2022-12-20
This commit is contained in:
@ -1,36 +1,74 @@
|
||||
<?php
|
||||
namespace Common\Service;
|
||||
|
||||
use Psr\Container\NotFoundExceptionInterface;
|
||||
use Psr\Http\Message\ServerRequestInterface as Request;
|
||||
use DI\NotFoundException;
|
||||
|
||||
class Auth {
|
||||
protected string $key;
|
||||
public function __construct(string $api_key) {
|
||||
public function __construct(string $api_key)
|
||||
{
|
||||
$this->key = $api_key;
|
||||
}
|
||||
public function isValid(Request $request): bool {
|
||||
if ($request->hasHeader('Authorization')) {
|
||||
$sent_key = $this->getAuthKey($request->getHeader('Authorization'));
|
||||
return $this->key == $sent_key;
|
||||
public function isValid(Request $request): bool
|
||||
{
|
||||
return $this->key == $this->getKey($request);
|
||||
}
|
||||
public function getKey(Request $request): string
|
||||
{
|
||||
$errors = [];
|
||||
try {
|
||||
return $this->getHeaderKey($request);
|
||||
} catch (NotFoundExceptionInterface $e) {
|
||||
$errors []= $e;
|
||||
}
|
||||
try {
|
||||
return $this->getBodyKey($request);
|
||||
} catch (NotFoundExceptionInterface $e) {
|
||||
$errors []= $e;
|
||||
}
|
||||
try {
|
||||
return $this->getQueryKey($request);
|
||||
} catch (NotFoundExceptionInterface $e) {
|
||||
$errors []= $e;
|
||||
}
|
||||
throw new NotFoundException('API Key not found.');
|
||||
}
|
||||
protected function getHeaderKey(Request $request): string
|
||||
{
|
||||
if ($request->hasHeader('Authorization')) {
|
||||
return $this->getAuthKey($request->getHeader('Authorization'));
|
||||
}
|
||||
throw new NotFoundException('API Key not found on header');
|
||||
}
|
||||
protected function getBodyKey(Request $request): string
|
||||
{
|
||||
if (isset($request->getParsedBody()['api_key'])) {
|
||||
$sent_key = $request->getParsedBody()['api_key'];
|
||||
return $this->key == $sent_key;
|
||||
return $request->getParsedBody()['api_key'];
|
||||
}
|
||||
$post = $request->getParsedBody() ?? json_decode($request->getBody());
|
||||
$sent_key = $this->getArrayKey($post);
|
||||
if ($sent_key !== null) {
|
||||
return $this->key == $sent_key;
|
||||
try {
|
||||
return $this->getArrayKey($post);
|
||||
} catch (\Exception $e) {
|
||||
throw new NotFoundException('API Key not found in body.');
|
||||
}
|
||||
$sent_key = $this->getArrayKey($request->getQueryParams());
|
||||
return $this->key == $sent_key;
|
||||
}
|
||||
protected function getAuthKey($auth) {
|
||||
protected function getQueryKey(Request $request): string
|
||||
{
|
||||
try {
|
||||
return $this->getArrayKey($request->getQueryParams());
|
||||
} catch (\Exception $e) {
|
||||
throw new NotFoundException('API Key not found in query.');
|
||||
}
|
||||
}
|
||||
protected function getAuthKey($auth)
|
||||
{
|
||||
if (is_array($auth)) {
|
||||
$auth = $auth[0];
|
||||
}
|
||||
if (str_contains($auth, 'Bearer')) {
|
||||
$auth = explode(' ', $auth)[1];
|
||||
$auth = trim(str_replace('Bearer', '', $auth), ' ,');
|
||||
}
|
||||
return $auth;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user