public function validateJwtToken($token = null)
{
if (is_null($token)) {
return false;
}
$token = str_replace('Bearer ', '', $token);
$token = (new Parser())->parse($token);
$signer = new Sha256();
// Verifica se a chave do token corresponde com a chave da aplicacao
if (!$token->verify($signer, 'minicurso_conference.api.signature')) {
return false;
}
$validation = new ValidationData();
$validation->setIssuer('http://minicurso_conference.api');
$validation->setAudience('http://minicurso_conference.api');
// Verifica se o token eh valido
$isValid = $token->validate($validation);
if (!$isValid) {
return false;
}
// Verifica se o token precisa ser recriado. O tempo verificacao eh de um dia
$validation->setCurrentTime(time() + 86400);
$needRegenerate = !$token->validate($validation);
if ($needRegenerate) {
return JWTTokenGenerator::generate();
}
return $token;
}
});
$beers = [['name' => 'Heineken', 'stars' => '5'], ['name' => 'Antarctica', 'stars' => '4'], ['name' => 'Cristal', 'stars' => '1']];
$app->get('/beer', function () use($beers) {
return new JsonResponse($beers, 200);
});
$app->get('/beer/{id}', function (Request $request, $id) use($beers) {
foreach ($beers as $beer) {
if (strtolower($id) == strtolower($beer['name'])) {
return new JsonResponse($beer, 200);
}
}
return new JsonResponse('Beer not found', 404);
});
$app->post('/auth', function (Request $request) use($app) {
if ($request->get('usuario') == 'admin' && $request->get('senha') == 'admin') {
$clientToken = \App\Generators\JWTTokenGenerator::generate();
$app['ClientToken'] = strval($clientToken);
return new JsonResponse('Login ok', 200);
}
return new JsonResponse('Invalid username or password', 404);
});
$app->before(function (Request $request, Application $app) {
$pathInfo = $request->getPathInfo();
$guard = new Guardian();
if ($pathInfo != '/auth') {
$clientToken = $request->headers->get('ClientToken');
if ($guard->validateJwtToken($clientToken)) {
$app['ClientToken'] = $clientToken;
} else {
return new JsonResponse('Bad Request', 400);
}
