These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* |
||
4 | * This file is part of jwt-auth |
||
5 | * |
||
6 | * (c) Sean Tymon <[email protected]> |
||
7 | * |
||
8 | * For the full copyright and license information, please view the LICENSE |
||
9 | * file that was distributed with this source code. |
||
10 | */ |
||
11 | |||
12 | namespace Tymon\JWTAuth; |
||
13 | |||
14 | use Tymon\JWTAuth\Support\RefreshFlow; |
||
15 | use Tymon\JWTAuth\Support\CustomClaims; |
||
16 | use Tymon\JWTAuth\Exceptions\JWTException; |
||
17 | use Tymon\JWTAuth\Contracts\Providers\JWT; |
||
0 ignored issues
–
show
|
|||
18 | use Tymon\JWTAuth\Exceptions\TokenBlacklistedException; |
||
19 | |||
20 | class Manager |
||
21 | { |
||
22 | use RefreshFlow, CustomClaims; |
||
23 | |||
24 | /** |
||
25 | * @var \Tymon\JWTAuth\Contracts\Providers\JWT |
||
26 | */ |
||
27 | protected $provider; |
||
28 | |||
29 | /** |
||
30 | * @var \Tymon\JWTAuth\Blacklist |
||
31 | */ |
||
32 | protected $blacklist; |
||
33 | |||
34 | /** |
||
35 | * @var \Tymon\JWTAuth\Factory |
||
36 | */ |
||
37 | protected $payloadFactory; |
||
38 | |||
39 | /** |
||
40 | * @var boolean |
||
41 | */ |
||
42 | protected $blacklistEnabled = true; |
||
43 | |||
44 | /** |
||
45 | * @param \Tymon\JWTAuth\Contracts\Providers\JWT $provider |
||
46 | * @param \Tymon\JWTAuth\Blacklist $blacklist |
||
47 | * @param \Tymon\JWTAuth\Factory $payloadFactory |
||
48 | */ |
||
49 | 20 | public function __construct(JWT $provider, Blacklist $blacklist, Factory $payloadFactory) |
|
50 | { |
||
51 | 20 | $this->provider = $provider; |
|
52 | 20 | $this->blacklist = $blacklist; |
|
53 | 20 | $this->payloadFactory = $payloadFactory; |
|
54 | 20 | } |
|
55 | |||
56 | /** |
||
57 | * Encode a Payload and return the Token |
||
58 | * |
||
59 | * @param \Tymon\JWTAuth\Payload $payload |
||
60 | * |
||
61 | * @return \Tymon\JWTAuth\Token |
||
62 | */ |
||
63 | 4 | public function encode(Payload $payload) |
|
64 | { |
||
65 | 4 | $token = $this->provider->encode($payload->get()); |
|
66 | |||
67 | 4 | return new Token($token); |
|
68 | } |
||
69 | |||
70 | /** |
||
71 | * Decode a Token and return the Payload |
||
72 | * |
||
73 | * @param \Tymon\JWTAuth\Token $token |
||
74 | * |
||
75 | * @throws TokenBlacklistedException |
||
76 | * |
||
77 | * @return \Tymon\JWTAuth\Payload |
||
78 | */ |
||
79 | 10 | public function decode(Token $token) |
|
80 | { |
||
81 | 10 | $payloadArray = $this->provider->decode($token->get()); |
|
82 | |||
83 | 10 | $payload = $this->payloadFactory |
|
84 | 10 | ->setRefreshFlow($this->refreshFlow) |
|
85 | 10 | ->customClaims($payloadArray) |
|
86 | 10 | ->make(); |
|
87 | |||
88 | 10 | if ($this->blacklistEnabled && $this->blacklist->has($payload)) { |
|
89 | 2 | throw new TokenBlacklistedException('The token has been blacklisted'); |
|
90 | } |
||
91 | |||
92 | 8 | return $payload; |
|
93 | } |
||
94 | |||
95 | /** |
||
96 | * Refresh a Token and return a new Token |
||
97 | * |
||
98 | * @param \Tymon\JWTAuth\Token $token |
||
99 | * |
||
100 | * @return \Tymon\JWTAuth\Token |
||
101 | */ |
||
102 | 2 | public function refresh(Token $token) |
