JwtGuard - Code Metrics - Inspection of "Update JwtGuard to accomodate new version of JwtSe..." - wisoot/jwt-guard - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — develop ( 206596...c4148f )

by Wisoot

created 2016-05-04 07:32 UTC

JwtGuard B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	367
Duplicated Lines	12.26 %

Coupling/Cohesion

Components	1
Dependencies	10

Importance

Changes	11
Bugs	1	Features	3

Metric	Value
wmc	40
c	11
b	1
f	3
lcom	1
cbo	10
dl	45
loc	367
rs	8.2608

19 Methods

Rating	Name	Duplication	Size	Complexity
A	__construct()	0	9	1
B	user()	0	24	5
A	getUserByToken()	0	11	3
A	validate()	0	4	1
A	attempt()	0	19	3
A	hasValidCredentials()	0	4	2
A	fireAttemptEvent()	0	8	2
A	attempting()	0	6	2
A	login()	0	18	1
A	refreshTokenForUser()	0	10	2
A	fireLoginEvent()	0	6	2
A	loginUsingId()	0	6	1
A	logout()	21	21	4
B	logoutAll()	24	24	4
A	refreshToken()	0	10	2
A	setToken()	0	4	1
A	getToken()	0	4	1
A	isTokenRefreshable()	0	4	1
A	getBearerToken()	0	10	2

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like JwtGuard often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use JwtGuard, and based on these observations, apply Extract Interface, too.

<?php

namespace WWON\JwtGuard;

use Illuminate\Auth\Events\Attempting;
use Illuminate\Auth\Events\Login;
use Illuminate\Auth\Events\Logout;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Config;
use WWON\JwtGuard\Exceptions\Exception;
use WWON\JwtGuard\Exceptions\InaccessibleException;
use WWON\JwtGuard\Exceptions\InvalidTokenException;
use WWON\JwtGuard\Exceptions\MalformedException;
use WWON\JwtGuard\Exceptions\TokenExpiredException;

class JwtGuard implements Guard
{

    use GuardHelpers;

    /**
     * @var string
     */
    protected $token;

    /**
     * @var bool
     */
    protected $isTokenRefreshable = false;

    /**
     * @var JwtService
     */
    protected $jwtService;

    /**
     * @var Request
     */
    protected $request;

    /**
     * Indicates if the logout method has been called.
     *
     * @var bool
     */
    protected $loggedOut = false;

    /**
     * JwtGuard constructor
     *
     * @param UserProvider $provider
     * @param JwtService $jwtService
     * @param Request|null $request
     */
    public function __construct(
        UserProvider $provider,
        JwtService $jwtService,
        Request $request = null
    ) {
        $this->provider = $provider;
        $this->jwtService = $jwtService;
        $this->request = $request;
    }

    /**
     * Get the currently authenticated user.
     *
     * @return \Illuminate\Contracts\Auth\Authenticatable|null
     */
    public function user()
    {
        // If we've already retrieved the user for the current request we can just
        // return it back immediately. We do not want to fetch the user data on
        // every call to this method because that would be tremendously slow.
        if ($this->user) {
            return $this->user;
        }

        if (!$token = $this->getBearerToken()) {
            return $this->user = null;
        }

        try {
            $this->user = $this->getUserByToken($token);
        } catch (InaccessibleException $e) {
            $this->isTokenRefreshable = true;
            $this->user = null;
        } catch (Exception $e) {
            $this->user = null;
        }

        return $this->user;
    }

    /**
     * Retrieve the user by the given payload.
     *
     * @param string $token
     * @return AuthenticatableContract|null
     * @throws InaccessibleException
     * @throws MalformedException
     * @throws TokenExpiredException
     * @throws InvalidTokenException
     */
    protected function getUserByToken($token)
    {
        $claim = $this->jwtService->getClaimFromToken($token);
        $user = $this->provider->retrieveById($claim->sub);

        if (!empty($user) && get_class($user) !== $claim->aud) {
            throw new InvalidTokenException;
        }

        return $user;
    }

    /**
     * Validate a user's credentials.
     *
     * @param array $credentials
     * @return bool
     */
    public function validate(array $credentials = [])
    {
        return $this->attempt($credentials, false);
    }

    /**
     * Attempt to authenticate a user using the given credentials.
     *
     * @param array $credentials
     * @param bool $login
     * @return bool
     */
    public function attempt(array $credentials = [], $login = true)
    {
        $this->fireAttemptEvent($credentials, $login);

