/**
* @param User $user
* @return Token
*/
public function createToken(User $user) : Token
{
$issued = Carbon::now();
$expire = Carbon::now()->addSeconds((int) $this->config['expire']);
$notBefore = Carbon::now()->addSeconds((int) $this->config['notbefore']);
return $this->tokenBuilder->setIssuer($this->config['issuer'])->setAudience($this->config['audience'])->setId($this->config['appid'], true)->setIssuedAt($issued->getTimestamp())->setNotBefore($notBefore->getTimestamp())->setExpiration($expire->getTimestamp())->set('data', ["uid" => $user->getId(), "uidentifier" => $user->getUsername()])->sign($this->signer, $this->secret)->getToken();
}
public function __construct()
{
$this->builder = new Builder();
$this->builder->setIssuer(gethostname())->setId(time(), true);
// ->setIssuedAt(time())
// ->setNotBefore(time() + 60)
// ->setExpiration(time() + 3600)
// ->set('teste', 1);
}
/**
* @param array $claims
* @return string
*/
public function getToken(array $claims = [])
{
$issuer = (string) $this->request->getUri();
$issued_at = $this->config->getTimestamp();
$expiration = $issued_at + $this->config->getTtl();
$key = $this->config->getPrivateKey();
foreach ($claims as $name => $value) {
$this->builder->set($name, $value);
}
$token = $this->builder->setIssuer($issuer)->setIssuedAt($issued_at)->setExpiration($expiration)->sign($this->signer, $key)->getToken();
return (string) $token;
}
/**
* @param Application $app
*/
public function register(Application $app)
{
$app['jwt.builder'] = $app->share(function (Application $app) {
$builder = new Builder();
$builder->setIssuer($app['config']['jwt']['iss']);
return $builder;
});
$app['jwt.signer'] = $app->share(function () {
return new Sha256();
});
$app['jwt.keys.private'] = $app->share(function (Application $app) {
$file = __DIR__ . '/../../' . $app['config']['jwt']['keys']['private']['file'];
return new Key('file://' . $file, $app['config']['jwt']['keys']['private']['passphrase']);
});
$app['jwt.keys.public'] = $app->share(function (Application $app) {
$file = __DIR__ . '/../../' . $app['config']['jwt']['keys']['public']['file'];
return new Key('file://' . $file);
});
$app['jwt.validation_data'] = $app->share(function (Application $app) {
$data = new ValidationData();
$data->setIssuer($app['config']['jwt']['iss']);
return $data;
});
$app['jwt.encoder'] = $app->share(function (Application $app) {
return new JwtEncoderService($app['jwt.builder'], $app['jwt.signer'], $app['jwt.keys.private'], $app['clock'], new Integer($app['config']['jwt']['exp']), new Integer($app['config']['jwt']['nbf']));
});
$app['jwt.decoder'] = $app->share(function (Application $app) {
return new JwtDecoderService(new Parser(), $app['jwt.validation_data'], $app['jwt.signer'], $app['jwt.keys.public']);
});
}
public function generateUrl($username = null)
{
$now = time();
$builder = new Builder();
$token = $builder->setIssuer($this->key)->setAudience($this->gatewayUrl)->setSubject($username)->setId($this->generateTokenId())->set('url', $this->callbackUrl)->set('tpl', $this->templateName)->setIssuedAt($now)->setNotBefore($now)->setExpiration($now + $this->signatureTtl)->sign(new Sha256(), $this->secret)->getToken();
return sprintf('%s?token=%s', $this->gatewayUrl, $token);
}
/**
* Returns Builder/ValidationData with "iss" and "aud" claims set.
*
* @param Builder|ValidationData $object
* @param string $issuer
* @param string $audience
*
* @return Builder|ValidationData
*/
private function initClaims($object, $issuer = null, $audience = null)
{
if ($object instanceof Builder) {
$object->setIssuer(isset($issuer) ? $issuer : \Yii::$app->getRequest()->getHostInfo());
}
$object->setAudience(isset($audience) ? $audience : $this->getAudience());
return $object;
}
private function generateToken(UserView $user)
{
$signer = new Sha256();
$issuedAt = time();
$key = $this->configuration->get('auth-key');
$ttl = $this->configuration->get('auth-ttl');
$expiration = is_null($ttl) ? (int) $ttl : 3600;
$builder = new Builder();
$builder->setIssuedAt($issuedAt)->setNotBefore($issuedAt + 1)->setExpiration($issuedAt + $expiration)->set('uid', $user->getId());
$issuer = $this->configuration->get('auth-issuer');
$audience = $this->configuration->get('auth-audience');
if ($issuer != null) {
$builder->setIssuer($issuer);
}
if ($audience != null) {
$builder->setAudience($audience);
}
$token = $builder->sign($signer, $key)->getToken();
return (string) $token;
}
/**
* @return string JWT string
*/
public function getTokenString() : string
{
/**
* Build Token
*/
$builder = new Builder();
$builder->setIssuer(self::ISSUER);
$builder->setExpiration((new \DateTime($this->configuration->get('Cookie.TTL')))->getTimestamp());
foreach ($this->values as $key => $value) {
$builder->set($key, $value);
}
/**
* Sign and generate new token
*/
$builder->sign(new Sha256(), $this->configuration->get('Cookie.Signer.Key'));
$token = $builder->getToken();
return (string) $token;
}
/**
* Generates a user token
* @return string
*/
public function getToken($data = null)
{
$time = time();
$signer = new Sha256();
$token = new Builder();
$token->setIssuer(Router::url('/', true));
$token->setAudience($this->request->clientIp());
$token->setIssuedAt($time);
$token->setNotBefore($time);
$token->setExpiration($time + Configure::read('Security.timeout'));
$token->set('data', json_encode($data));
return (string) $token->sign($signer, Configure::read('Security.salt'))->getToken();
}
