/** * Check security info and reject if invalid * * @param JWTDecodedEvent $event * @return void */ public function onJWTDecoded(JWTDecodedEvent $event) { $request = $event->getRequest(); $payload = $event->getPayload(); if (empty($payload['username'])) { $event->markAsInvalid(); return; } if (!($token = substr($request->headers->get('Authorization'), 7))) { $event->markAsInvalid(); return; } if (!$this->validateUser($payload['username'], $token)) { $event->markAsInvalid(); return; } $requestedDatabase = $request->headers->get('x-database'); if (is_null($requestedDatabase)) { $event->markAsInvalid(); return; } if (empty($payload['databases'])) { $event->markAsInvalid(); return; } if (!$this->validateAttributes($requestedDatabase, $payload, $request->getClientIp())) { $event->markAsInvalid(); return; } }
/** * @param JWTDecodedEvent $event * * @return void */ public function onJWTDecoded(JWTDecodedEvent $event) { if (!($request = $event->getRequest())) { return; } $payload = $event->getPayload(); $request = $event->getRequest(); if (!isset($payload['ip']) || $payload['ip'] !== $request->getClientIp()) { $event->markAsInvalid(); } }
/** * @param JWTDecodedEvent $event * @throws TokenExpiredException when token has expired * @throws TokenNotValidException when token matched no user */ public function onJWTDecodedResponse(JWTDecodedEvent $event) { if (!$event->isValid()) { throw new TokenExpiredException(); } }