mirror of
https://github.com/elyby/accounts.git
synced 2024-12-25 06:39:46 +05:30
Больше не игнорируем JWT InvalidSubjectException
UnauthorizedHttpException в User/Component больше не логгируется
This commit is contained in:
parent
868ee1c61c
commit
9356ad24b3
@ -17,6 +17,7 @@ use Emarref\Jwt\Verification\Context as VerificationContext;
|
||||
use Exception;
|
||||
use Yii;
|
||||
use yii\base\InvalidConfigException;
|
||||
use yii\web\UnauthorizedHttpException;
|
||||
use yii\web\User as YiiUserComponent;
|
||||
|
||||
/**
|
||||
@ -28,11 +29,11 @@ use yii\web\User as YiiUserComponent;
|
||||
*/
|
||||
class Component extends YiiUserComponent {
|
||||
|
||||
const KEEP_MINECRAFT_SESSIONS = 1;
|
||||
const KEEP_SITE_SESSIONS = 2;
|
||||
const KEEP_CURRENT_SESSION = 4;
|
||||
public const KEEP_MINECRAFT_SESSIONS = 1;
|
||||
public const KEEP_SITE_SESSIONS = 2;
|
||||
public const KEEP_CURRENT_SESSION = 4;
|
||||
|
||||
const JWT_SUBJECT_PREFIX = 'ely|';
|
||||
public const JWT_SUBJECT_PREFIX = 'ely|';
|
||||
|
||||
public $enableSession = false;
|
||||
|
||||
@ -59,7 +60,7 @@ class Component extends YiiUserComponent {
|
||||
}
|
||||
|
||||
public function findIdentityByAccessToken($accessToken): ?IdentityInterface {
|
||||
if ($accessToken === null) {
|
||||
if (empty($accessToken)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@ -67,10 +68,13 @@ class Component extends YiiUserComponent {
|
||||
$identityClass = $this->identityClass;
|
||||
try {
|
||||
return $identityClass::findIdentityByAccessToken($accessToken);
|
||||
} catch (UnauthorizedHttpException $e) {
|
||||
// Do nothing. It's okay to catch this.
|
||||
} catch (Exception $e) {
|
||||
Yii::error($e);
|
||||
return null;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public function createJwtAuthenticationToken(Account $account, bool $rememberMe): AuthenticationResult {
|
||||
@ -223,7 +227,7 @@ class Component extends YiiUserComponent {
|
||||
*/
|
||||
protected function getClaims(Account $account): array {
|
||||
$currentTime = new DateTime();
|
||||
$hostInfo = Yii::$app->request->hostInfo;
|
||||
$hostInfo = Yii::$app->request->hostIHttpExceptionnfo;
|
||||
|
||||
return [
|
||||
new ScopesClaim([R::ACCOUNTS_WEB_USER]),
|
||||
|
@ -5,6 +5,13 @@ use common\models\Account;
|
||||
|
||||
interface IdentityInterface extends \yii\web\IdentityInterface {
|
||||
|
||||
/**
|
||||
* @param string $token
|
||||
* @param string $type
|
||||
*
|
||||
* @throws \yii\web\UnauthorizedHttpException
|
||||
* @return IdentityInterface
|
||||
*/
|
||||
public static function findIdentityByAccessToken($token, $type = null): IdentityInterface;
|
||||
|
||||
/**
|
||||
|
@ -4,7 +4,6 @@ namespace api\components\User;
|
||||
use common\models\Account;
|
||||
use Emarref\Jwt\Claim\Subject;
|
||||
use Emarref\Jwt\Exception\ExpiredException;
|
||||
use Emarref\Jwt\Exception\InvalidSubjectException;
|
||||
use Emarref\Jwt\Token;
|
||||
use Exception;
|
||||
use Yii;
|
||||
@ -29,8 +28,7 @@ class JwtIdentity implements IdentityInterface {
|
||||
$component = Yii::$app->user;
|
||||
try {
|
||||
$token = $component->parseToken($rawToken);
|
||||
} catch (ExpiredException | InvalidSubjectException $e) {
|
||||
// InvalidSubjectException is temporary solution and should be removed in the next release
|
||||
} catch (ExpiredException $e) {
|
||||
throw new UnauthorizedHttpException('Token expired');
|
||||
} catch (Exception $e) {
|
||||
Yii::error($e);
|
||||
|
Loading…
Reference in New Issue
Block a user