ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2024-11-26 16:52:02 +05:30
Code Issues Packages Projects Releases Wiki Activity

Introduce an API endpoint to obtain public keys, that can be used to verify access tokens on other services

Browse Source
This commit is contained in:
ErickSkrauch 2024-06-14 04:36:49 +02:00
parent 17109f8eb5
commit 2111e1769f
No known key found for this signature in database
GPG Key ID: 669339FCBB30EE0E
3 changed files with 62 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/components/Tokens/Component.php
View File

@ -108,6 +108,10 @@ class Component extends BaseComponent {
return $rawValue;
}
public function getPublicKey(): string {
return $this->getAlgorithmManager()->get(self::PREFERRED_ALGORITHM)->getPublicKey()->getContent();
}
private function getAlgorithmManager(): AlgorithmsManager {
if ($this->algorithmManager === null) {
$this->algorithmManager = new AlgorithmsManager([

35
api/controllers/PublicKeysController.php Normal file
View File

@ -0,0 +1,35 @@
<?php
declare(strict_types=1);
namespace api\controllers;
use api\filters\NginxCache;
use Yii;
use yii\helpers\ArrayHelper;
use yii\web\Controller as BaseController;
final class PublicKeysController extends BaseController {
public function behaviors(): array {
return ArrayHelper::merge(parent::behaviors(), [
'nginxCache' => [
'class' => NginxCache::class,
'rules' => [
'index' => 3600, // 1h
],
],
]);
}
public function actionIndex(): array {
return [
'keys' => [
[
'alg' => 'ES256', // Hardcoded for awhile since right now there is no way to find used algo
'pem' => Yii::$app->tokens->getPublicKey(),
],
],
];
}
}

23
api/tests/functional/PublicKeysCest.php Normal file
View File

@ -0,0 +1,23 @@
<?php
declare(strict_types=1);
namespace api\tests\functional;
use api\tests\FunctionalTester;
final class PublicKeysCest {
public function getPublicKeys(FunctionalTester $I): void {
$I->sendGet('/api/public-keys');
$I->canSeeResponseCodeIs(200);
$I->canSeeResponseContainsJson([
'keys' => [
[
'alg' => 'ES256',
'pem' => "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAES2Pyq9r0CyyviLaWwq0ki5uy8hr/\nZbNO++3j4XP43uLD9/GYkrKGIRl+Hu5HT+LwZvrFcEaVhPk5CvtV4zlYJg==\n-----END PUBLIC KEY-----\n",
],
],
]);
}
}