public function validateJwtToken($token = null) { if (is_null($token)) { return false; } $token = str_replace('Bearer ', '', $token); $token = (new Parser())->parse($token); $signer = new Sha256(); // Verifica se a chave do token corresponde com a chave da aplicacao if (!$token->verify($signer, 'minicurso_conference.api.signature')) { return false; } $validation = new ValidationData(); $validation->setIssuer('http://minicurso_conference.api'); $validation->setAudience('http://minicurso_conference.api'); // Verifica se o token eh valido $isValid = $token->validate($validation); if (!$isValid) { return false; } // Verifica se o token precisa ser recriado. O tempo verificacao eh de um dia $validation->setCurrentTime(time() + 86400); $needRegenerate = !$token->validate($validation); if ($needRegenerate) { return JWTTokenGenerator::generate(); } return $token; }
}); $beers = [['name' => 'Heineken', 'stars' => '5'], ['name' => 'Antarctica', 'stars' => '4'], ['name' => 'Cristal', 'stars' => '1']]; $app->get('/beer', function () use($beers) { return new JsonResponse($beers, 200); }); $app->get('/beer/{id}', function (Request $request, $id) use($beers) { foreach ($beers as $beer) { if (strtolower($id) == strtolower($beer['name'])) { return new JsonResponse($beer, 200); } } return new JsonResponse('Beer not found', 404); }); $app->post('/auth', function (Request $request) use($app) { if ($request->get('usuario') == 'admin' && $request->get('senha') == 'admin') { $clientToken = \App\Generators\JWTTokenGenerator::generate(); $app['ClientToken'] = strval($clientToken); return new JsonResponse('Login ok', 200); } return new JsonResponse('Invalid username or password', 404); }); $app->before(function (Request $request, Application $app) { $pathInfo = $request->getPathInfo(); $guard = new Guardian(); if ($pathInfo != '/auth') { $clientToken = $request->headers->get('ClientToken'); if ($guard->validateJwtToken($clientToken)) { $app['ClientToken'] = $clientToken; } else { return new JsonResponse('Bad Request', 400); }