From 0aa5cffe8144a7e0e8150b519dca17d336595140 Mon Sep 17 00:00:00 2001
From: Nova Adi Saputra <70581926+MrFrost-Nv27@users.noreply.github.com>
Date: Thu, 22 Feb 2024 12:28:05 +0700
Subject: [PATCH 1/3] Update JWT.php

---
 src/Authentication/Authenticators/JWT.php | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/src/Authentication/Authenticators/JWT.php b/src/Authentication/Authenticators/JWT.php
index 84efc2fb5..e811912a5 100644
--- a/src/Authentication/Authenticators/JWT.php
+++ b/src/Authentication/Authenticators/JWT.php
@@ -14,6 +14,7 @@
 namespace CodeIgniter\Shield\Authentication\Authenticators;
 
 use CodeIgniter\HTTP\IncomingRequest;
+use CodeIgniter\HTTP\RequestInterface;
 use CodeIgniter\I18n\Time;
 use CodeIgniter\Shield\Authentication\AuthenticationException;
 use CodeIgniter\Shield\Authentication\AuthenticatorInterface;
@@ -209,11 +210,31 @@ public function loggedIn(): bool
         /** @var AuthJWT $config */
         $config = config('AuthJWT');
 
+        $token = $this->getTokenFromHeader($request);
+
         return $this->attempt([
-            'token' => $request->getHeaderLine($config->authenticatorHeader),
+            'token' => $token,
         ])->isOK();
     }
 
+    private function getTokenFromHeader(RequestInterface $request): string
+    {
+        assert($request instanceof IncomingRequest);
+
+        /** @var AuthJWT $config */
+        $config = config('AuthJWT');
+
+        $tokenHeader = $request->getHeaderLine(
+            $config->authenticatorHeader ?? 'Authorization'
+        );
+
+        if (strpos($tokenHeader, 'Bearer') === 0) {
+            return trim(substr($tokenHeader, 6));
+        }
+
+        return $tokenHeader;
+    }
+
     /**
      * Logs the given user in by saving them to the class.
      */

From b74d08200959cdef9fc133a555df82faec1f7fb5 Mon Sep 17 00:00:00 2001
From: kenjis <kenji.uui@gmail.com>
Date: Thu, 22 Feb 2024 15:21:44 +0900
Subject: [PATCH 2/3] refactor: remove JWTAuth::getTokenFromHeader() and use
 JWT::getTokenFromHeader()

---
 src/Authentication/Authenticators/JWT.php |  5 +----
 src/Filters/JWTAuth.php                   | 21 +--------------------
 2 files changed, 2 insertions(+), 24 deletions(-)

diff --git a/src/Authentication/Authenticators/JWT.php b/src/Authentication/Authenticators/JWT.php
index e811912a5..b41c8d721 100644
--- a/src/Authentication/Authenticators/JWT.php
+++ b/src/Authentication/Authenticators/JWT.php
@@ -207,9 +207,6 @@ public function loggedIn(): bool
         /** @var IncomingRequest $request */
         $request = service('request');
 
-        /** @var AuthJWT $config */
-        $config = config('AuthJWT');
-
         $token = $this->getTokenFromHeader($request);
 
         return $this->attempt([
@@ -217,7 +214,7 @@ public function loggedIn(): bool
         ])->isOK();
     }
 
-    private function getTokenFromHeader(RequestInterface $request): string
+    public function getTokenFromHeader(RequestInterface $request): string
     {
         assert($request instanceof IncomingRequest);
 
diff --git a/src/Filters/JWTAuth.php b/src/Filters/JWTAuth.php
index e49fb476b..d0f67aad8 100644
--- a/src/Filters/JWTAuth.php
+++ b/src/Filters/JWTAuth.php
@@ -19,7 +19,6 @@
 use CodeIgniter\HTTP\Response;
 use CodeIgniter\HTTP\ResponseInterface;
 use CodeIgniter\Shield\Authentication\Authenticators\JWT;
-use CodeIgniter\Shield\Config\AuthJWT;
 use Config\Services;
 