|
103 | { |
||
104 | 2 | $payload = $this->setRefreshFlow()->decode($token); |
|
105 | |||
106 | 2 | if ($this->blacklistEnabled) { |
|
107 | // invalidate old token |
||
108 | 2 | $this->blacklist->add($payload); |
|
109 | 2 | } |
|
110 | |||
111 | // persist the subject and issued at claims |
||
112 | 2 | $claims = array_merge( |
|
113 | 2 | $this->customClaims, |
|
114 | 2 | ['sub' => $payload['sub'], 'iat' => $payload['iat']] |
|
115 | 2 | ); |
|
116 | |||
117 | // return the new token |
||
118 | 2 | return $this->encode( |
|
119 | 2 | $this->payloadFactory->customClaims($claims)->make() |
|
120 | 2 | ); |
|
121 | } |
||
122 | |||
123 | /** |
||
124 | * Invalidate a Token by adding it to the blacklist |
||
125 | * |
||
126 | * @param Token $token |
||
127 | * @param boolean $forceForever |
||
128 | * |
||
129 | * @throws JWTException |
||
130 | * |
||
131 | * @return boolean |
||
132 | */ |
||
133 | 6 | public function invalidate(Token $token, $forceForever = false) |
|
134 | { |
||
135 | 6 | if (! $this->blacklistEnabled) { |
|
136 | 2 | throw new JWTException('You must have the blacklist enabled to invalidate a token.'); |
|
137 | } |
||
138 | |||
139 | 4 | return call_user_func( |
|
140 | 4 | [$this->blacklist, $forceForever ? 'addForever' : 'add'], |
|
141 | 4 | $this->decode($token) |
|
142 | 4 | ); |
|
143 | } |
||
144 | |||
145 | /** |
||
146 | * Get the Payload Factory instance |
||
147 | * |
||
148 | * @return \Tymon\JWTAuth\Factory |
||
149 | */ |
||
150 | 2 | public function getPayloadFactory() |
|
151 | { |
||
152 | 2 | return $this->payloadFactory; |
|
153 | } |
||
154 | |||
155 | /** |
||
156 | * Get the JWTProvider instance |
||
157 | * |
||
158 | * @return \Tymon\JWTAuth\Contracts\Providers\JWT |
||
159 | */ |
||
160 | 2 | public function getJWTProvider() |
|
161 | { |
||
162 | 2 | return $this->provider; |
|
163 | } |
||
164 | |||
165 | /** |
||
166 | * Get the Blacklist instance |
||
167 | * |
||
168 | * @return \Tymon\JWTAuth\Blacklist |
||
169 | */ |
||
170 | 2 | public function getBlacklist() |
|
171 | { |
||
172 | 2 | return $this->blacklist; |
|
173 | } |
||
174 | |||
175 | /** |
||
176 | * Set whether the blacklist is enabled |
||
177 | * |
||
178 | * @param bool $enabled |
||
179 | * |
||
180 | * @return \Tymon\JWTAuth\Manager |
||
181 | */ |
||
182 | 2 | public function setBlacklistEnabled($enabled) |
|
183 | { |
||
184 | 2 | $this->blacklistEnabled = $enabled; |
|
185 | |||
186 | 2 | return $this; |
|
187 | } |
||
188 | } |
||
189 |
Let’s assume that you have a directory layout like this:
and let’s assume the following content of
Bar.php
:If both files
OtherDir/Foo.php
andSomeDir/Foo.php
are loaded in the same runtime, you will see a PHP error such as the following:PHP Fatal error: Cannot use SomeDir\Foo as Foo because the name is already in use in OtherDir/Foo.php
However, as
OtherDir/Foo.php
does not necessarily have to be loaded and the error is only triggered if it is loaded beforeOtherDir/Bar.php
, this problem might go unnoticed for a while. In order to prevent this error from surfacing, you must import the namespace with a different alias: