Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace Lojas\Model;
- use Ramsey\Uuid\Uuid;
- use Lcobucci\JWT\Builder;
- use Lcobucci\JWT\Signer\Hmac\Sha256;
- use Lcobucci\JWT\Parser;
- class Aplicativo extends Model
- {
- protected $table = 'lojas_apps';
- public function init()
- {
- $this->text('nome', 'Nome do Aplicativo')->mandatory()->maxLength(255);
- $this->text('app_key', 'App Key');
- $this->text('app_secret', 'App Secret');
- $this->timestamp('data_hora');
- }
- protected function beforeSave($operation)
- {
- if ($operation!=self::OP_INSERT) {
- return;
- }
- $uuid4 = Uuid::uuid4();
- $appKey = uniqid($this->loja_id, TRUE);
- $this->app_key = $appKey;
- $this->app_secret = sha1($uuid4->toString());
- }
- protected static function createToken($appSecret, $expiresIn=null)
- {
- if (empty($expiresIn)) {
- $expiresIn = strtotime("+30 minutes", time());
- }
- $uuid4 = Uuid::uuid4();
- $signer = new Sha256();
- $token = (new Builder())
- ->setIssuer('http://paytour.com.br')
- ->setId($uuid4->toString(), true)
- ->setExpiration($expiresIn)
- ->sign($signer, $appSecret)
- ->getToken();
- return strval($token);
- }
- public static function findByLoja($lojaId, $appKey, $appSecret)
- {
- $connection = self::getConnection();
- $query = $connection->createQueryBuilder();
- $query->select('la.*');
- $query->from('lojas_apps', 'la');
- $query->where('la.loja_id=:loja_id AND la.app_key=:app_key AND la.app_secret=:app_secret');
- $query->setParameter('loja_id', $lojaId);
- $query->setParameter('app_key', $appKey);
- $query->setParameter('app_secret', $appSecret);
- return $query->execute()->fetch();
- }
- public static function createAccessToken($lojaId, $appKey, $appSecret, &$expiresIn=null)
- {
- $app = static::findByLoja($lojaId, $appKey, $appSecret);
- if (empty($app)) {
- return false;
- }
- $date = new \DateTime;
- $date->modify('+30 minutes');
- $expiresIn = $date->getTimestamp();
- $accessToken = static::createToken($appSecret, $expiresIn);
- $connection = self::getConnection();
- $query = $connection->createQueryBuilder();
- $query
- ->insert('lojas_apps_access_tokens')
- ->values([
- 'loja_app_id' => $app['id'],
- 'access_token' => $query->createNamedParameter($accessToken),
- 'data_expiracao' => $query->createNamedParameter(date('Y-m-d H:i:s', $expiresIn))
- ]);
- if (!$query->execute()) {
- return false;
- }
- return $accessToken;
- }
- public static function createRefreshToken($lojaId, $appKey, $appSecret, &$expiresIn=null)
- {
- $app = static::findByLoja($lojaId, $appKey, $appSecret);
- if (empty($app)) {
- return false;
- }
- $date = new \DateTime;
- $date->modify('+15 days');
- $expiresIn = $date->getTimestamp();
- $refreshToken = static::createToken($appSecret, $expiresIn);
- $connection = self::getConnection();
- $query = $connection->createQueryBuilder();
- $query
- ->insert('lojas_apps_refresh_tokens')
- ->values([
- 'loja_app_id' => $app['id'],
- 'refresh_token' => $query->createNamedParameter($refreshToken),
- 'data_expiracao' => $query->createNamedParameter(date('Y-m-d H:i:s', $expiresIn))
- ]);
- if (!$query->execute()) {
- return false;
- }
- return $refreshToken;
- }
- public static function isValidAccessToken($accessToken, $lojaId, $appSecret)
- {
- $connection = self::getConnection();
- $query = $connection->createQueryBuilder();
- $query->select('laat.*');
- $query->from('lojas_apps_access_tokens', 'laat');
- $query->where('laat.access_token=:access_token AND laat.data_expiracao >= CURRENT_TIMESTAMP()');
- $query->join('laat', 'lojas_apps', 'la', 'la.id=laat.loja_app_id AND la.loja_id=:loja_id');
- $query->setParameter('access_token', $accessToken);
- $query->setParameter('loja_id', $lojaId);
- $token = $query->execute()->fetch();
- if (empty($token)) {
- return false;
- }
- try {
- $signer = new Sha256();
- $jwt = (new Parser())->parse($token['access_token']);
- return $jwt->verify($signer, $appSecret);
- } catch (\Exception $ex) {
- return false;
- }
- }
- public static function isValidRefreshToken($refreshToken, $lojaId, $appSecret)
- {
- $connection = self::getConnection();
- $query = $connection->createQueryBuilder();
- $query->select('lart.*');
- $query->from('lojas_apps_refresh_tokens', 'lart');
- $query->where('lart.refresh_token=:refresh_token AND lart.data_expiracao >= CURRENT_TIMESTAMP()');
- $query->join('lart', 'lojas_apps', 'la', 'la.id=lart.loja_app_id AND la.loja_id=:loja_id');
- $query->setParameter('refresh_token', $refreshToken);
- $query->setParameter('loja_id', $lojaId);
- $token = $query->execute()->fetch();
- if (empty($token)) {
- return false;
- }
- try {
- $signer = new Sha256();
- $jwt = (new Parser())->parse($token['refresh_token']);
- return $jwt->verify($signer, $appSecret);
- } catch (\Exception $ex) {
- return false;
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement