contredanse /
mfts-server
@@ -11,7 +11,7 @@ |
||
| 11 | 11 | { |
| 12 | 12 | public function __invoke(ContainerInterface $container): ApiTokenValidateHandler |
| 13 | 13 | { |
| 14 | - $tokenService = $container->get(TokenManager::class); |
|
| 14 | + $tokenService = $container->get(TokenManager::class); |
|
| 15 | 15 | |
| 16 | 16 | return new ApiTokenValidateHandler($tokenService); |
| 17 | 17 | } |
@@ -22,7 +22,7 @@ discard block |
||
| 22 | 22 | |
| 23 | 23 | class ApiTokenValidateHandler implements RequestHandlerInterface |
| 24 | 24 | { |
| 25 | - /** |
|
| 25 | + /** |
|
| 26 | 26 | * @var TokenManager |
| 27 | 27 | */ |
| 28 | 28 | private $tokenManager; |
@@ -35,34 +35,34 @@ discard block |
||
| 35 | 35 | public function handle(ServerRequestInterface $request): ResponseInterface |
| 36 | 36 | { |
| 37 | 37 | |
| 38 | - $method = $request->getMethod(); |
|
| 39 | - if ($method !== 'POST') { |
|
| 40 | - throw new \RuntimeException('TODO - Handle error your way ;)'); |
|
| 41 | - } |
|
| 42 | - $body = $request->getParsedBody(); |
|
| 43 | - $tokenString = $body['token'] ?? ''; |
|
| 44 | - try { |
|
| 45 | - $token = $this->tokenManager->getValidatedToken($tokenString); |
|
| 38 | + $method = $request->getMethod(); |
|
| 39 | + if ($method !== 'POST') { |
|
| 40 | + throw new \RuntimeException('TODO - Handle error your way ;)'); |
|
| 41 | + } |
|
| 42 | + $body = $request->getParsedBody(); |
|
| 43 | + $tokenString = $body['token'] ?? ''; |
|
| 44 | + try { |
|
| 45 | + $token = $this->tokenManager->getValidatedToken($tokenString); |
|
| 46 | 46 | |
| 47 | - return (new JsonResponse([ |
|
| 48 | - 'valid' => true, |
|
| 49 | - 'data' => [ |
|
| 50 | - 'user_id' => $token->getClaim('user_id'), |
|
| 51 | - 'expires_at' => $token->getClaim('exp'), |
|
| 52 | - 'remaining_time' => $token->getClaim('exp') - time(), |
|
| 53 | - ] |
|
| 54 | - ]))->withStatus(StatusCodeInterface::STATUS_OK); |
|
| 55 | - } catch (TokenValidationExceptionInterface $e) { |
|
| 56 | - return (new JsonResponse([ |
|
| 57 | - 'valid' => false, |
|
| 58 | - 'reason' => $e->getReason(), |
|
| 59 | - ]))->withStatus($e->getStatusCode()); |
|
| 60 | - } catch (\Throwable $e) { |
|
| 61 | - return (new JsonResponse([ |
|
| 62 | - 'valid' => false, |
|
| 63 | - 'reason' => 'Unknown reason', |
|
| 64 | - ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED); |
|
| 65 | - } |
|
| 47 | + return (new JsonResponse([ |
|
| 48 | + 'valid' => true, |
|
| 49 | + 'data' => [ |
|
| 50 | + 'user_id' => $token->getClaim('user_id'), |
|
| 51 | + 'expires_at' => $token->getClaim('exp'), |
|
| 52 | + 'remaining_time' => $token->getClaim('exp') - time(), |
|
| 53 | + ] |
|
| 54 | + ]))->withStatus(StatusCodeInterface::STATUS_OK); |
|
| 55 | + } catch (TokenValidationExceptionInterface $e) { |
|
| 56 | + return (new JsonResponse([ |
|
| 57 | + 'valid' => false, |
|
| 58 | + 'reason' => $e->getReason(), |
|
| 59 | + ]))->withStatus($e->getStatusCode()); |
|
| 60 | + } catch (\Throwable $e) { |
|
| 61 | + return (new JsonResponse([ |
|
| 62 | + 'valid' => false, |
|
| 63 | + 'reason' => 'Unknown reason', |
|
| 64 | + ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED); |
|
| 65 | + } |
|
| 66 | 66 | |
| 67 | 67 | } |
| 68 | 68 | |
@@ -29,7 +29,7 @@ |
||
| 29 | 29 | |
