public function loginByToken(Token $token)
{
$uid = $token->getClaim('uid');
try {
$this->user = $this->usersRepository->getById($uid);
} catch (UserNotFoundException $e) {
// do nothing here
}
}
/**
* Validates JWT token
*
* @param Token $token
* @throws ExpiredTokenException when token has expired and can be refreshed
* @throws InvalidTokenException when token has expired or is invalid
*/
protected function validateToken(Token $token = null)
{
if (null === $token) {
throw new InvalidTokenException();
}
$exp = (new \DateTime())->setTimestamp($token->getClaim('exp'));
$now = date_create();
$refreshTtl = \DateInterval::createFromDateString($this->refreshTtl);
if ($now < $exp) {
return;
}
if ($exp->add($refreshTtl) > $now) {
throw new ExpiredTokenException();
}
throw new InvalidTokenException();
}
/**
* @test
*
* @uses Lcobucci\JWT\Token::__construct
* @uses Lcobucci\JWT\Token::setEncoder
*
* @covers Lcobucci\JWT\Token::__toString
* @covers Lcobucci\JWT\Token::getPayload
*/
public function toStringMustReturnEncodedData()
{
$signature = $this->getMock(Signature::class, [], [], '', false);
$signature->expects($this->any())->method('__toString')->willReturn('test');
$token = new Token(['alg' => 'none'], [], $signature);
$token->setEncoder($this->encoder);
$this->createMockExpectations('test');
$this->assertEquals('test.test.test', (string) $token);
}
/**
* {@inheritDoc}
*/
private function shouldTokenBeRefreshed(Token $token) : bool
{
if (!$token->hasClaim(self::ISSUED_AT_CLAIM)) {
return false;
}
return $this->timestamp() >= $token->getClaim(self::ISSUED_AT_CLAIM) + $this->refreshTime;
}
/**
* Get the unique key held within the blacklist.
*
* @param \Lcobucci\JWT\Token $token
*
* @return mixed
*/
public function getKey(Token $token)
{
return $token->getClaim($this->key);
}
/**
* @test
*
* @uses Lcobucci\JWT\Token::__construct
* @uses Lcobucci\JWT\ValidationData::__construct
* @uses Lcobucci\JWT\ValidationData::get
* @uses Lcobucci\JWT\ValidationData::has
* @uses Lcobucci\JWT\ValidationData::setIssuer
* @uses Lcobucci\JWT\Claim\Basic::__construct
* @uses Lcobucci\JWT\Claim\Basic::getName
* @uses Lcobucci\JWT\Claim\Basic::getValue
* @uses Lcobucci\JWT\Claim\EqualsTo::__construct
* @uses Lcobucci\JWT\Claim\EqualsTo::validate
* @uses Lcobucci\JWT\Claim\LesserOrEqualsTo::__construct
* @uses Lcobucci\JWT\Claim\LesserOrEqualsTo::validate
* @uses Lcobucci\JWT\Claim\GreaterOrEqualsTo::__construct
* @uses Lcobucci\JWT\Claim\GreaterOrEqualsTo::validate
*
* @covers Lcobucci\JWT\Token::validate
* @covers Lcobucci\JWT\Token::getValidatableClaims
*/
public function validateShouldReturnTrueWhenThereAreNoFailedValidatableClaims()
{
$now = time();
$token = new Token([], ['iss' => new EqualsTo('iss', 'test'), 'iat' => new LesserOrEqualsTo('iat', $now), 'exp' => new GreaterOrEqualsTo('ext', $now + 500), 'testing' => new Basic('testing', 'test')]);
$data = new ValidationData($now + 10);
$data->setIssuer('test');
$this->assertTrue($token->validate($data));
}
/**
* @param ParsedToken $parsed
* @return array
*/
protected function getTokenMetadata(ParsedToken $parsed)
{
$metadata = [];
foreach ($parsed->getClaims() as $name => $claim) {
$metadata[$name] = $claim->getValue();
}
return $metadata;
}
protected function getTokenCredentials(Token $token)
{
$creds = [];
foreach ($this->config['payload'] as $property) {
$creds[$property] = $token->getClaim($property);
}
return $creds;
}
/**
* @param Token $token
* @return bool
*/
public function validateToken(Token $token) : bool
