-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathAuthWizard.php
134 lines (125 loc) · 4.21 KB
/
AuthWizard.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
declare(strict_types=1);
namespace Dakujem\Middleware\Factory;
use Dakujem\Middleware\FirebaseJwtDecoder;
use Dakujem\Middleware\GenericMiddleware;
use Dakujem\Middleware\Secret;
use Dakujem\Middleware\SecretContract;
use Dakujem\Middleware\TokenManipulators as Man;
use Dakujem\Middleware\TokenMiddleware;
use Firebase\JWT\JWT;
use LogicException;
use Psr\Http\Message\ResponseFactoryInterface as ResponseFactory;
use Psr\Http\Server\MiddlewareInterface;
use Psr\Log\LoggerInterface as Logger;
/**
* AuthWizard - friction reducer / convenience helper.
*
* @author Andrej Rypak <[email protected]>
*/
final class AuthWizard
{
public static string $defaultAlgo = 'HS256';
/**
* @see AuthFactory::decodeTokens()
*
* @param string|SecretContract[]|SecretContract $secret API secret key
* @param string|null $tokenAttribute
* @param string|null $headerName
* @param string|null $cookieName
* @param string|null $errorAttribute
* @param Logger|null $logger
* @return TokenMiddleware
*/
public static function decodeTokens(
string|array|SecretContract $secret,
?string $tokenAttribute = null,
?string $headerName = Man::HEADER_NAME,
?string $cookieName = Man::COOKIE_NAME,
?string $errorAttribute = null,
?Logger $logger = null,
): MiddlewareInterface {
return self::factory($secret, null)->decodeTokens(
$tokenAttribute,
$headerName,
$cookieName,
$errorAttribute,
$logger
);
}
/**
* @see AuthFactory::assertTokens()
*
* @param ResponseFactory $responseFactory
* @param string|null $tokenAttribute
* @param string|null $errorAttribute
* @return GenericMiddleware
*/
public static function assertTokens(
ResponseFactory $responseFactory,
?string $tokenAttribute = null,
?string $errorAttribute = null,
): MiddlewareInterface {
return self::factory(null, $responseFactory)->assertTokens($tokenAttribute, $errorAttribute);
}
/**
* @see AuthFactory::inspectTokens()
*
* @param ResponseFactory $responseFactory
* @param callable $inspector fn(Token,callable,callable):Response
* @param string|null $tokenAttribute
* @param string|null $errorAttribute
* @return GenericMiddleware
*/
public static function inspectTokens(
ResponseFactory $responseFactory,
callable $inspector,
?string $tokenAttribute = null,
?string $errorAttribute = null,
): MiddlewareInterface {
return self::factory(null, $responseFactory)->inspectTokens($inspector, $tokenAttribute, $errorAttribute);
}
/**
* Create an instance of AuthFactory.
*
* @param string|SecretContract[]|SecretContract|null $secret
* @param ResponseFactory|null $responseFactory
* @return AuthFactory
*/
public static function factory(
string|array|SecretContract|null $secret,
?ResponseFactory $responseFactory,
): AuthFactory {
$decoder = $secret !== null ? self::defaultDecoder($secret) : null;
return new AuthFactory(
$decoder !== null ? fn() => $decoder : null,
$responseFactory
);
}
/**
* Creates a default decoder factory.
* The factory can be used for the constructor.
*
* @param string|SecretContract[]|SecretContract $secret secret key for JWT decoder
* @param string|null $algo optional algorithm; only used when $secret is a string
* @return callable fn():FirebaseJwtDecoder
* @throws
*/
public static function defaultDecoder(
string|array|SecretContract $secret,
?string $algo = null,
): callable {
if (!class_exists(JWT::class)) {
throw new LogicException(
'Firebase JWT is not installed. ' .
'Requires firebase/php-jwt package (`composer require firebase/php-jwt:"^6.0|^5.5"`).'
);
}
if (is_string($secret)) {
$secret = new Secret($secret, $algo ?? self::$defaultAlgo);
}
return new FirebaseJwtDecoder(
...(is_iterable($secret) ? $secret : [$secret])
);
}
}