mirror of
https://gitee.com/ctexthuang/hyperf_rbac_framework_server_ctexthuang.git
synced 2025-12-25 11:22:10 +08:00
81 lines
2.4 KiB
PHP
81 lines
2.4 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace App\Middleware\Admin;
|
|
|
|
use App\Common\Interface\JwtInterface;
|
|
use App\Constants\ResultCode;
|
|
use App\Exception\ErrException;
|
|
use App\Middleware\Token\AbstractTokenMiddleware;
|
|
use Lcobucci\JWT\Token\RegisteredClaims;
|
|
use Lcobucci\JWT\UnencryptedToken;
|
|
use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
|
|
use Psr\Http\Message\ResponseInterface;
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
use Psr\Http\Server\RequestHandlerInterface;
|
|
use Swow\Psr7\Message\ServerRequestPlusInterface;
|
|
use function Hyperf\Support\env;
|
|
use function Hyperf\Support\value;
|
|
|
|
class RefreshAdminTokenMiddleware extends AbstractTokenMiddleware
|
|
{
|
|
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
|
{
|
|
$this->checkToken->checkJwt($this->parserToken($request));
|
|
$this->checkIssuer($this->parserToken($request));
|
|
return $handler->handle(
|
|
value(
|
|
static function (ServerRequestPlusInterface $request, UnencryptedToken $token) {
|
|
return $request->setAttribute('token', $token);
|
|
},
|
|
$request,
|
|
$this->getJwt()->parserRefreshToken(
|
|
$this->getToken($request)
|
|
)
|
|
)
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @return JwtInterface
|
|
*/
|
|
public function getJwt(): JwtInterface
|
|
{
|
|
return $this->jwtFactory->get('admin');
|
|
}
|
|
|
|
/**
|
|
* @param ServerRequestInterface $request
|
|
* @return UnencryptedToken
|
|
*/
|
|
protected function parserToken(ServerRequestInterface $request): UnencryptedToken
|
|
{
|
|
try {
|
|
return $this->getJwt()->parserRefreshToken($this->getToken($request));
|
|
} catch (RequiredConstraintsViolated $e) {
|
|
throw new ErrException('token过期',ResultCode::JWT_EXPIRED,['err_msg' => $e->getMessage()]);
|
|
}
|
|
}
|
|
|
|
/**
|
|
* @param UnencryptedToken $token
|
|
* @return void
|
|
*/
|
|
public function checkIssuer(UnencryptedToken $token): void
|
|
{
|
|
$audience = $token->claims()->get(RegisteredClaims::ISSUER);
|
|
|
|
if ($audience !== env('APP_NAME') .'_admin') throw new ErrException('token错误',ResultCode::JWT_ERROR);
|
|
}
|
|
|
|
/**
|
|
* @param UnencryptedToken $token
|
|
* @return void
|
|
*/
|
|
public function setContext(UnencryptedToken $token): void
|
|
{
|
|
return;
|
|
}
|
|
}
|