mirror of
https://github.com/shlinkio/shlink.git
synced 2026-03-08 08:13:11 +08:00
Migrated CheckAuthenticationMiddleware to psr-15 middleware
This commit is contained in:
Alejandro Celaya
@@ -2,6 +2,9 @@
|
||||
namespace Shlinkio\Shlink\Rest\Middleware;
|
||||
|
||||
use Acelaya\ZsmAnnotatedServices\Annotation\Inject;
|
||||
use Fig\Http\Message\StatusCodeInterface;
|
||||
use Interop\Http\ServerMiddleware\DelegateInterface;
|
||||
use Interop\Http\ServerMiddleware\MiddlewareInterface;
|
||||
use Psr\Http\Message\ResponseInterface as Response;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use Psr\Log\LoggerInterface;
|
||||
@@ -14,9 +17,8 @@ use Zend\Diactoros\Response\JsonResponse;
|
||||
use Zend\Expressive\Router\RouteResult;
|
||||
use Zend\I18n\Translator\TranslatorInterface;
|
||||
use Zend\Stdlib\ErrorHandler;
|
||||
use Zend\Stratigility\MiddlewareInterface;
|
||||
|
||||
class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
class CheckAuthenticationMiddleware implements MiddlewareInterface, StatusCodeInterface
|
||||
{
|
||||
const AUTHORIZATION_HEADER = 'Authorization';
|
||||
|
||||
@@ -52,31 +54,15 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
}
|
||||
|
||||
/**
|
||||
* Process an incoming request and/or response.
|
||||
*
|
||||
* Accepts a server-side request and a response instance, and does
|
||||
* something with them.
|
||||
*
|
||||
* If the response is not complete and/or further processing would not
|
||||
* interfere with the work done in the middleware, or if the middleware
|
||||
* wants to delegate to another process, it can use the `$out` callable
|
||||
* if present.
|
||||
*
|
||||
* If the middleware does not return a value, execution of the current
|
||||
* request is considered complete, and the response instance provided will
|
||||
* be considered the response to return.
|
||||
*
|
||||
* Alternately, the middleware may return a response instance.
|
||||
*
|
||||
* Often, middleware will `return $out();`, with the assumption that a
|
||||
* later middleware will return a response.
|
||||
* Process an incoming server request and return a response, optionally delegating
|
||||
* to the next middleware component to create the response.
|
||||
*
|
||||
* @param Request $request
|
||||
* @param Response $response
|
||||
* @param null|callable $out
|
||||
* @return null|Response
|
||||
* @param DelegateInterface $delegate
|
||||
*
|
||||
* @return Response
|
||||
*/
|
||||
public function __invoke(Request $request, Response $response, callable $out = null)
|
||||
public function process(Request $request, DelegateInterface $delegate)
|
||||
{
|
||||
// If current route is the authenticate route or an OPTIONS request, continue to the next middleware
|
||||
/** @var RouteResult $routeResult */
|
||||
@@ -86,7 +72,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
|| $routeResult->getMatchedRouteName() === 'rest-authenticate'
|
||||
|| $request->getMethod() === 'OPTIONS'
|
||||
) {
|
||||
return $out($request, $response);
|
||||
return $delegate->process($request);
|
||||
}
|
||||
|
||||
// Check that the auth header was provided, and that it belongs to a non-expired token
|
||||
@@ -103,7 +89,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
'message' => sprintf($this->translator->translate(
|
||||
'You need to provide the Bearer type in the %s header.'
|
||||
), self::AUTHORIZATION_HEADER),
|
||||
], 401);
|
||||
], self::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
// Make sure the authorization type is Bearer
|
||||
@@ -114,7 +100,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
'message' => sprintf($this->translator->translate(
|
||||
'Provided authorization type %s is not supported. Use Bearer instead.'
|
||||
), $authType),
|
||||
], 401);
|
||||
], self::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
|
||||
try {
|
||||
@@ -126,8 +112,7 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
|
||||
// Update the token expiration and continue to next middleware
|
||||
$jwt = $this->jwtService->refresh($jwt);
|
||||
/** @var Response $response */
|
||||
$response = $out($request, $response);
|
||||
$response = $delegate->process($request);
|
||||
|
||||
// Return the response with the updated token on it
|
||||
return $response->withHeader(self::AUTHORIZATION_HEADER, 'Bearer ' . $jwt);
|
||||
@@ -150,6 +135,6 @@ class CheckAuthenticationMiddleware implements MiddlewareInterface
|
||||
),
|
||||
self::AUTHORIZATION_HEADER
|
||||
),
|
||||
], 401);
|
||||
], self::STATUS_UNAUTHORIZED);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user