protected function getValidTokenPayload(Request $request) { // try to get a token first from the Authorization header, then from the GET and POST vars $headers = $request->Headers; $getToken = $request->Get('AuthToken'); $postToken = $request->Post('AuthToken'); if (isset($headers['Authorization']) && substr($headers['Authorization'], 0, 7) === 'Bearer ') { $tokenString = substr($headers['Authorization'], 7); } elseif (isset($getToken)) { $tokenString = $getToken; } elseif (isset($postToken)) { $tokenString = $postToken; } else { $tokenString = null; } if (isset($tokenString)) { try { return \Firebase\JWT\JWT::decode($tokenString, $this->secretKey, ['HS256']); } catch (ExpiredException $e) { return 'expired'; } catch (\Exception $e) { return null; } } else { return null; } }
private function getValidToken(Request $request) { $tokenString = $this->cookies->Get('AuthToken'); if (!isset($tokenString)) { // See if the token is present in the URL $tokenString = $request->Get('AuthToken'); if (!isset($tokenString)) { return false; } } list($authToken, $checksum) = explode('|', base64_decode($tokenString)); if (hash('md5', $authToken) === $checksum) { $checkToken = new Token(null, null, null, $authToken); if (!$this->tokenMapper->CheckAuthToken($checkToken)) { return false; } else { return $checkToken; } } else { return false; } }
/** * Will return the request's data as an array from whatever source it can find. * Can be called in child classes to modify the contents of the data before saving. * @param Request $request * @return array */ protected function getPutData(Request $request) { if (!isset($this->putData)) { $body = $request->Body; $putVars = $request->Put(); if (isset($putVars['model'])) { $this->putData = json_decode($putVars['model'], true); } elseif (!empty($putVars)) { $this->putData = $putVars; } elseif (strlen($body) > 0) { $this->putData = json_decode($body, true); } else { $this->putData = []; } } return $this->putData; }