/**
* Destroy the current session
*/
public function destroySession()
{
$this->accessToken = NULL;
$this->signedRequest = NULL;
$this->user = NULL;
$this->session->clearAll();
// Javascript sets a cookie that will be used in getSignedRequest that we need to clear if we can
$cookieName = $this->config->getSignedRequestCookieName();
if (array_key_exists($cookieName, $this->httpRequest->getCookies())) {
$this->httpResponse->deleteCookie($cookieName, '/', $this->getBaseDomain());
unset($_COOKIE[$cookieName]);
}
}
/**
* Saves the JWT Access Token into HTTP cookie.
*/
private function saveJWTCookie()
{
if (empty($this->jwtData)) {
$this->response->deleteCookie(self::COOKIE_NAME);
return;
}
if ($this->generateIat) {
$this->jwtData['iat'] = DateTime::from('NOW')->format('U');
}
// Unset JTI if there was any
unset($this->jwtData['jti']);
if ($this->generateJti) {
// Generate new JTI
$this->jwtData['jti'] = hash('sha256', serialize($this->jwtData) . Random::generate(10));
}
// Encode the JWT and set the cookie
$jwt = $this->jwtService->encode($this->jwtData, $this->privateKey, $this->algorithm);
$this->response->setCookie(self::COOKIE_NAME, $jwt, $this->expirationTime);
$this->cookieSaved = true;
// Set cookie saved flag to true, so loadJWTCookie() doesn't rewrite our data
}
public function delete($name, $path = null, $domain = null, $secure = null)
{
$this->_response->deleteCookie($name, $path, $domain, $secure);
}
