Skip to content

Commit 8d44fbf

Browse files
AnandPilaniaAnandPilania
authored
Update JWTMiddleware.php
1 parent 8ca9799 commit 8d44fbf

File tree

1 file changed

+41
-21
lines changed

1 file changed

+41
-21
lines changed

JWTMiddleware.php

Lines changed: 41 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -10,30 +10,29 @@ public function __construct() {
1010
}
1111

1212
public function protect($pattern, $handler) {
13-
$event = 'justRun';
1413
$bak = $this->app->ROUTES;
1514
$this->app->ROUTES=array();
1615
$this->app->route($pattern, $handler);
17-
$this->routes[$event] = (isset($this->routes[$event])) ? $this->app->extend('ROUTES',$this->routes[$event]) : $this->app->ROUTES;
16+
$this->routes = (isset($this->routes)) ? $this->app->extend('ROUTES',$this->routes) : $this->app->ROUTES;
1817
$this->app->ROUTES=$bak;
1918
}
2019

21-
public function run($event='justRun') {
22-
if (!isset($this->routes[$event]))
20+
public function run() {
21+
if (!isset($this->routes))
2322
return;
2423
$paths=[];
25-
foreach ($keys=array_keys($this->routes[$event]) as $key) {
24+
foreach ($keys=array_keys($this->routes) as $key) {
2625
$path=preg_replace('/@\w+/','*@',$key);
2726
if (substr($path,-1)!='*')
2827
$path.='+';
2928
$paths[]=$path;
3029
}
31-
$vals=array_values($this->routes[$event]);
30+
$vals=array_values($this->routes);
3231
array_multisort($paths,SORT_DESC,$keys,$vals);
33-
$this->routes[$event]=array_combine($keys,$vals);
32+
$this->routes=array_combine($keys,$vals);
3433
// Convert to BASE-relative URL
3534
$req=urldecode($this->app['PATH']);
36-
foreach ($this->routes[$event] as $pattern=>$routes) {
35+
foreach ($this->routes as $pattern=>$routes) {
3736
if (!$args=$this->app->mask($pattern,$req))
3837
continue;
3938
ksort($args);
@@ -76,15 +75,26 @@ function($id) use($args) {
7675
}
7776

7877
protected function validate($handler, $args, $alias) {
79-
$type = $this->app->get('JWT.TYPE');
78+
$jwtHeader = null;
79+
$type = strtoupper($this->app->get('JWT.TYPE'));
8080

8181
if($type === 'HEADER') {
82-
$jwtToken = $this->app->get('HEADERS.' . $this->app->get('JWT.KEY'));
82+
$jwtHeader = $this->app->get('HEADERS.' . $this->app->get('JWT.KEY'));
8383
} else if($type === 'QUERY') {
8484
$verb = $this->app->get('VERB');
85-
$jwtToken = $this->app->get($verb . '.' . $this->app->get('JWT.KEY'));
86-
} else {
87-
throw new Exception('Invalid JWT TYPE.');
85+
$jwtHeader = $this->app->get($verb . '.' . $this->app->get('JWT.KEY'));
86+
}
87+
88+
$startsWith = $this->app->get('JWT.STARTS_WITH');
89+
if(!$jwtHeader || (($type === 'HEADER' && $startsWith) && !$this->startsWith($jwtHeader, $startsWith))) {
90+
$this->app->call($handler, array($this->app, $args, $alias));
91+
return false;
92+
}
93+
94+
$jwtToken = $jwtHeader;
95+
if($startsWith && $type === 'HEADER') {
96+
$_ex = explode($startsWith . ' ', $jwtHeader);
97+
$jwtToken = isset($_ex[1]) ? $_ex[1] : null;
8898
}
8999

90100
if(!$jwtToken) {
@@ -128,12 +138,22 @@ public function generate($sub) {
128138
}
129139

130140
$payload = [
131-
'iss' => $this->app->get('ISSUER'),
132-
'sub' => $sub,
133-
'iat' => $this->app->get('IAT'),
134-
'exp' => time() + $this->app->get('EXP')
135-
];
136-
137-
return JWT::encode($payload, $this->app->get('JWT.SECRET'));
141+
'iss' => $this->app->get('ISSUER'),
142+
'sub' => $sub,
143+
'iat' => $this->app->get('IAT'),
144+
'exp' => time() + $this->app->get('EXP')
145+
];
146+
147+
return JWT::encode($payload, $this->app->get('JWT.SECRET'));
148+
}
149+
150+
private function startsWith($haystack, $needles) {
151+
foreach ((array) $needles as $needle) {
152+
if ($needle !== '' && substr($haystack, 0, strlen($needle)) === (string) $needle) {
153+
return true;
154+
}
155+
}
156+
157+
return false;
138158
}
139-
}
159+
}

0 commit comments

Comments
 (0)