mirror of
https://github.com/elyby/accounts.git
synced 2024-12-25 14:49:46 +05:30
Больше не игнорируем JWT InvalidSubjectException
UnauthorizedHttpException в User/Component больше не логгируется
This commit is contained in:
parent
868ee1c61c
commit
9356ad24b3
@ -17,6 +17,7 @@ use Emarref\Jwt\Verification\Context as VerificationContext;
|
|||||||
use Exception;
|
use Exception;
|
||||||
use Yii;
|
use Yii;
|
||||||
use yii\base\InvalidConfigException;
|
use yii\base\InvalidConfigException;
|
||||||
|
use yii\web\UnauthorizedHttpException;
|
||||||
use yii\web\User as YiiUserComponent;
|
use yii\web\User as YiiUserComponent;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -28,11 +29,11 @@ use yii\web\User as YiiUserComponent;
|
|||||||
*/
|
*/
|
||||||
class Component extends YiiUserComponent {
|
class Component extends YiiUserComponent {
|
||||||
|
|
||||||
const KEEP_MINECRAFT_SESSIONS = 1;
|
public const KEEP_MINECRAFT_SESSIONS = 1;
|
||||||
const KEEP_SITE_SESSIONS = 2;
|
public const KEEP_SITE_SESSIONS = 2;
|
||||||
const KEEP_CURRENT_SESSION = 4;
|
public const KEEP_CURRENT_SESSION = 4;
|
||||||
|
|
||||||
const JWT_SUBJECT_PREFIX = 'ely|';
|
public const JWT_SUBJECT_PREFIX = 'ely|';
|
||||||
|
|
||||||
public $enableSession = false;
|
public $enableSession = false;
|
||||||
|
|
||||||
@ -59,7 +60,7 @@ class Component extends YiiUserComponent {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public function findIdentityByAccessToken($accessToken): ?IdentityInterface {
|
public function findIdentityByAccessToken($accessToken): ?IdentityInterface {
|
||||||
if ($accessToken === null) {
|
if (empty($accessToken)) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -67,10 +68,13 @@ class Component extends YiiUserComponent {
|
|||||||
$identityClass = $this->identityClass;
|
$identityClass = $this->identityClass;
|
||||||
try {
|
try {
|
||||||
return $identityClass::findIdentityByAccessToken($accessToken);
|
return $identityClass::findIdentityByAccessToken($accessToken);
|
||||||
|
} catch (UnauthorizedHttpException $e) {
|
||||||
|
// Do nothing. It's okay to catch this.
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
Yii::error($e);
|
Yii::error($e);
|
||||||
return null;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
public function createJwtAuthenticationToken(Account $account, bool $rememberMe): AuthenticationResult {
|
public function createJwtAuthenticationToken(Account $account, bool $rememberMe): AuthenticationResult {
|
||||||
@ -223,7 +227,7 @@ class Component extends YiiUserComponent {
|
|||||||
*/
|
*/
|
||||||
protected function getClaims(Account $account): array {
|
protected function getClaims(Account $account): array {
|
||||||
$currentTime = new DateTime();
|
$currentTime = new DateTime();
|
||||||
$hostInfo = Yii::$app->request->hostInfo;
|
$hostInfo = Yii::$app->request->hostIHttpExceptionnfo;
|
||||||
|
|
||||||
return [
|
return [
|
||||||
new ScopesClaim([R::ACCOUNTS_WEB_USER]),
|
new ScopesClaim([R::ACCOUNTS_WEB_USER]),
|
||||||
|
@ -5,6 +5,13 @@ use common\models\Account;
|
|||||||
|
|
||||||
interface IdentityInterface extends \yii\web\IdentityInterface {
|
interface IdentityInterface extends \yii\web\IdentityInterface {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $token
|
||||||
|
* @param string $type
|
||||||
|
*
|
||||||
|
* @throws \yii\web\UnauthorizedHttpException
|
||||||
|
* @return IdentityInterface
|
||||||
|
*/
|
||||||
public static function findIdentityByAccessToken($token, $type = null): IdentityInterface;
|
public static function findIdentityByAccessToken($token, $type = null): IdentityInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -4,7 +4,6 @@ namespace api\components\User;
|
|||||||
use common\models\Account;
|
use common\models\Account;
|
||||||
use Emarref\Jwt\Claim\Subject;
|
use Emarref\Jwt\Claim\Subject;
|
||||||
use Emarref\Jwt\Exception\ExpiredException;
|
use Emarref\Jwt\Exception\ExpiredException;
|
||||||
use Emarref\Jwt\Exception\InvalidSubjectException;
|
|
||||||
use Emarref\Jwt\Token;
|
use Emarref\Jwt\Token;
|
||||||
use Exception;
|
use Exception;
|
||||||
use Yii;
|
use Yii;
|
||||||
@ -29,8 +28,7 @@ class JwtIdentity implements IdentityInterface {
|
|||||||
$component = Yii::$app->user;
|
$component = Yii::$app->user;
|
||||||
try {
|
try {
|
||||||
$token = $component->parseToken($rawToken);
|
$token = $component->parseToken($rawToken);
|
||||||
} catch (ExpiredException | InvalidSubjectException $e) {
|
} catch (ExpiredException $e) {
|
||||||
// InvalidSubjectException is temporary solution and should be removed in the next release
|
|
||||||
throw new UnauthorizedHttpException('Token expired');
|
throw new UnauthorizedHttpException('Token expired');
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
Yii::error($e);
|
Yii::error($e);
|
||||||
|
Loading…
Reference in New Issue
Block a user