user; try { $token = $component->parseToken($rawToken); } catch (ExpiredException | InvalidSubjectException $e) { // InvalidSubjectException is temporary solution and should be removed in the next release throw new UnauthorizedHttpException('Token expired'); } catch (Exception $e) { Yii::error($e); throw new UnauthorizedHttpException('Incorrect token'); } return new self($rawToken, $token); } public function getAccount(): ?Account { /** @var Subject $subject */ $subject = $this->token->getPayload()->findClaimByName(Subject::NAME); if ($subject === null) { return null; } $value = $subject->getValue(); if (!StringHelper::startsWith($value, Component::JWT_SUBJECT_PREFIX)) { Yii::warning('Unknown jwt subject: ' . $value); return null; } $accountId = (int)mb_substr($value, mb_strlen(Component::JWT_SUBJECT_PREFIX)); $account = Account::findOne($accountId); if ($account === null) { return null; } return $account; } public function getAssignedPermissions(): array { /** @var Subject $scopesClaim */ $scopesClaim = $this->token->getPayload()->findClaimByName(ScopesClaim::NAME); if ($scopesClaim === null) { return []; } return explode(',', $scopesClaim->getValue()); } public function getId(): string { return $this->rawToken; } public function getAuthKey() { throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth'); } public function validateAuthKey($authKey) { throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth'); } public static function findIdentity($id) { throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth'); } private function __construct(string $rawToken, Token $token) { $this->rawToken = $rawToken; $this->token = $token; } }