        $this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
class MyClass { }

$x = new MyClass();
$x->foo = true;

        // If an implementation of UserInterface was returned, we'll ask the provider
        // to validate the user against the given credentials, and if they are in
        // fact valid we'll log the users into the application and return true.
        if ($this->hasValidCredentials($user, $credentials)) {
            if ($login) {
                $this->login($user);
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}
            }

            return true;
        }

        return false;
    }

    /**
     * Determine if the user matches the credentials.
     *
     * @param mixed $user
     * @param array $credentials
     * @return bool
     */
    protected function hasValidCredentials($user, $credentials)
    {
        return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
    }

    /**
     * Fire the attempt event with the arguments.
     *
     * @param array $credentials
     * @param bool $login
     * @return void
     */
    protected function fireAttemptEvent(array $credentials, $login)
    {
        if (isset($this->events)) {
            $this->events->fire(new Attempting(
class MyClass { }

$x = new MyClass();
$x->foo = true;
                $credentials, false, $login
            ));
        }
    }

    /**
     * Register an authentication attempt event listener.
     *
     * @param mixed $callback
     * @return void
     */
    public function attempting($callback)
    {
        if (isset($this->events)) {
            $this->events->listen(Attempting::class, $callback);
        }
    }

    /**
     * Log a user into the application.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @return void
     */
    public function login(AuthenticatableContract $user)
    {
        $claim = new Claim([
            'sub' => $user->getAuthIdentifier(),
            'aud' => get_class($user),
            'refresh' => Config::get('jwt.refreshable')
        ]);

        $token = $this->jwtService->getTokenForClaim($claim);

        // If we have an event dispatcher instance set we will fire an event so that
        // any listeners will hook into the authentication events and run actions
        // based on the login and logout events fired from the guard instances.
        $this->fireLoginEvent($user);

        $this->setToken($token);
        $this->setUser($user);
    }

    /**
     * generateTokenForUser method
     *
     * @param string $token
     * @return string
     */
    protected function refreshTokenForUser($token)
    {
        try {
            $newToken = $this->jwtService->refreshToken($token);
        } catch (Exception $e) {
            $newToken = null;
        }

        return $newToken;
    }

    /**
     * Fire the login event if the dispatcher is set.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @param bool  $remember
     * @return void
     */
    protected function fireLoginEvent($user, $remember = false)
    {
        if (isset($this->events)) {
            $this->events->fire(new Login($user, $remember));
        }
    }

    /**
     * Log the given user ID into the application.
     *
     * @param mixed $id
     * @return \Illuminate\Contracts\Auth\Authenticatable
     */
    public function loginUsingId($id)
    {
        $this->login($user = $this->provider->retrieveById($id));
/** @return stdClass|null */
function mayReturnNull() { }

function doesNotAcceptNull(stdClass $x) { }

// With potential error.
function withoutCheck() {
    $x = mayReturnNull();
    doesNotAcceptNull($x); // Potential error here.
}

// Safe - Alternative 1
function withCheck1() {
    $x = mayReturnNull();
    if ( ! $x instanceof stdClass) {
        throw new \LogicException('$x must be defined.');
    }
    doesNotAcceptNull($x);
}

// Safe - Alternative 2
function withCheck2() {
    $x = mayReturnNull();
    if ($x instanceof stdClass) {
        doesNotAcceptNull($x);
    }
}

        return $user;
    }

    /**
     * Log the user out of the application.
     *
     * @return void
     */
    public function logout()

    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $this->jwtService->invalidateToken($token);
        } catch (Exception $e) { }


        if (isset($this->events)) {
            $this->events->fire(new Logout($this->user));
        }

        // Once we have fired the logout event we will clear the users out of memory
        // so they are no longer available as the user is no longer considered as
        // being signed into this application and should not be available here.
        $this->user = null;
        $this->token = null;
        $this->loggedOut = true;
    }

    /**
     * log this user out from every token
     *
     * @return void
     */
    public function logoutAll()

    {
        if (!$token = $this->getBearerToken()) {
            return;
        }

        try {
            $user = $this->jwtService->getClaimFromToken($token);

            $this->jwtService->wipeUserTokens($user);

        } catch (Exception $e) { }


        if (isset($this->events)) {
            $this->events->fire(new Logout($this->user));
        }

        // Once we have fired the logout event we will clear the users out of memory
        // so they are no longer available as the user is no longer considered as
        // being signed into this application and should not be available here.
        $this->user = null;
        $this->token = null;
        $this->loggedOut = true;
    }

