/**
* Check security info and reject if invalid
*
* @param JWTDecodedEvent $event
* @return void
*/
public function onJWTDecoded(JWTDecodedEvent $event)
{
$request = $event->getRequest();
$payload = $event->getPayload();
if (empty($payload['username'])) {
$event->markAsInvalid();
return;
}
if (!($token = substr($request->headers->get('Authorization'), 7))) {
$event->markAsInvalid();
return;
}
if (!$this->validateUser($payload['username'], $token)) {
$event->markAsInvalid();
return;
}
$requestedDatabase = $request->headers->get('x-database');
if (is_null($requestedDatabase)) {
$event->markAsInvalid();
return;
}
if (empty($payload['databases'])) {
$event->markAsInvalid();
return;
}
if (!$this->validateAttributes($requestedDatabase, $payload, $request->getClientIp())) {
$event->markAsInvalid();
return;
}
}
/**
* @param JWTDecodedEvent $event
*
* @return void
*/
public function onJWTDecoded(JWTDecodedEvent $event)
{
if (!($request = $event->getRequest())) {
return;
}
$payload = $event->getPayload();
$request = $event->getRequest();
if (!isset($payload['ip']) || $payload['ip'] !== $request->getClientIp()) {
$event->markAsInvalid();
}
}
/**
* @param JWTDecodedEvent $event
* @throws TokenExpiredException when token has expired
* @throws TokenNotValidException when token matched no user
*/
public function onJWTDecodedResponse(JWTDecodedEvent $event)
{
if (!$event->isValid()) {
throw new TokenExpiredException();
}
}
