This commit is contained in:
ivan-sim
2026-02-27 15:39:31 +07:00
parent 77c8d7200d
commit e889eaadbf
3 changed files with 113 additions and 79 deletions

View File

@@ -20,7 +20,7 @@ class AuthService
exec($cmd);
}
}
/**
* Issue JWT access token for the given client
*/
@@ -90,23 +90,30 @@ class AuthService
{
try {
$parts = explode('.', $token);
if (count($parts) !== 3) {
return false;
}
$payload = json_decode(base64_decode(strtr($parts[1], '-_', '+/')));
// $payload = json_decode(base64_decode(strtr($parts[1], '-_', '+/')));
$payloadRaw = $parts[1];
$payloadRaw = strtr($payloadRaw, '-_', '+/');
$padding = strlen($payloadRaw) % 4;
if ($padding) {
$payloadRaw .= str_repeat('=', 4 - $padding);
}
$payload = json_decode(base64_decode($payloadRaw));
$clientId = $payload->sub ?? null;
if (!$clientId) {
return false;
}
$clients = config('api_clients.clients');
$client = collect($clients)->where('api_key', $clientId)->first();
$client = collect($clients)->where('api_key', $clientId)->first();
if (!$client || !isset($client['api_secret'])) {
return false;
}
return \Firebase\JWT\JWT::decode($token, new \Firebase\JWT\Key($client['api_secret'], 'HS256'));
} catch (\Exception $e) {
return false;