laravel\Passport\Passport;
+use Illuminate\Database\Eloquent\Model;
 use Illuminate\Http\Request;
+use Laravel\Passport\Passport;
+use Laravel\Passport\Bridge\User;
+use Laravel\Passport\TokenRepository;
 use Laravel\Passport\ClientRepository;
+use League\OAuth2\Server\RequestTypes\AuthorizationRequest;
 use Psr\Http\Message\ServerRequestInterface;
+use Zend\Diactoros\Response as Psr7Response;
 use League\OAuth2\Server\AuthorizationServer;
 use Illuminate\Contracts\Routing\ResponseFactory;
 
@@ -50,18 +55,29 @@ public function __construct(AuthorizationServer $server, ResponseFactory $respon
      */
     public function authorize(ServerRequestInterface $psrRequest,
                               Request $request,
-                              ClientRepository $clients)
+                              ClientRepository $clients,
+                              TokenRepository $tokens)
     {
-        return $this->withErrorHandling(function () use ($psrRequest, $request, $clients) {
-            $request->session()->put(
-                'authRequest', $authRequest = $this->server->validateAuthorizationRequest($psrRequest)
-            );
+        return $this->withErrorHandling(function () use ($psrRequest, $request, $clients, $tokens) {
+            $authRequest = $this->server->validateAuthorizationRequest($psrRequest);
 
             $scopes = $this->parseScopes($authRequest);
 
+            $client = $clients->find($authRequest->getClient()->getIdentifier());
+
+            $user = $request->user();
+
+            $token = $tokens->getValidToken($user, $client);
+
+            if ($token && Passport::scopesFor($token->scopes) == $scopes) {
+                return $this->approveRequest($authRequest, $user);
+            }
+
+            $request->session()->put('authRequest', $authRequest);
+
             return $this->response->view('passport::authorize', [
-                'client' => $clients->find($authRequest->getClient()->getIdentifier()),
-                'user' => $request->user(),
+                'client' => $client,
+                'user' => $user,
                 'scopes' => $scopes,
                 'request' => $request,
             ]);
@@ -82,4 +98,22 @@ protected function parseScopes($authRequest)
             })->all()
         );
     }
+
+    /**
+     * Approve the authorization request.
+     *
+     * @param  AuthorizationRequest  $authRequest
+     * @param  Model  $user
+     * @return \Psr\Http\Message\ResponseInterface
+     */
+    private function approveRequest($authRequest, $user)
+    {
+        $authRequest->setUser(new User($user->getKey()));
+
+        $authRequest->setAuthorizationApproved(true);
+
+        return $this->server->completeAuthorizationRequest(
+            $authRequest, new Psr7Response
+        );
+    }
 }

src/TokenRepository.php

@@ -2,6 +2,9 @@
 
 namespace Laravel\Passport;
 
+use Carbon\Carbon;
+use Illuminate\Database\Eloquent\Model;
+
 class TokenRepository
 {
     /**
@@ -26,6 +29,22 @@ public function save($token)
         $token->save();
     }
 
+    /**
+     * Store the given token instance.
+     *
+     * @param  Model  $userId
+     * @param  Client  $client
+     * @return Token|null
+     */
+    public function getValidToken($user, $client)
+    {
+        return $client->tokens()
+                      ->whereUserId($user->id)
+                      ->whereRevoked(0)
+                      ->where('expires_at', '>', Carbon::now()->toDateTimeString())
+                      ->first();
+    }
+
     /**
      * Revoke all of the access tokens for a given user and client.
      *

tests/AuthorizationControllerTest.php

@@ -43,8 +43,11 @@ public function test_authorization_view_is_presented()
         $clients = Mockery::mock('Laravel\Passport\ClientRepository');
         $clients->shouldReceive('find')->with(1)->andReturn('client');
 
+        $tokens = Mockery::mock('Laravel\Passport\TokenRepository');
+        $tokens->shouldReceive('getValidToken')->with('user', 'client')->andReturnNull();
+
         $this->assertEquals('view', $controller->authorize(
-            Mockery::mock('Psr\Http\Message\ServerRequestInterface'), $request, $clients
+            Mockery::mock('Psr\Http\Message\ServerRequestInterface'), $request, $clients, $tokens
         ));
     }
 
@@ -64,8 +67,46 @@ public function test_authorization_exceptions_are_handled()
 
         $clients = Mockery::mock('Laravel\Passport\ClientRepository');
 
+        $tokens = Mockery::mock('Laravel\Passport\TokenRepository');
+
         $this->assertEquals('whoops', $controller->authorize(
-            Mockery::mock('Psr\Http\Message\ServerRequestInterface'), $request, $clients
+            Mockery::mock('Psr\Http\Message\ServerRequestInterface'), $request, $clients, $tokens
         )->getOriginalContent());
     }
+
+    public function test_request_is_approved_if_valid_token_exists()
+    {
+        Laravel\Passport\Passport::tokensCan([
+            'scope-1' => 'description',
+        ]);
+
+        $server = Mockery::mock(AuthorizationServer::class);
+        $response = Mockery::mock(ResponseFactory::class);
+
+        $controller = new Laravel\Passport\Http\Controllers\AuthorizationController($server, $response);
+
+        $server->shouldReceive('validateAuthorizationRequest')->andReturn($authRequest = Mockery::mock('League\OAuth2\Server\RequestTypes\AuthorizationRequest'));
+        $server->shouldReceive('completeAuthorizationRequest')->with($authRequest, Mockery::type('Psr\Http\Message\ResponseInterface'))->andReturn('approved');
+
+        $request = Mockery::mock('Illuminate\Http\Request');
+        $request->shouldReceive('user')->once()->andReturn($user = Mockery::mock());
+        $user->shouldReceive('getKey')->andReturn(1);
+        $request->shouldNotReceive('session');
+
+        $authRequest->shouldReceive('getClient->getIdentifier')->once()->andReturn(1);
+        $authRequest->shouldReceive('getScopes')->once()->andReturn([new Laravel\Passport\Bridge\Scope('scope-1')]);
+        $authRequest->shouldReceive('setUser')->once()->andReturnNull();
+        $authRequest->shouldReceive('setAuthorizationApproved')->once()->with(true);
+
+        $clients = Mockery::mock('Laravel\Passport\ClientRepository');
+        $clients->shouldReceive('find')->with(1)->andReturn('client');
+
+        $tokens = Mockery::mock('Laravel\Passport\TokenRepository');
+        $tokens->shouldReceive('getValidToken')->with($user, 'client')->andReturn($token = Mockery::mock('Laravel\Passport\Token'));
+        $token->shouldReceive('getAttribute')->with('scopes')->andReturn(['scope-1']);
+
+        $this->assertEquals('approved', $controller->authorize(
+            Mockery::mock('Psr\Http\Message\ServerRequestInterface'), $request, $clients, $tokens
+        ));
+    }
 }