 /**
@@ -45,7 +44,7 @@ public function before(RequestInterface $request, $arguments = null)
         /** @var JWT $authenticator */
         $authenticator = auth('jwt')->getAuthenticator();
 
-        $token = $this->getTokenFromHeader($request);
+        $token = $authenticator->getTokenFromHeader($request);
 
         $result = $authenticator->attempt(['token' => $token]);
 
@@ -62,24 +61,6 @@ public function before(RequestInterface $request, $arguments = null)
         }
     }
 
-    private function getTokenFromHeader(RequestInterface $request): string
-    {
-        assert($request instanceof IncomingRequest);
-
-        /** @var AuthJWT $config */
-        $config = config('AuthJWT');
-
-        $tokenHeader = $request->getHeaderLine(
-            $config->authenticatorHeader ?? 'Authorization'
-        );
-
-        if (strpos($tokenHeader, 'Bearer') === 0) {
-            return trim(substr($tokenHeader, 6));
-        }
-
-        return $tokenHeader;
-    }
-
     /**
      * We don't have anything to do here.
      *

From 44e16bd5515f42a5983979739a10e4ae58bead92 Mon Sep 17 00:00:00 2001
From: kenjis <kenji.uui@gmail.com>
Date: Thu, 22 Feb 2024 15:37:38 +0900
Subject: [PATCH 3/3] refactor: rename getTokenFromHeader to
 getTokenFromRequest

---
 src/Authentication/Authenticators/JWT.php            |  7 +++++--
 src/Filters/JWTAuth.php                              |  2 +-
 .../Authenticators/JWTAuthenticatorTest.php          | 12 ++++++++++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/Authentication/Authenticators/JWT.php b/src/Authentication/Authenticators/JWT.php
index b41c8d721..7dc1dd1f6 100644
--- a/src/Authentication/Authenticators/JWT.php
+++ b/src/Authentication/Authenticators/JWT.php
@@ -207,14 +207,17 @@ public function loggedIn(): bool
         /** @var IncomingRequest $request */
         $request = service('request');
 
-        $token = $this->getTokenFromHeader($request);
+        $token = $this->getTokenFromRequest($request);
 
         return $this->attempt([
             'token' => $token,
         ])->isOK();
     }
 
-    public function getTokenFromHeader(RequestInterface $request): string
+    /**
+     * Gets token from Request.
+     */
+    public function getTokenFromRequest(RequestInterface $request): string
     {
         assert($request instanceof IncomingRequest);
 
diff --git a/src/Filters/JWTAuth.php b/src/Filters/JWTAuth.php
index d0f67aad8..a650702b8 100644
--- a/src/Filters/JWTAuth.php
+++ b/src/Filters/JWTAuth.php
@@ -44,7 +44,7 @@ public function before(RequestInterface $request, $arguments = null)
         /** @var JWT $authenticator */
         $authenticator = auth('jwt')->getAuthenticator();
 
-        $token = $authenticator->getTokenFromHeader($request);
+        $token = $authenticator->getTokenFromRequest($request);
 
         $result = $authenticator->attempt(['token' => $token]);
 
diff --git a/tests/Authentication/Authenticators/JWTAuthenticatorTest.php b/tests/Authentication/Authenticators/JWTAuthenticatorTest.php
index d4ee37f90..13e64eacd 100644
--- a/tests/Authentication/Authenticators/JWTAuthenticatorTest.php
+++ b/tests/Authentication/Authenticators/JWTAuthenticatorTest.php
@@ -282,4 +282,16 @@ private function generateJWT(?Time $clock = null): string
 
         return $generator->generateToken($this->user);
     }
+
+    public function testGetTokenFromRequest(): void
+    {
+        $request = Services::incomingrequest(null, false);
+
+        $jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c';
+        $request->setHeader('Authorization', 'Bearer ' . $jwt);
+
+        $token = $this->auth->getTokenFromRequest($request);
+
+        $this->assertSame($jwt, $token);
+    }
 }