mirror of
https://github.com/shlinkio/shlink.git
synced 2026-02-28 04:03:12 +08:00
72 lines
2.1 KiB
PHP
72 lines
2.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Shlinkio\Shlink\Rest\Authentication\Plugin;
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
use Shlinkio\Shlink\Rest\Authentication\JWTServiceInterface;
|
|
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
|
use Throwable;
|
|
|
|
use function count;
|
|
use function explode;
|
|
use function sprintf;
|
|
use function strtolower;
|
|
|
|
/** @deprecated */
|
|
class AuthorizationHeaderPlugin implements AuthenticationPluginInterface
|
|
{
|
|
public const HEADER_NAME = 'Authorization';
|
|
|
|
/** @var JWTServiceInterface */
|
|
private $jwtService;
|
|
|
|
public function __construct(JWTServiceInterface $jwtService)
|
|
{
|
|
$this->jwtService = $jwtService;
|
|
}
|
|
|
|
/**
|
|
* @throws VerifyAuthenticationException
|
|
*/
|
|
public function verify(ServerRequestInterface $request): void
|
|
{
|
|
// Get token making sure the an authorization type is provided
|
|
$authToken = $request->getHeaderLine(self::HEADER_NAME);
|
|
$authTokenParts = explode(' ', $authToken);
|
|
if (count($authTokenParts) === 1) {
|
|
throw VerifyAuthenticationException::forMissingAuthType();
|
|
}
|
|
|
|
// Make sure the authorization type is Bearer
|
|
[$authType, $jwt] = $authTokenParts;
|
|
if (strtolower($authType) !== 'bearer') {
|
|
throw VerifyAuthenticationException::forInvalidAuthType($authType);
|
|
}
|
|
|
|
try {
|
|
if (! $this->jwtService->verify($jwt)) {
|
|
throw $this->createInvalidTokenError();
|
|
}
|
|
} catch (Throwable $e) {
|
|
throw $this->createInvalidTokenError();
|
|
}
|
|
}
|
|
|
|
private function createInvalidTokenError(): VerifyAuthenticationException
|
|
{
|
|
return VerifyAuthenticationException::forInvalidAuthToken();
|
|
}
|
|
|
|
public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
|
{
|
|
$authToken = $request->getHeaderLine(self::HEADER_NAME);
|
|
[, $jwt] = explode(' ', $authToken);
|
|
$jwt = $this->jwtService->refresh($jwt);
|
|
|
|
return $response->withHeader(self::HEADER_NAME, sprintf('Bearer %s', $jwt));
|
|
}
|
|
}
|