| 30 | 30 | public function __construct(TokenManager $tokenManager) |
| 31 | 31 | { |
| 32 | - $this->tokenManager = $tokenManager; |
|
| 32 | + $this->tokenManager = $tokenManager; |
|
| 33 | 33 | } |
| 34 | 34 | |
| 35 | 35 | public function handle(ServerRequestInterface $request): ResponseInterface |
@@ -55,55 +55,55 @@ |
||
| 55 | 55 | |
| 56 | 56 | public function handle(ServerRequestInterface $request): ResponseInterface |
| 57 | 57 | { |
| 58 | - $authExpiry = $this->authParams['token_expiry'] ?? TokenManager::DEFAULT_EXPIRY; |
|
| 59 | - |
|
| 60 | - $method = $request->getMethod(); |
|
| 61 | - if ($method !== 'POST') { |
|
| 62 | - throw new \RuntimeException('Unsupported http method'); |
|
| 63 | - } |
|
| 64 | - // Authorization... |
|
| 65 | - // |
|
| 66 | - // Valid users are |
|
| 67 | - // - either admins |
|
| 68 | - // - or valid paying users |
|
| 69 | - // |
|
| 70 | - |
|
| 71 | - $body = $request->getParsedBody(); |
|
| 72 | - $email = trim($body['email'] ?? ''); |
|
| 73 | - $password = trim($body['password'] ?? ''); |
|
| 74 | - |
|
| 75 | - // @todo Must be removed when production |
|
| 76 | - if ($email === '[email protected]' && $password === 'demo') { |
|
| 77 | - // This is for demo only |
|
| 78 | - return $this->getResponseWithAccessToken('[email protected]', $authExpiry); |
|
| 79 | - } |
|
| 80 | - |
|
| 81 | - $authenticationManager = new AuthenticationManager($this->userProvider); |
|
| 82 | - |
|
| 83 | - try { |
|
| 84 | - // Authenticate, wil throw exception if failed |
|
| 85 | - $user = $authenticationManager->getAuthenticatedUser($email, $password); |
|
| 86 | - |
|
| 87 | - // Ensure authorization |
|
| 88 | - $this->productAccess->ensureAccess(ContredanseProductAccess::PAXTON_PRODUCT, $user); |
|
| 89 | - |
|
| 90 | - return $this->getResponseWithAccessToken($user->getDetail('user_id'), $authExpiry); |
|
| 91 | - } catch (AuthExceptionInterface $e) { |
|
| 92 | - return (new JsonResponse([ |
|
| 93 | - 'success' => false, |
|
| 94 | - 'reason' => $e->getReason() |
|
| 95 | - ]))->withStatus($e->getStatusCode()); |
|
| 96 | - } catch (NoProductAccessException | ProductPaymentIssueException | ProductAccessExpiredException $e) { |
|
| 97 | - return (new JsonResponse([ |
|
| 98 | - 'success' => false, |
|
| 99 | - 'reason' => $e->getMessage(), |
|
| 100 | - ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED); |
|
| 101 | - } catch (\Throwable $e) { |
|
| 102 | - return (new JsonResponse([ |
|
| 103 | - 'success' => false, |
|
| 104 | - 'reason' => $e->getMessage() |
|
| 105 | - ]))->withStatus(StatusCodeInterface::STATUS_BAD_REQUEST); |
|
| 106 | - } |
|
| 58 | + $authExpiry = $this->authParams['token_expiry'] ?? TokenManager::DEFAULT_EXPIRY; |
|
| 59 | + |
|
| 60 | + $method = $request->getMethod(); |
|
| 61 | + if ($method !== 'POST') { |
|
| 62 | + throw new \RuntimeException('Unsupported http method'); |
|
| 63 | + } |
|
| 64 | + // Authorization... |
|
| 65 | + // |
|
| 66 | + // Valid users are |
|
| 67 | + // - either admins |
|
| 68 | + // - or valid paying users |
|
| 69 | + // |
|
| 70 | + |
|
| 71 | + $body = $request->getParsedBody(); |
|
| 72 | + $email = trim($body['email'] ?? ''); |
|
| 73 | + $password = trim($body['password'] ?? ''); |
|
| 74 | + |
|
| 75 | + // @todo Must be removed when production |
|
