|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
namespace Jasny\Auth\Session; |
|
6
|
|
|
|
|
7
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
|
8
|
|
|
|
|
9
|
|
|
/** |
|
10
|
|
|
* Get auth info from Bearer Authorization header |
|
11
|
|
|
*/ |
|
12
|
|
|
class BearerAuth implements SessionInterface |
|
13
|
|
|
{ |
|
14
|
|
|
protected string $idFormat; |
|
15
|
|
|
protected string $header; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* Service constructor. |
|
19
|
|
|
*/ |
|
20
|
6 |
|
public function __construct(?ServerRequestInterface $request = null, string $idFormat = '%s') |
|
21
|
|
|
{ |
|
22
|
6 |
|
$this->idFormat = $idFormat; |
|
23
|
6 |
|
$this->header = isset($request) |
|
24
|
5 |
|
? ($request->getHeaderLine('Authorization') ?? '') |
|
25
|
1 |
|
: ($_SERVER['HTTP_AUTHORIZATION'] ?? ''); |
|
26
|
6 |
|
} |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* Get auth information. |
|
30
|
|
|
* |
|
31
|
|
|
* @return array{uid:string|null,context:mixed,checksum:string|null} |
|
32
|
|
|
*/ |
|
33
|
4 |
|
public function getInfo(): array |
|
34
|
|
|
{ |
|
35
|
4 |
|
$token = stripos($this->header, 'bearer ') === 0 |
|
36
|
2 |
|
? trim(substr($this->header, 6)) |
|
37
|
4 |
|
: ''; |
|
38
|
|
|
|
|
39
|
4 |
|
if ($token === '') { |
|
40
|
2 |
|
return ['uid' => null, 'context' => null, 'checksum' => null]; |
|
41
|
|
|
} |
|
42
|
|
|
|
|
43
|
|
|
return [ |
|
44
|
2 |
|
'uid' => sprintf($this->idFormat, $token), |
|
45
|
|
|
'context' => null, |
|
46
|
2 |
|
'checksum' => '', |
|
47
|
|
|
]; |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
|
|
51
|
|
|
/** |
|
52
|
|
|
* Persist auth information to session. |
|
53
|
|
|
* |
|
54
|
|
|
* @param string|int $uid |
|
55
|
|
|
* @param mixed $context |
|
56
|
|
|
* @param string|null $checksum |
|
57
|
|
|
* @throws \LogicException Since bearer authorization can't be modified server side. |
|
58
|
|
|
*/ |
|
59
|
1 |
|
public function persist($uid, $context, ?string $checksum): void |
|
60
|
|
|
{ |
|
61
|
1 |
|
throw new \LogicException("Unable to persist auth info when using bearer authorization"); |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
/** |
|
65
|
|
|
* Remove auth information from session. |
|
66
|
|
|
* |
|
67
|
|
|
* @throws \LogicException Since bearer authorization can't be modified server side. |
|
68
|
|
|
*/ |
|
69
|
1 |
|
public function clear(): void |
|
70
|
|
|
{ |
|
71
|
1 |
|
throw new \LogicException("Unable to persist auth info when using bearer authorization"); |
|
72
|
|
|
} |
|
73
|
|
|
} |
|
74
|
|
|
|
jasny /
auth
