/**
* @param \Illuminate\Http\Request $request
* @param Closure $next
* @param ...$roles
* @return JsonResponse
* @throws \Exception
*/
public function handle($request, Closure $next, ...$roles)
{
if (!$this->jwt->hasScope($roles, $request)) {
return new JsonResponse(['success' => false, 'message' => 'permission denied'], 403);
}
return $next($request);
}
/**
* @test
* @group jwtnew
* @expectedException \Exception
*/
public function readShouldThrowExceptionWhenValidationOfJWTReturnsFalse()
{
$this->request->shouldReceive('header')->once()->with('Authorization')->andReturn('Bearer abcd1234');
$this->jwsProxy->shouldReceive('callLoad')->once()->andReturn($this->jwsProxy);
$algo = Mockery::mock('Bendbennett\\JWT\\Algorithms\\AsymmetricAlgorithm');
$algo->shouldReceive('getKeyForVerifying')->twice();
$this->algoFactory->shouldReceive('make')->once()->andReturn($algo);
$this->jwsProxy->shouldReceive('verify')->once()->andReturn(true);
$this->jwsProxy->shouldReceive('isExpired')->once()->andReturn('false');
$jwt = new JWT($this->jwsProxy, $this->algoFactory, $this->payload, 'algoDefinedInConfig', $this->jti);
$jwt->read($this->request);
}