| 76 | + if ($email === '[email protected]' && $password === 'demo') { |
|
| 77 | + // This is for demo only |
|
| 78 | + return $this->getResponseWithAccessToken('[email protected]', $authExpiry); |
|
| 79 | + } |
|
| 80 | + |
|
| 81 | + $authenticationManager = new AuthenticationManager($this->userProvider); |
|
| 82 | + |
|
| 83 | + try { |
|
| 84 | + // Authenticate, wil throw exception if failed |
|
| 85 | + $user = $authenticationManager->getAuthenticatedUser($email, $password); |
|
| 86 | + |
|
| 87 | + // Ensure authorization |
|
| 88 | + $this->productAccess->ensureAccess(ContredanseProductAccess::PAXTON_PRODUCT, $user); |
|
| 89 | + |
|
| 90 | + return $this->getResponseWithAccessToken($user->getDetail('user_id'), $authExpiry); |
|
| 91 | + } catch (AuthExceptionInterface $e) { |
|
| 92 | + return (new JsonResponse([ |
|
| 93 | + 'success' => false, |
|
| 94 | + 'reason' => $e->getReason() |
|
| 95 | + ]))->withStatus($e->getStatusCode()); |
|
| 96 | + } catch (NoProductAccessException | ProductPaymentIssueException | ProductAccessExpiredException $e) { |
|
| 97 | + return (new JsonResponse([ |
|
| 98 | + 'success' => false, |
|
| 99 | + 'reason' => $e->getMessage(), |
|
| 100 | + ]))->withStatus(StatusCodeInterface::STATUS_UNAUTHORIZED); |
|
| 101 | + } catch (\Throwable $e) { |
|
| 102 | + return (new JsonResponse([ |
|
| 103 | + 'success' => false, |
|
| 104 | + 'reason' => $e->getMessage() |
|
| 105 | + ]))->withStatus(StatusCodeInterface::STATUS_BAD_REQUEST); |
|
| 106 | + } |
|
| 107 | 107 | } |
| 108 | 108 | |
| 109 | 109 | |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | 'factories' => [ |
| 38 | 38 | Handler\HomePageHandler::class => Handler\HomePageHandlerFactory::class, |
| 39 | 39 | Handler\ApiTokenLoginHandler::class => Handler\ApiTokenLoginHandlerFactory::class, |
| 40 | - Handler\ApiTokenValidateHandler::class => Handler\ApiTokenValidateHandlerFactory::class, |
|
| 40 | + Handler\ApiTokenValidateHandler::class => Handler\ApiTokenValidateHandlerFactory::class, |
|
| 41 | 41 | Handler\ApiContredanseStatusHandler::class => Handler\ApiContredanseStatusHandlerFactory::class, |
| 42 | 42 | Handler\ApiContredanseProfileHandler::class => Handler\ApiContredanseProfileHandlerFactory::class, |
| 43 | 43 | |
@@ -57,8 +57,8 @@ discard block |
||
| 57 | 57 | Service\Token\TokenManager::class => Service\Token\TokenManagerFactory::class, |
| 58 | 58 | Service\Auth\AuthenticationManager::class => Service\Auth\AuthenticationManagerFactory::class, |
| 59 | 59 | |
| 60 | - // Infrastructure |
|
| 61 | - Infra\Log\AccessLogger::class => Infra\Log\AccessLoggerFactory::class, |
|
| 60 | + // Infrastructure |
|
| 61 | + Infra\Log\AccessLogger::class => Infra\Log\AccessLoggerFactory::class, |
|
| 62 | 62 | ], |
| 63 | 63 | ]; |
| 64 | 64 | } |
@@ -11,12 +11,12 @@ |
||
| 11 | 11 | { |
| 12 | 12 | public const TYPE_LOGIN_SUCCESS = 'log.success'; |
| 13 | 13 | public const TYPE_LOGIN_FAILURE = 'log.fail'; |
| 14 | - public const TYPE_TOKEN_VALIDATE = 'log.validate'; |
|
| 14 | + public const TYPE_TOKEN_VALIDATE = 'log.validate'; |
|
| 15 | 15 | |
| 16 | 16 | public const SUPPORTED_TYPES = [ |
| 17 | 17 | self::TYPE_LOGIN_SUCCESS, |
| 18 | 18 | self::TYPE_LOGIN_FAILURE, |
| 19 | - self::TYPE_TOKEN_VALIDATE, |
|
| 19 | + self::TYPE_TOKEN_VALIDATE, |
|
| 20 | 20 | ]; |
| 21 | 21 | |
| 22 | 22 | /** |