{
return $token->validate($this->validationData) && $token->verify($this->signer, $this->secret);
}
/**
* Returns the resultant token
*
* @return Token
*/
public function getToken()
{
$token = new Token($this->headers, $this->claims, $this->signature);
$token->setEncoder($this->encoder);
return $token;
}
public function deSerialize(Token $token) : Data
{
return Data::fromJsonString($token->getClaim('data'));
}
/**
* @test
*
* @uses Lcobucci\JWT\Token::__construct
*
* @covers Lcobucci\JWT\Token::getPayload
*/
public function getPayloadShouldReturnAStringWithTheTwoEncodePartsThatGeneratedTheToken()
{
$token = new Token(['alg' => 'none'], [], null, ['test1', 'test2', 'test3']);
$this->assertEquals('test1.test2', $token->getPayload());
}
/**
* @inheritdoc
*/
public function isValid(Token $token)
{
$signer = new Sha256();
$key = new Key($this->pathPublicKey);
if (!$token->verify($signer, $key)) {
throw new InvalidDefinitionException('Invalid token');
}
$data = new ValidationData();
$data->setIssuer($token->getClaim('iss'));
$data->setAudience($token->getClaim('aud'));
$data->setId($token->getClaim('jti'));
$isValid = $token->validate($data);
if (!$isValid) {
throw new AuthenticationExpiredException('The access token has expired');
}
return $isValid;
}
/**
* @test
*
* @depends builderCanGenerateAToken
*
* @covers Lcobucci\JWT\Builder
* @covers Lcobucci\JWT\Parser
* @covers Lcobucci\JWT\Token
* @covers Lcobucci\JWT\Signature
* @covers Lcobucci\JWT\Claim\Factory
* @covers Lcobucci\JWT\Claim\Basic
* @covers Lcobucci\JWT\Signer\Key
* @covers Lcobucci\JWT\Signer\BaseSigner
* @covers Lcobucci\JWT\Signer\Rsa
* @covers Lcobucci\JWT\Signer\Rsa\Sha256
*/
public function verifyShouldReturnTrueWhenKeyIsRight(Token $token)
{
$this->assertTrue($token->verify($this->signer, self::$rsaKeys['public']));
}
/**
* @test
*
* @dataProvider invalidValidationData
*
* @depends builderCanGenerateAToken
*
* @covers Lcobucci\JWT\Builder
* @covers Lcobucci\JWT\Parser
* @covers Lcobucci\JWT\Token
* @covers Lcobucci\JWT\ValidationData
* @covers Lcobucci\JWT\Claim\Factory
* @covers Lcobucci\JWT\Claim\Basic
* @covers Lcobucci\JWT\Claim\EqualsTo
* @covers Lcobucci\JWT\Claim\GreaterOrEqualsTo
* @covers Lcobucci\JWT\Parsing\Encoder
* @covers Lcobucci\JWT\Parsing\Decoder
*/
public function tokenValidationShouldReturnFalseWhenExpectedDataDontMatch(ValidationData $data, Token $generated)
{
$this->assertFalse($generated->validate($data));
}
/**
* @test
*
* @depends builderCanGenerateAToken
*
* @covers \Lcobucci\JWT\Configuration
* @covers \Lcobucci\JWT\Builder
* @covers \Lcobucci\JWT\Parser
* @covers \Lcobucci\JWT\Token
* @covers \Lcobucci\JWT\Signature
* @covers \Lcobucci\JWT\Claim\Factory
* @covers \Lcobucci\JWT\Claim\Basic
* @covers \Lcobucci\JWT\Signer\Key
* @covers \Lcobucci\JWT\Signer\BaseSigner
* @covers \Lcobucci\JWT\Signer\Ecdsa
* @covers \Lcobucci\JWT\Signer\Ecdsa\KeyParser
* @covers \Lcobucci\JWT\Signer\Ecdsa\EccAdapter
* @covers \Lcobucci\JWT\Signer\Ecdsa\SignatureSerializer
* @covers \Lcobucci\JWT\Signer\Ecdsa\Sha256
*/
public function verifyShouldReturnTrueWhenKeyIsRight(Token $token)
{
self::assertTrue($token->verify($this->config->getSigner(), static::$ecdsaKeys['public1']));
}
/**
* validate a given token object
*
* @param Token $token
* @return boolean
*/
public function validate(Token $token)
{
$valid = $token->validate($this->rules());
$verified = $token->verify(new Sha256(), config('jwt.key'));
return $valid && $verified;
}
/**
* Verify is validate token in signature.