    /**
     * Refresh user token
     *
     * @return string|null
     */
    public function refreshToken()
    {
        if (!$token = $this->getBearerToken()) {
            return null;
        }

        $this->token = $this->refreshTokenForUser($token);

        return $this->token;
    }

    /**
     * setToken method
     *
     * @param string $token
     */
    public function setToken($token)
    {
        $this->token = $token;
    }

    /**
     * getToken method
     *
     * @return null|string
     */
    public function getToken()
    {
        return $this->token;
    }

    /**
     * isTokenRefreshable method
     */
    public function isTokenRefreshable()
    {
        return $this->isTokenRefreshable;
    }

    /**
     * getBearerToken method
     *
     * @return string|null
     */
    protected function getBearerToken()
    {
        $header = $this->request->header('Authorization', '');

        if (starts_with(strtolower($header), 'bearer ')) {
            return mb_substr($header, 7, null, 'UTF-8');
        }

        return null;
    }

}

1		<?php
2
3		namespace WWON\JwtGuard;
4
5		use Illuminate\Auth\Events\Attempting;
6		use Illuminate\Auth\Events\Login;
7		use Illuminate\Auth\Events\Logout;
8		use Illuminate\Auth\GuardHelpers;
9		use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
10		use Illuminate\Contracts\Auth\Guard;
11		use Illuminate\Contracts\Auth\UserProvider;
12		use Illuminate\Http\Request;
13		use Illuminate\Support\Facades\Config;
14		use WWON\JwtGuard\Exceptions\Exception;
15		use WWON\JwtGuard\Exceptions\InaccessibleException;
16		use WWON\JwtGuard\Exceptions\InvalidTokenException;
17		use WWON\JwtGuard\Exceptions\MalformedException;
18		use WWON\JwtGuard\Exceptions\TokenExpiredException;
19
20		class JwtGuard implements Guard
21		{
22
23		use GuardHelpers;
24
25		/**
26		* @var string
27		*/
28		protected $token;
29
30		/**
31		* @var bool
32		*/
33		protected $isTokenRefreshable = false;
34
35		/**
36		* @var JwtService
37		*/
38		protected $jwtService;
39
40		/**
41		* @var Request
42		*/
43		protected $request;
44
45		/**
46		* Indicates if the logout method has been called.
47		*
48		* @var bool
49		*/
50		protected $loggedOut = false;
51
52		/**
53		* JwtGuard constructor
54		*
55		* @param UserProvider $provider
56		* @param JwtService $jwtService
57		* @param Request\|null $request
58		*/
59		public function __construct(
60		UserProvider $provider,
61		JwtService $jwtService,
62		Request $request = null
63		) {
64		$this->provider = $provider;
65		$this->jwtService = $jwtService;
66		$this->request = $request;
67		}
68
69		/**
70		* Get the currently authenticated user.
71		*
72		* @return \Illuminate\Contracts\Auth\Authenticatable\|null
73		*/
74		public function user()
75		{
76		// If we've already retrieved the user for the current request we can just
77		// return it back immediately. We do not want to fetch the user data on
78		// every call to this method because that would be tremendously slow.
79		if ($this->user) {
80		return $this->user;
81		}
82
83		if (!$token = $this->getBearerToken()) {
84		return $this->user = null;
85		}
86
87		try {
88		$this->user = $this->getUserByToken($token);
89		} catch (InaccessibleException $e) {
90		$this->isTokenRefreshable = true;
91		$this->user = null;
92		} catch (Exception $e) {
93		$this->user = null;
94		}
95
96		return $this->user;
97		}
98
99		/**
100		* Retrieve the user by the given payload.
101		*
102		* @param string $token
103		* @return AuthenticatableContract\|null
104		* @throws InaccessibleException
105		* @throws MalformedException
106		* @throws TokenExpiredException
107		* @throws InvalidTokenException
108		*/
109		protected function getUserByToken($token)
110		{
111		$claim = $this->jwtService->getClaimFromToken($token);
112		$user = $this->provider->retrieveById($claim->sub);
113
114		if (!empty($user) && get_class($user) !== $claim->aud) {
115		throw new InvalidTokenException;
116		}
117
118		return $user;
119		}
120
121		/**
122		* Validate a user's credentials.
123		*
124		* @param array $credentials
125		* @return bool
126		*/
127		public function validate(array $credentials = [])
128		{
129		return $this->attempt($credentials, false);
130		}
131
132		/**
133		* Attempt to authenticate a user using the given credentials.
134		*
135		* @param array $credentials
136		* @param bool $login
137		* @return bool
138		*/
139		public function attempt(array $credentials = [], $login = true)
140		{
141		$this->fireAttemptEvent($credentials, $login);
