/** * Check the token in the refresh flow context. * * @param $payload * @return bool */ protected function validateRefresh(array $payload) { if (isset($payload['iat']) && Utils::timestamp($payload['iat'])->addMinutes($this->refreshTTL)->isPast()) { throw new TokenExpiredException('Token has expired and can no longer be refreshed', 400); } return true; }
/** * Determine whether the token has been blacklisted. * * @param \Tymon\JWTAuth\Payload $payload * @return bool */ public function has(Payload $payload) { $grace = $this->storage->get($payload['jti']); // check whether the expiry + grace has past if (is_null($grace) || Utils::timestamp($grace['valid_until'])->isFuture()) { return false; } return true; }
/** * Add the token (jti claim) to the blacklist * * @param \Tymon\JWTAuth\Payload $payload * @return boolean */ public function add(Payload $payload) { $exp = Utils::timestamp($payload['exp']); // there is no need to add the token to the blacklist // if the token has already expired if ($exp->isPast()) { return false; } // add a minute to abate potential overlap $minutes = $exp->diffInMinutes(Utils::now()->subMinute()); $this->storage->add($payload['jti'], [], $minutes); return true; }
/** * Add the token (jti claim) to the blacklist. * * @param \Tymon\JWTAuth\Payload $payload * @return bool */ public function add(Payload $payload) { $exp = Utils::timestamp($payload['exp']); $refreshExp = Utils::timestamp($payload['iat'])->addMinutes($this->refreshTTL); // there is no need to add the token to the blacklist // if the token has already expired AND the refresh_ttl // has gone by if ($exp->isPast() && $refreshExp->isPast()) { return false; } // Set the cache entry's lifetime to be equal to the amount // of refreshable time it has remaining (which is the larger // of `exp` and `iat+refresh_ttl`), rounded up a minute $cacheLifetime = $exp->max($refreshExp)->addMinute()->diffInMinutes(); $this->storage->add($payload['jti'], [], $cacheLifetime); return true; }