*
* @param Lcobucci\JWT\Token $token
*
* @return bool
*/
public function isValidByToken(Token $token)
{
return $token->verify(new Sha256(), env('JWT_SECRET'));
}
/**
* @param \Lcobucci\JWT\Token $token
* @return bool
*/
public function verify(Token $token)
{
return $token->verify($this->signer, $this->key);
}
/**
* @test
*
* @depends builderCanGenerateAToken
*
* @covers \Lcobucci\JWT\Configuration
* @covers \Lcobucci\JWT\Builder
* @covers \Lcobucci\JWT\Parser
* @covers \Lcobucci\JWT\Token
* @covers \Lcobucci\JWT\Signature
* @covers \Lcobucci\JWT\Claim\Factory
* @covers \Lcobucci\JWT\Claim\Basic
* @covers \Lcobucci\JWT\Signer\Key
* @covers \Lcobucci\JWT\Signer\BaseSigner
* @covers \Lcobucci\JWT\Signer\Hmac
* @covers \Lcobucci\JWT\Signer\Hmac\Sha256
*/
public function verifyShouldReturnTrueWhenKeyIsRight(Token $token)
{
self::assertTrue($token->verify($this->config->getSigner(), 'testing'));
}
/**
* @param Jwt $jwt
* @return bool
*/
public function verifySignature(Jwt $jwt)
{
return $jwt->verify($this->signer, $this->publicKey);
}
/**
* @test
*
* @depends builderCanGenerateAToken
*
* @covers Lcobucci\JWT\Builder
* @covers Lcobucci\JWT\Parser
* @covers Lcobucci\JWT\Token
* @covers Lcobucci\JWT\Signature
* @covers Lcobucci\JWT\Parsing\Encoder
* @covers Lcobucci\JWT\Claim\Factory
* @covers Lcobucci\JWT\Claim\Basic
* @covers Lcobucci\JWT\Signer\OpenSSL
* @covers Lcobucci\JWT\Signer\Ecdsa
* @covers Lcobucci\JWT\Signer\Ecdsa\Sha256
*/
public function verifyShouldReturnTrueWhenKeyIsRight(Token $token)
{
$this->assertTrue($token->verify($this->signer, $this->publicEcdsa()));
}
/**
* @test
*
* @depends builderCanGenerateAToken
*
* @covers Lcobucci\JWT\Builder
* @covers Lcobucci\JWT\Parser
* @covers Lcobucci\JWT\Token
* @covers Lcobucci\JWT\Signature
* @covers Lcobucci\JWT\Claim\Factory
* @covers Lcobucci\JWT\Claim\Basic
* @covers Lcobucci\JWT\Signer\Key
* @covers Lcobucci\JWT\Signer\BaseSigner
* @covers Lcobucci\JWT\Signer\Hmac
* @covers Lcobucci\JWT\Signer\Hmac\Sha256
*/
public function verifyShouldReturnTrueWhenKeyIsRight(Token $token)
{
$this->assertTrue($token->verify($this->signer, 'testing'));
}
/**
* Validate token
* @param Token $token token object
* @return bool
*/
public function verifyToken(Token $token)
{
$alg = $token->getHeader('alg');
if (empty($this->supportedAlgs[$alg])) {
throw new InvalidParamException('Algorithm not supported');
}
$signer = Yii::createObject($this->supportedAlgs[$alg]);
return $token->verify($signer, $this->key);
}