142
143		$this->lastAttempted = $user = $this->provider->retrieveByCredentials($credentials);
		0 ignored issues – show Bug introduced 2016-04-08 01:10 UTC by Report Bug Copy Issue Report The property `lastAttempted` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
144
145		// If an implementation of UserInterface was returned, we'll ask the provider
146		// to validate the user against the given credentials, and if they are in
147		// fact valid we'll log the users into the application and return true.
148		if ($this->hasValidCredentials($user, $credentials)) {
149		if ($login) {
150		$this->login($user);
		0 ignored issues – show Bug introduced 2016-04-08 01:10 UTC by Report Bug Copy Issue Report It seems like `$user` defined by `$this->provider->retriev...edentials($credentials)` on line `143` can be `null`; however, `WWON\JwtGuard\JwtGuard::login()` does not accept `null`, maybe add an additional type check? Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: /** @return stdClass\|null */ function mayReturnNull() { } function doesNotAcceptNull(stdClass $x) { } // With potential error. function withoutCheck() { $x = mayReturnNull(); doesNotAcceptNull($x); // Potential error here. } // Safe - Alternative 1 function withCheck1() { $x = mayReturnNull(); if ( ! $x instanceof stdClass) { throw new \LogicException('$x must be defined.'); } doesNotAcceptNull($x); } // Safe - Alternative 2 function withCheck2() { $x = mayReturnNull(); if ($x instanceof stdClass) { doesNotAcceptNull($x); } } Loading history...
151		}
152
153		return true;
154		}
155
156		return false;
157		}
158
159		/**
160		* Determine if the user matches the credentials.
161		*
162		* @param mixed $user
163		* @param array $credentials
164		* @return bool
165		*/
166		protected function hasValidCredentials($user, $credentials)
167		{
168		return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);
169		}
170
171		/**
172		* Fire the attempt event with the arguments.
173		*
174		* @param array $credentials
175		* @param bool $login
176		* @return void
177		*/
178		protected function fireAttemptEvent(array $credentials, $login)
179		{
180		if (isset($this->events)) {
181		$this->events->fire(new Attempting(
		0 ignored issues – show Bug introduced 2016-04-08 01:10 UTC by Report Bug Copy Issue Report The property `events` does not exist. Did you maybe forget to declare it? In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { } $x = new MyClass(); $x->foo = true; Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass { public $foo; } $x = new MyClass(); $x->foo = true; Loading history...
182		$credentials, false, $login
183		));
184		}
185		}
186
187		/**
188		* Register an authentication attempt event listener.
189		*
190		* @param mixed $callback
191		* @return void
192		*/
193		public function attempting($callback)
194		{
195		if (isset($this->events)) {
196		$this->events->listen(Attempting::class, $callback);
197		}
198		}
199
200		/**
201		* Log a user into the application.
202		*
203		* @param \Illuminate\Contracts\Auth\Authenticatable $user
204		* @return void
205		*/
206		public function login(AuthenticatableContract $user)
207		{
208		$claim = new Claim([
209		'sub' => $user->getAuthIdentifier(),
210		'aud' => get_class($user),
211		'refresh' => Config::get('jwt.refreshable')
212		]);
213
214		$token = $this->jwtService->getTokenForClaim($claim);
215
216		// If we have an event dispatcher instance set we will fire an event so that
217		// any listeners will hook into the authentication events and run actions
218		// based on the login and logout events fired from the guard instances.
219		$this->fireLoginEvent($user);
220
221		$this->setToken($token);
222		$this->setUser($user);
223		}
224
225		/**
226		* generateTokenForUser method
227		*
228		* @param string $token
229		* @return string
230		*/
231		protected function refreshTokenForUser($token)
232		{
233		try {
234		$newToken = $this->jwtService->refreshToken($token);
235		} catch (Exception $e) {
236		$newToken = null;
237		}
238
239		return $newToken;
240		}
241
242		/**
243		* Fire the login event if the dispatcher is set.
244		*
245		* @param \Illuminate\Contracts\Auth\Authenticatable $user
246		* @param bool $remember
247		* @return void
248		*/
249		protected function fireLoginEvent($user, $remember = false)
250		{
251		if (isset($this->events)) {
252		$this->events->fire(new Login($user, $remember));
253		}
254		}
255
256		/**
257		* Log the given user ID into the application.
258		*
259		* @param mixed $id
