Больше не игнорируем JWT InvalidSubjectException

UnauthorizedHttpException в User/Component больше не логгируется

api/components/User/Component.php

@@ -17,6 +17,7 @@ use Emarref\Jwt\Verification\Context as VerificationContext;
 use Exception;
 use Yii;
 use yii\base\InvalidConfigException;
+use yii\web\UnauthorizedHttpException;
 use yii\web\User as YiiUserComponent;
 
 /**
@@ -28,11 +29,11 @@ use yii\web\User as YiiUserComponent;
  */
 class Component extends YiiUserComponent {
 
-    const KEEP_MINECRAFT_SESSIONS = 1;
+    public const KEEP_MINECRAFT_SESSIONS = 1;
-    const KEEP_SITE_SESSIONS = 2;
+    public const KEEP_SITE_SESSIONS = 2;
-    const KEEP_CURRENT_SESSION = 4;
+    public const KEEP_CURRENT_SESSION = 4;
 
-    const JWT_SUBJECT_PREFIX = 'ely|';
+    public const JWT_SUBJECT_PREFIX = 'ely|';
 
     public $enableSession = false;
 
@@ -59,7 +60,7 @@ class Component extends YiiUserComponent {
     }
 
     public function findIdentityByAccessToken($accessToken): ?IdentityInterface {
-        if ($accessToken === null) {
+        if (empty($accessToken)) {
             return null;
         }
 
@@ -67,10 +68,13 @@ class Component extends YiiUserComponent {
         $identityClass = $this->identityClass;
         try {
             return $identityClass::findIdentityByAccessToken($accessToken);
+        } catch (UnauthorizedHttpException $e) {
+            // Do nothing. It's okay to catch this.
         } catch (Exception $e) {
             Yii::error($e);
-            return null;
         }
+
+        return null;
     }
 
     public function createJwtAuthenticationToken(Account $account, bool $rememberMe): AuthenticationResult {
@@ -223,7 +227,7 @@ class Component extends YiiUserComponent {
      */
     protected function getClaims(Account $account): array {
         $currentTime = new DateTime();
-        $hostInfo = Yii::$app->request->hostInfo;
+        $hostInfo = Yii::$app->request->hostIHttpExceptionnfo;
 
         return [
             new ScopesClaim([R::ACCOUNTS_WEB_USER]),

api/components/User/IdentityInterface.php

@@ -5,6 +5,13 @@ use common\models\Account;
 
 interface IdentityInterface extends \yii\web\IdentityInterface {
 
+    /**
+     * @param string $token
+     * @param string $type
+     *
+     * @throws \yii\web\UnauthorizedHttpException
+     * @return IdentityInterface
+     */
     public static function findIdentityByAccessToken($token, $type = null): IdentityInterface;
 
     /**

api/components/User/JwtIdentity.php

@@ -4,7 +4,6 @@ namespace api\components\User;
 use common\models\Account;
 use Emarref\Jwt\Claim\Subject;
 use Emarref\Jwt\Exception\ExpiredException;
-use Emarref\Jwt\Exception\InvalidSubjectException;
 use Emarref\Jwt\Token;
 use Exception;
 use Yii;
@@ -29,8 +28,7 @@ class JwtIdentity implements IdentityInterface {
         $component = Yii::$app->user;
         try {
             $token = $component->parseToken($rawToken);
-        } catch (ExpiredException | InvalidSubjectException $e) {
+        } catch (ExpiredException $e) {
-            // InvalidSubjectException is temporary solution and should be removed in the next release
             throw new UnauthorizedHttpException('Token expired');
         } catch (Exception $e) {
             Yii::error($e);