ElyBy-Mirror/accounts
1
0
Fork 0
mirror of https://github.com/elyby/accounts.git synced 2025-05-31 14:11:46 +05:30
Code Issues Packages Projects Releases Wiki Activity

Make tokens, created by client credentials grant to live forever

Browse Source
This commit is contained in:
ErickSkrauch
2019-12-06 18:31:04 +03:00
parent 6fb32ec76d
commit f0a73f2b7a
8 changed files with 113 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
api/components/Tokens/Component.php
View File

@@ -55,9 +55,11 @@ class Component extends BaseComponent {
public function create(array $payloads = [], array $headers = []): Token {
$now = Carbon::now();
$builder = (new Builder())
->issuedAt($now->getTimestamp())
->expiresAt($now->addHour()->getTimestamp());
$builder = (new Builder())->issuedAt($now->getTimestamp());
if (isset($payloads['exp'])) {
$builder->expiresAt($payloads['exp']);
}
foreach ($payloads as $claim => $value) {
$builder->withClaim($claim, $this->prepareValue($value));
}

30
api/components/Tokens/TokensFactory.php
View File

@@ -8,6 +8,7 @@ use api\rbac\Roles as R;
use Carbon\Carbon;
use common\models\Account;
use common\models\AccountSession;
use DateTime;
use Lcobucci\JWT\Token;
use League\OAuth2\Server\Entities\AccessTokenEntityInterface;
use League\OAuth2\Server\Entities\ScopeEntityInterface;
@@ -21,8 +22,9 @@ class TokensFactory extends Component {
public function createForWebAccount(Account $account, AccountSession $session = null): Token {
$payloads = [
'ely-scopes' => R::ACCOUNTS_WEB_USER,
'ely-scopes' => $this->prepareScopes([R::ACCOUNTS_WEB_USER]),
'sub' => $this->buildSub($account->id),
'exp' => Carbon::now()->addHour()->getTimestamp(),
];
if ($session === null) {
// If we don't remember a session, the token should live longer
@@ -38,11 +40,12 @@ class TokensFactory extends Component {
public function createForOAuthClient(AccessTokenEntityInterface $accessToken): Token {
$payloads = [
'aud' => $this->buildAud($accessToken->getClient()->getIdentifier()),
'ely-scopes' => $this->joinScopes(array_map(static function(ScopeEntityInterface $scope): string {
return $scope->getIdentifier();
}, $accessToken->getScopes())),
'exp' => $accessToken->getExpiryDateTime()->getTimestamp(),
'ely-scopes' => $this->prepareScopes($accessToken->getScopes()),
];
if ($accessToken->getExpiryDateTime() > new DateTime()) {
$payloads['exp'] = $accessToken->getExpiryDateTime()->getTimestamp();
}
if ($accessToken->getUserIdentifier() !== null) {
$payloads['sub'] = $this->buildSub($accessToken->getUserIdentifier());
}
@@ -52,15 +55,26 @@ class TokensFactory extends Component {
public function createForMinecraftAccount(Account $account, string $clientToken): Token {
return Yii::$app->tokens->create([
'ely-scopes' => $this->joinScopes([P::MINECRAFT_SERVER_SESSION]),
'ely-scopes' => $this->prepareScopes([P::MINECRAFT_SERVER_SESSION]),
'ely-client-token' => new EncryptedValue($clientToken),
'sub' => $this->buildSub($account->id),
'exp' => Carbon::now()->addDays(2)->getTimestamp(),
]);
}
private function joinScopes(array $scopes): string {
return implode(',', $scopes);
/**
* @param ScopeEntityInterface[]|string[] $scopes
*
* @return string
*/
private function prepareScopes(array $scopes): string {
return implode(',', array_map(function($scope): string {
if ($scope instanceof ScopeEntityInterface) {
return $scope->getIdentifier();
}
return $scope;
}, $scopes));
}
private function buildSub(int $accountId): string {