260		* @return \Illuminate\Contracts\Auth\Authenticatable
261		*/
262		public function loginUsingId($id)
263		{
264		$this->login($user = $this->provider->retrieveById($id));
		0 ignored issues – show Bug introduced 2016-04-08 01:10 UTC by Report Bug Copy Issue Report It seems like `$user = $this->provider->retrieveById($id)` can be `null`; however, `login()` does not accept `null`, maybe add an additional type check? Unless you are absolutely sure that the expression can never be null because of other conditions, we strongly recommend to add an additional type check to your code: /** @return stdClass\|null */ function mayReturnNull() { } function doesNotAcceptNull(stdClass $x) { } // With potential error. function withoutCheck() { $x = mayReturnNull(); doesNotAcceptNull($x); // Potential error here. } // Safe - Alternative 1 function withCheck1() { $x = mayReturnNull(); if ( ! $x instanceof stdClass) { throw new \LogicException('$x must be defined.'); } doesNotAcceptNull($x); } // Safe - Alternative 2 function withCheck2() { $x = mayReturnNull(); if ($x instanceof stdClass) { doesNotAcceptNull($x); } } Loading history...
265
266		return $user;
267		}
268
269		/**
270		* Log the user out of the application.
271		*
272		* @return void
273		*/
274	View Code Duplication	public function logout()
		0 ignored issues – show Duplication introduced 2016-04-04 23:54 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
275		{
276		if (!$token = $this->getBearerToken()) {
277		return;
278		}
279
280		try {
281		$this->jwtService->invalidateToken($token);
282		} catch (Exception $e) { }
		0 ignored issues – show Coding Style Comprehensibility introduced 2016-04-29 00:59 UTC by Report Bug Copy Issue Report Consider adding a comment why this CATCH block is empty. Loading history...
283
284		if (isset($this->events)) {
285		$this->events->fire(new Logout($this->user));
286		}
287
288		// Once we have fired the logout event we will clear the users out of memory
289		// so they are no longer available as the user is no longer considered as
290		// being signed into this application and should not be available here.
291		$this->user = null;
292		$this->token = null;
293		$this->loggedOut = true;
294		}
295
296		/**
297		* log this user out from every token
298		*
299		* @return void
300		*/
301	View Code Duplication	public function logoutAll()
		0 ignored issues – show Duplication introduced 2016-04-04 23:54 UTC by Report Bug Copy Issue Report This method seems to be duplicated in your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
302		{
303		if (!$token = $this->getBearerToken()) {
304		return;
305		}
306
307		try {
308		$user = $this->jwtService->getClaimFromToken($token);
309
310		$this->jwtService->wipeUserTokens($user);
311
312		} catch (Exception $e) { }
		0 ignored issues – show Coding Style Comprehensibility introduced 2016-04-29 00:59 UTC by Report Bug Copy Issue Report Consider adding a comment why this CATCH block is empty. Loading history...
313
314		if (isset($this->events)) {
315		$this->events->fire(new Logout($this->user));
316		}
317
318		// Once we have fired the logout event we will clear the users out of memory
319		// so they are no longer available as the user is no longer considered as
320		// being signed into this application and should not be available here.
321		$this->user = null;
322		$this->token = null;
323		$this->loggedOut = true;
324		}
325
326		/**
327		* Refresh user token
328		*
329		* @return string\|null
330		*/
331		public function refreshToken()
332		{
333		if (!$token = $this->getBearerToken()) {
334		return null;
335		}
336
337		$this->token = $this->refreshTokenForUser($token);
338
339		return $this->token;
340		}
341
342		/**
343		* setToken method
344		*
345		* @param string $token
346		*/
347		public function setToken($token)
348		{
349		$this->token = $token;
350		}
351
352		/**
353		* getToken method
354		*
355		* @return null\|string
356		*/
357		public function getToken()
358		{
359		return $this->token;
360		}
361
362		/**
363		* isTokenRefreshable method
364		*/
365		public function isTokenRefreshable()
366		{
367		return $this->isTokenRefreshable;
368		}
369
370		/**
371		* getBearerToken method
372		*
373		* @return string\|null
374		*/
375		protected function getBearerToken()
376		{
377		$header = $this->request->header('Authorization', '');
378
379		if (starts_with(strtolower($header), 'bearer ')) {
380		return mb_substr($header, 7, null, 'UTF-8');
381		}
382
383		return null;
384		}
385
386		}

wisoot / jwt-guard