Se extra getKey y configuraciones the paths
This commit is contained in:
Juan Pablo Vial
@ -5,19 +5,24 @@ use Psr\Http\Message\ResponseFactoryInterface;
|
|||||||
use Psr\Http\Message\ResponseInterface;
|
use Psr\Http\Message\ResponseInterface;
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Psr\Http\Server\RequestHandlerInterface;
|
use Psr\Http\Server\RequestHandlerInterface;
|
||||||
|
use Psr\Log\LoggerInterface;
|
||||||
use Incoviba\Exception\MissingAuthorizationHeader;
|
use Incoviba\Exception\MissingAuthorizationHeader;
|
||||||
use Incoviba\Service;
|
use Incoviba\Service;
|
||||||
|
|
||||||
class API
|
class API
|
||||||
{
|
{
|
||||||
public function __construct(protected ResponseFactoryInterface $responseFactory,
|
public function __construct(protected ResponseFactoryInterface $responseFactory,
|
||||||
|
protected LoggerInterface $logger,
|
||||||
|
protected Service\API $apiService,
|
||||||
protected Service\Login $loginService,
|
protected Service\Login $loginService,
|
||||||
|
protected array $permittedPaths,
|
||||||
|
protected array $simplePaths,
|
||||||
protected string $key) {}
|
protected string $key) {}
|
||||||
|
|
||||||
public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
$key = $this->getKey($request);
|
$key = $this->apiService->getKey($request);
|
||||||
} catch (MissingAuthorizationHeader $exception) {
|
} catch (MissingAuthorizationHeader $exception) {
|
||||||
return $this->responseFactory->createResponse(401);
|
return $this->responseFactory->createResponse(401);
|
||||||
}
|
}
|
||||||
@ -29,16 +34,6 @@ class API
|
|||||||
}
|
}
|
||||||
return $this->responseFactory->createResponse(403);
|
return $this->responseFactory->createResponse(403);
|
||||||
}
|
}
|
||||||
protected function getKey(ServerRequestInterface $request): string
|
|
||||||
{
|
|
||||||
$auth_headers = $request->getHeader('Authorization');
|
|
||||||
foreach ($auth_headers as $header) {
|
|
||||||
if (str_contains($header, 'Bearer')) {
|
|
||||||
return substr($header, strlen('Bearer '));
|
|
||||||
}
|
|
||||||
}
|
|
||||||
throw new MissingAuthorizationHeader();
|
|
||||||
}
|
|
||||||
protected function validate(ServerRequestInterface $request, $incoming_key): bool
|
protected function validate(ServerRequestInterface $request, $incoming_key): bool
|
||||||
{
|
{
|
||||||
$selector = null;
|
$selector = null;
|
||||||
@ -61,19 +56,11 @@ class API
|
|||||||
protected function noComplexKeyNeeded(ServerRequestInterface $request): bool
|
protected function noComplexKeyNeeded(ServerRequestInterface $request): bool
|
||||||
{
|
{
|
||||||
$uri = $request->getUri();
|
$uri = $request->getUri();
|
||||||
$validPaths = [
|
return in_array($uri->getPath(), $this->simplePaths);
|
||||||
'/api/login',
|
|
||||||
'/api/login/',
|
|
||||||
];
|
|
||||||
return in_array($uri->getPath(), $validPaths);
|
|
||||||
}
|
}
|
||||||
protected function validPermitted(ServerRequestInterface $request): bool
|
protected function validPermitted(ServerRequestInterface $request): bool
|
||||||
{
|
{
|
||||||
$uri = $request->getUri();
|
$uri = $request->getUri();
|
||||||
$validPaths = [
|
return in_array($uri->getPath(), $this->permittedPaths);
|
||||||
'/api',
|
|
||||||
'/api/',
|
|
||||||
];
|
|
||||||
return in_array($uri->getPath(), $validPaths);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user