WebSVN – LeadersLinked - Services – Diff – /module/LeadersLinked/src/Controller/AuthController.php

     public function csrfAction()
+    {
         $request = $this->getRequest();
+        if ($request->isGet()) {
+            $jwtToken = null;
+            $headers = getallheaders();
+            if(!empty($headers['authorization']) || !empty($headers['Authorization'])) {
+                $token = trim(empty($headers['authorization']) ? $headers['Authorization'] : $headers['authorization']);
+                if (substr($token, 0, 6 ) == 'Bearer') {
+                    $token = trim(substr($token, 7));
+                    if(!empty($this->config['leaderslinked.jwt.key'])) {
+                        $key = $this->config['leaderslinked.jwt.key'];
+                        try {
+                            $payload = JWT::decode($token, new Key($key, 'HS256'));
+                            if(empty($payload->iss) || $payload->iss != $_SERVER['HTTP_HOST']) {
+                                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong server',  'fatal'  => true]);
+                            }
+                            $uuid = empty($payload->uuid) ? '' : $payload->uuid;
+                            $jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);
+                            $jwtToken = $jwtTokenMapper->fetchOneByUuid($uuid);
+                            if(!$jwtToken) {
+                                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Expired',  'fatal'  => true]);
+                            }
+                        } catch(\Exception $e) {
+                            return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Wrong key',  'fatal'  => true]);
+                        }
+                    } else {
+                        return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - SecreteKey required',  'fatal'  => true]);
+                    }
+                } else {
+                    return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Bearer required',  'fatal'  => true]);
+                }
+            } else {
+                return new JsonModel(['success' => false, 'data' => 'Unauthorized - JWT - Required',  'fatal'  => true]);
-        if ($request->isGet()) {
+            }
+            $jwtToken->csrf = md5(uniqid('CSFR-' . mt_rand(), true));
-            $token = md5(uniqid('CSFR-' . mt_rand(), true));
+            $jwtTokenMapper = JwtTokenMapper::getInstance($this->adapter);
-            $_SESSION['token'] = $token;
+            $jwtTokenMapper->update($jwtToken);

Proyectos de Subversion LeadersLinked - Services

(root)/module/LeadersLinked/src/Controller/AuthController.php – Rev 67 → 95