function setVAPIDInfo($privateKey, $audience, $subject) { if (!USE_VAPID || !$privateKey || !$audience || !$subject) { return; } $builder = new Builder(); $token = $builder->setAudience($audience)->setExpiration(time() + 86400)->setSubject($subject)->sign(new Sha256(), new Key($privateKey))->getToken(); $this->additionalHeaders['Authorization'] = 'Bearer ' . $token; $privKeySerializer = new PemPrivateKeySerializer(new DerPrivateKeySerializer()); $privateKeyObject = $privKeySerializer->parse($privateKey); $publicKeyObject = $privateKeyObject->getPublicKey(); $pointSerializer = new UncompressedPointSerializer(EccFactory::getAdapter()); $this->additionalHeaders['Crypto-Key'] = 'p256ecdsa=' . Base64Url::encode(hex2bin($pointSerializer->serialize($publicKeyObject->getPoint()))); }
/** * Returns Builder/ValidationData with "iss" and "aud" claims set. * * @param Builder|ValidationData $object * @param string $issuer * @param string $audience * * @return Builder|ValidationData */ private function initClaims($object, $issuer = null, $audience = null) { if ($object instanceof Builder) { $object->setIssuer(isset($issuer) ? $issuer : \Yii::$app->getRequest()->getHostInfo()); } $object->setAudience(isset($audience) ? $audience : $this->getAudience()); return $object; }
private function generateToken(UserView $user) { $signer = new Sha256(); $issuedAt = time(); $key = $this->configuration->get('auth-key'); $ttl = $this->configuration->get('auth-ttl'); $expiration = is_null($ttl) ? (int) $ttl : 3600; $builder = new Builder(); $builder->setIssuedAt($issuedAt)->setNotBefore($issuedAt + 1)->setExpiration($issuedAt + $expiration)->set('uid', $user->getId()); $issuer = $this->configuration->get('auth-issuer'); $audience = $this->configuration->get('auth-audience'); if ($issuer != null) { $builder->setIssuer($issuer); } if ($audience != null) { $builder->setAudience($audience); } $token = $builder->sign($signer, $key)->getToken(); return (string) $token; }
/** * Generates a user token * @return string */ public function getToken($data = null) { $time = time(); $signer = new Sha256(); $token = new Builder(); $token->setIssuer(Router::url('/', true)); $token->setAudience($this->request->clientIp()); $token->setIssuedAt($time); $token->setNotBefore($time); $token->setExpiration($time + Configure::read('Security.timeout')); $token->set('data', json_encode($data)); return (string) $token->sign($signer, Configure::read('Security.salt'))->getToken(); }