Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

修复不同场景下直接获取token的场景进行验证;同时添加可配置场景是否验证(不验证场景的情况下默认只验证token) #3

Merged
merged 1 commit into from
Dec 12, 2023
Merged

修复不同场景下直接获取token的场景进行验证;同时添加可配置场景是否验证(不验证场景的情况下默认只验证token) #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion publish/jwt.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,5 +111,7 @@
'model' => [ // TODO 支持直接获取某模型的数据
'class' => '',
'pk' => 'uid'
]
],
//$independentTokenVerify true时会验证当前场景配置是否是生成当前的token的配置,需要配合自定义中间件实现,false会根据当前token拿到原来的场景配置,并且验证当前token
'independentTokenVerify' => false
];
9 changes: 9 additions & 0 deletions src/AbstractJWT.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,4 +156,13 @@ public function getSceneConfig(string $scene = 'default')
{
return $this->config->get("{$this->configPrefix}.{$this->scenePrefix}.{$scene}");
}

/**
* @param bool $independentTokenVerify
* @return bool
*/
public function getIndependentTokenVerify(bool $independentTokenVerify = false): bool
{
return $this->config->get("{$this->configPrefix}")['independentTokenVerify'] ?? $independentTokenVerify;
}
}
18 changes: 11 additions & 7 deletions src/JWT.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,9 +101,18 @@ public function checkToken(string $token = null, string $scene = null, $validate
try {
$token = $token ?? $this->getHeaderToken();
$tokenObj = $this->getTokenObj($token);
$config = $this->getSceneConfig($scene ?? $this->getScene());
$claims = $tokenObj->claims()->all();

$tokenScene = $claims[$this->tokenScenePrefix];
// 获取当前环境的场景配置并且验证该token是否是该配置生成的
//$independentTokenVerify true时会验证当前场景配置是否是生成当前的token的配置,需要配合自定义中间件实现,false会根据当前token拿到原来的场景配置,并且验证当前token
if ($this->getIndependentTokenVerify() && $tokenScene != $this->getScene()) {
throw new TokenValidException('Token authentication does not pass', 401);
}
//根据配置信息判断,设置当前token对应的场景scene
if (!$this->getIndependentTokenVerify()) {
$scene = $tokenScene ?? $scene;
}
$config = $this->getSceneConfig($scene ?? $this->getScene());
$signer = new $config['supported_algs'][$config['alg']];

// 验证token是否存在黑名单
Expand All @@ -115,11 +124,6 @@ public function checkToken(string $token = null, string $scene = null, $validate
throw new TokenValidException('Token authentication does not pass', 401);
}

// 获取当前环境的场景配置并且验证该token是否是该配置生成的
if ($independentTokenVerify) {
$config = $this->getSceneConfig($this->getScene());
}

return true;
} catch (\RuntimeException $e) {
throw new \RuntimeException($e->getMessage(), $e->getCode(), $e->getPrevious());
Expand Down