|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* This file is part of the AppleApnPush package |
|
7
|
|
|
* |
|
8
|
|
|
* (c) Vitaliy Zhuk <[email protected]> |
|
9
|
|
|
* |
|
10
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
11
|
|
|
* file that was distributed with this source code |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace Apple\ApnPush\Protocol\Http\Authenticator; |
|
15
|
|
|
|
|
16
|
|
|
use Apple\ApnPush\Jwt\JwtInterface; |
|
17
|
|
|
use Apple\ApnPush\Jwt\SignatureGenerator\SignatureGeneratorFactory; |
|
18
|
|
|
use Apple\ApnPush\Jwt\SignatureGenerator\SignatureGeneratorInterface; |
|
19
|
|
|
use Apple\ApnPush\Protocol\Http\Request; |
|
20
|
|
|
|
|
21
|
|
|
/** |
|
22
|
|
|
* Authenticate request via Json Web Token |
|
23
|
|
|
*/ |
|
24
|
|
|
class JwtAuthenticator implements AuthenticatorInterface |
|
25
|
|
|
{ |
|
26
|
|
|
/** |
|
27
|
|
|
* @var JwtInterface |
|
28
|
|
|
*/ |
|
29
|
|
|
private $jwt; |
|
30
|
|
|
|
|
31
|
|
|
/** |
|
32
|
|
|
* @var SignatureGeneratorInterface |
|
33
|
|
|
*/ |
|
34
|
|
|
private $signatureGenerator; |
|
35
|
|
|
|
|
36
|
|
|
/** |
|
37
|
|
|
* @var string |
|
38
|
|
|
*/ |
|
39
|
|
|
private $jws; |
|
40
|
|
|
|
|
41
|
|
|
/** |
|
42
|
|
|
* @var \DateInterval |
|
43
|
|
|
*/ |
|
44
|
|
|
private $jwsLifetime; |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* @var \DateTime |
|
48
|
|
|
*/ |
|
49
|
|
|
private $jwsValidTo; |
|
50
|
|
|
|
|
51
|
|
|
/** |
|
52
|
|
|
* Constructor. |
|
53
|
|
|
* |
|
54
|
|
|
* @param JwtInterface $jwt |
|
55
|
|
|
* @param \DateInterval $jwsLifetime |
|
56
|
|
|
* @param SignatureGeneratorInterface $signatureGenerator |
|
57
|
|
|
* |
|
58
|
|
|
* @throws \InvalidArgumentException |
|
59
|
|
|
* @throws \LogicException |
|
60
|
|
|
*/ |
|
61
|
|
|
public function __construct(JwtInterface $jwt, \DateInterval $jwsLifetime = null, SignatureGeneratorInterface $signatureGenerator = null) |
|
62
|
|
|
{ |
|
63
|
|
|
$this->jwt = $jwt; |
|
64
|
|
|
|
|
65
|
|
|
if ($jwsLifetime && $jwsLifetime->invert) { |
|
66
|
|
|
throw new \InvalidArgumentException('JWS lifetime must not be inverted'); |
|
67
|
|
|
} |
|
68
|
|
|
|
|
69
|
|
|
$this->jwsLifetime = $jwsLifetime; |
|
70
|
|
|
|
|
71
|
|
|
$this->signatureGenerator = $signatureGenerator ?: SignatureGeneratorFactory::resolve(); |
|
72
|
|
|
} |
|
73
|
|
|
|
|
74
|
|
|
/** |
|
75
|
|
|
* {@inheritdoc} |
|
76
|
|
|
*/ |
|
77
|
|
|
public function authenticate(Request $request): Request |
|
78
|
|
|
{ |
|
79
|
|
|
$now = new \DateTimeImmutable(); |
|
80
|
|
|
|
|
81
|
|
|
if (!$this->jws || $this->jwsValidTo < $now) { |
|
82
|
|
|
$this->jws = $this->signatureGenerator->generate($this->jwt); |
|
83
|
|
|
$this->jwsValidTo = $this->jwsLifetime ? ($now)->add($this->jwsLifetime) : $this->jwsValidTo; |
|
|
|
|
|
|
84
|
|
|
} |
|
85
|
|
|
|
|
86
|
|
|
$request = $request->withHeader('authorization', sprintf('bearer %s', $this->jws)); |
|
87
|
|
|
|
|
88
|
|
|
return $request; |
|
89
|
|
|
} |
|
90
|
|
|
} |
|
91
|
|
|
|
ZhukV /
AppleApnPush
Our type inference engine has found a suspicous assignment of a value to a property. This check raises an issue when a value that can be of a mixed type is assigned to a property that is type hinted more strictly.
For example, imagine you have a variable
$accountIdthat can either hold an Id object or false (if there is no account id yet). Your code now assigns that value to theidproperty of an instance of theAccountclass. This class holds a proper account, so the id value must no longer be false.Either this assignment is in error or a type check should be added for that assignment.