Return the token data on session endpoint

api/Config/UserConfig.php

@@ -139,12 +139,12 @@ public function createUser(string $username, string $password): User
     {
         $this->initialize();
 
-        $password = $this->container->get(UserPasswordEncoderInterface::class)->encodePassword(
+        $encodedPassword = $this->container->get(UserPasswordEncoderInterface::class)->encodePassword(
             new User($username, null),
             $password
         );
 
-        return new User($username, $password);
+        return new User($username, $encodedPassword);
     }
 
     /**

api/Controller/SessionController.php

@@ -15,6 +15,7 @@
 use Contao\ManagerApi\Config\UserConfig;
 use Contao\ManagerApi\HttpKernel\ApiProblemResponse;
 use Contao\ManagerApi\Security\JwtManager;
+use Contao\ManagerApi\Security\TokenAuthenticator;
 use Crell\ApiProblem\ApiProblem;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -72,6 +73,15 @@ public function __invoke(Request $request): Response
     private function getStatus(): Response
     {
         if ($this->security->isGranted('IS_AUTHENTICATED_FULLY')) {
+            $token = $this->security->getToken();
+
+            if (null !== $token
+                && TokenAuthenticator::class === $token->getAttribute('authenticator')
+                && null !== ($payload = $this->config->getToken($token->getAttribute('token_id')))
+            ) {
+                return new JsonResponse($payload);
+            }
+
             return new JsonResponse(['username' => (string) $this->security->getUser()]);
         }
 

api/Security/TokenAuthenticator.php

@@ -30,6 +30,11 @@ class TokenAuthenticator extends AbstractGuardAuthenticator
      */
     private $config;
 
+    /**
+     * @var string
+     */
+    private $tokenId;
+
     /**
      * Constructor.
      */
@@ -77,6 +82,8 @@ public function getUser($credentials, UserProviderInterface $userProvider): ?Use
             return null;
         }
 
+        $this->tokenId = $token['id'];
+
         return $userProvider->loadUserByUsername($token['username']);
     }
 
@@ -93,6 +100,7 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey): ?Response
     {
         $token->setAttribute('authenticator', static::class);
+        $token->setAttribute('token_id', $this->tokenId);
 
         return null;
     }

docs/api/swagger.yaml

@@ -42,15 +42,17 @@ paths:
 
         get:
             summary: Get current session status
-            description: Returns information about the current session (based on authentication cookie)
+            description: Returns information about the current session (based on authentication)
             tags: [Session]
             responses:
                 200:
                     description: If the user is authenticated
                     content:
                         application/json:
                             schema:
-                                $ref: '#/components/schemas/User'
+                                oneOf:
+                                    - $ref: '#/components/schemas/User'
+                                    - $ref: '#/components/schemas/TokenResponse'
                 204:
                     description: If there are no records in the user database
                 401:
@@ -329,7 +331,8 @@ paths:
                             type: object
                             properties:
                                 directory:
-                                    type: string|null
+                                    type: string
+                                    nullable: true
                                     description: The directory name or null if only the `web` directory must be created.
             responses:
                 201:
@@ -476,7 +479,7 @@ paths:
                             schema:
                                 $ref: '#/components/schemas/TokenResponse'
 
-    /api/users/{username}/tokens/{token}:
+    /api/users/{username}/tokens/{id}:
         get:
             summary: Get Token
             tags: [Users]
@@ -486,7 +489,7 @@ paths:
                   required: true
                   schema:
                       type: string
-                - name: token
+                - name: id
                   in: path
                   required: true
                   schema:
@@ -510,7 +513,7 @@ paths:
                   required: true
                   schema:
                       type: string
-                - name: token
+                - name: id
                   in: path
                   required: true
                   schema:
@@ -1041,14 +1044,20 @@ components:
         TokenResponse:
             type: object
             properties:
-                client_id:
+                id:
                     type: string
-                    description: OAuth client ID of the token.
+                token:
+                    type: string
+                    description: Only available if the token was freshly created.
                 username:
                     type: string
                     description: Username of the token.
-                token:
+                client_id:
                     type: string
+                    description: Client ID of the token.
+                scope:
+                    type: string
+                    description: Permission scope of the token.
 
         ConfigManager:
             type: object
@@ -1098,7 +1107,8 @@ components:
             properties:
                     version:
                         description: The Contao version number.
-                        type: string|null
+                        type: string
+                        nullable: true
                     api:
                         type: object
                         properties: