184 lines
4.1 KiB
PHP
184 lines
4.1 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of jwt-auth.
|
|
*
|
|
* (c) Sean Tymon <tymon148@gmail.com>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Tymon\JWTAuth;
|
|
|
|
use Tymon\JWTAuth\Exceptions\JWTException;
|
|
use Tymon\JWTAuth\Providers\JWT\JWTInterface;
|
|
use Tymon\JWTAuth\Exceptions\TokenBlacklistedException;
|
|
|
|
class JWTManager
|
|
{
|
|
/**
|
|
* @var \Tymon\JWTAuth\Providers\JWT\JWTInterface
|
|
*/
|
|
protected $jwt;
|
|
|
|
/**
|
|
* @var \Tymon\JWTAuth\Blacklist
|
|
*/
|
|
protected $blacklist;
|
|
|
|
/**
|
|
* @var \Tymon\JWTAuth\PayloadFactory
|
|
*/
|
|
protected $payloadFactory;
|
|
|
|
/**
|
|
* @var bool
|
|
*/
|
|
protected $blacklistEnabled = true;
|
|
|
|
/**
|
|
* @var bool
|
|
*/
|
|
protected $refreshFlow = false;
|
|
|
|
/**
|
|
* @param \Tymon\JWTAuth\Providers\JWT\JWTInterface $jwt
|
|
* @param \Tymon\JWTAuth\Blacklist $blacklist
|
|
* @param \Tymon\JWTAuth\PayloadFactory $payloadFactory
|
|
*/
|
|
public function __construct(JWTInterface $jwt, Blacklist $blacklist, PayloadFactory $payloadFactory)
|
|
{
|
|
$this->jwt = $jwt;
|
|
$this->blacklist = $blacklist;
|
|
$this->payloadFactory = $payloadFactory;
|
|
}
|
|
|
|
/**
|
|
* Encode a Payload and return the Token.
|
|
*
|
|
* @param \Tymon\JWTAuth\Payload $payload
|
|
* @return \Tymon\JWTAuth\Token
|
|
*/
|
|
public function encode(Payload $payload)
|
|
{
|
|
$token = $this->jwt->encode($payload->get());
|
|
|
|
return new Token($token);
|
|
}
|
|
|
|
/**
|
|
* Decode a Token and return the Payload.
|
|
*
|
|
* @param \Tymon\JWTAuth\Token $token
|
|
* @return Payload
|
|
* @throws TokenBlacklistedException
|
|
*/
|
|
public function decode(Token $token)
|
|
{
|
|
$payloadArray = $this->jwt->decode($token->get());
|
|
|
|
$payload = $this->payloadFactory->setRefreshFlow($this->refreshFlow)->make($payloadArray);
|
|
|
|
if ($this->blacklistEnabled && $this->blacklist->has($payload)) {
|
|
throw new TokenBlacklistedException('The token has been blacklisted');
|
|
}
|
|
|
|
return $payload;
|
|
}
|
|
|
|
/**
|
|
* Refresh a Token and return a new Token.
|
|
*
|
|
* @param \Tymon\JWTAuth\Token $token
|
|
* @return \Tymon\JWTAuth\Token
|
|
*/
|
|
public function refresh(Token $token)
|
|
{
|
|
$payload = $this->setRefreshFlow()->decode($token);
|
|
|
|
if ($this->blacklistEnabled) {
|
|
// invalidate old token
|
|
$this->blacklist->add($payload);
|
|
}
|
|
|
|
// return the new token
|
|
return $this->encode(
|
|
$this->payloadFactory->make([
|
|
'sub' => $payload['sub'],
|
|
'iat' => $payload['iat'],
|
|
])
|
|
);
|
|
}
|
|
|
|
/**
|
|
* Invalidate a Token by adding it to the blacklist.
|
|
*
|
|
* @param Token $token
|
|
* @return bool
|
|
*/
|
|
public function invalidate(Token $token)
|
|
{
|
|
if (! $this->blacklistEnabled) {
|
|
throw new JWTException('You must have the blacklist enabled to invalidate a token.');
|
|
}
|
|
|
|
return $this->blacklist->add($this->decode($token));
|
|
}
|
|
|
|
/**
|
|
* Get the PayloadFactory instance.
|
|
*
|
|
* @return \Tymon\JWTAuth\PayloadFactory
|
|
*/
|
|
public function getPayloadFactory()
|
|
{
|
|
return $this->payloadFactory;
|
|
}
|
|
|
|
/**
|
|
* Get the JWTProvider instance.
|
|
*
|
|
* @return \Tymon\JWTAuth\Providers\JWT\JWTInterface
|
|
*/
|
|
public function getJWTProvider()
|
|
{
|
|
return $this->jwt;
|
|
}
|
|
|
|
/**
|
|
* Get the Blacklist instance.
|
|
*
|
|
* @return \Tymon\JWTAuth\Blacklist
|
|
*/
|
|
public function getBlacklist()
|
|
{
|
|
return $this->blacklist;
|
|
}
|
|
|
|
/**
|
|
* Set whether the blacklist is enabled.
|
|
*
|
|
* @param bool $enabled
|
|
*/
|
|
public function setBlacklistEnabled($enabled)
|
|
{
|
|
$this->blacklistEnabled = $enabled;
|
|
|
|
return $this;
|
|
}
|
|
|
|
/**
|
|
* Set the refresh flow.
|
|
*
|
|
* @param bool $refreshFlow
|
|
* @return $this
|
|
*/
|
|
public function setRefreshFlow($refreshFlow = true)
|
|
{
|
|
$this->refreshFlow = $refreshFlow;
|
|
|
|
return $this;
|
|
}
|
|
}
|