Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
liujq
/
ysh
1
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu khéo về 0 Wiki
Branch: master
Branches Tags
ysh
/
server
/
mall
/
library
/
tools
/
jwt
/
Token.php

Token.php 4.7 KB
Permalink Lịch sử Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 
  1. <?php
    2. 

  2. // +----------------------------------------------------------------------
    3. 

  3. // | A3Mall
    4. 

  4. // +----------------------------------------------------------------------
    5. 

  5. // | Copyright (c) 2020 http://www.a3-mall.com All rights reserved.
    6. 

  6. // +----------------------------------------------------------------------
    7. 

  7. // | Author: xzncit <158373108@qq.com>
    8. 

  8. // +----------------------------------------------------------------------
    9. 

  9. 

  10. namespace mall\library\tools\jwt;
    11. 

  11. 

  12. use DateTimeImmutable;
    13. 

  13. use DateTimeZone;
    14. 

  14. use Lcobucci\Clock\SystemClock;
    15. 

  15. use Lcobucci\JWT\Token\Plain;
    16. 

  16. use Lcobucci\JWT\Validation\Constraint\IdentifiedBy;
    17. 

  17. use Lcobucci\JWT\Validation\Constraint\IssuedBy;
    18. 

  18. use Lcobucci\JWT\Validation\Constraint\PermittedFor;
    19. 

  19. use Lcobucci\JWT\Validation\Constraint\ValidAt;
    20. 

  20. use Lcobucci\JWT\Validation\RequiredConstraintsViolated;
    21. 

  21. use Lcobucci\JWT\Validation\Constraint\SignedWith;
    22. 

  22. use think\facade\Request;
    23. 

  23. 

  24. class Token {
    25. 

  25. 

  26.     /**
    27. 

  27.      * 生成token
    28. 

  28.      * @param string $name
    29. 

  29.      * @param string $value
    30. 

  30.      * @param array $options
    31. 

  31.      * @return string
    32. 

  32.      */
    33. 

  33.     public static function get($name,$value,$options=[]){
    34. 

  34.         $config = Config::get();
    35. 

  35.         $now   = new DateTimeImmutable();
    36. 

  36.         $time = time();
    37. 

  37.         $builder = $config->builder()
    38. 

  38.             ->issuedBy(env("website.app_web_url"))
    39. 

  39.             ->permittedFor(env("website.app_web_url"))
    40. 

  40.             ->identifiedBy(env('jwt.sign'))
    41. 

  41.             ->issuedAt($now)
    42. 

  42.             ->canOnlyBeUsedAfter($now->modify('-1 second'))
    43. 

  43.             ->expiresAt($now->modify('+15 day'))
    44. 

  44.             ->withClaim($name, str_replace("=", "", base64_encode(implode("|",[$value,$time,md5(env('jwt.sign') . $value . $time)]))));
    45. 

  45. 

  46.         if(!empty($options)){
    47. 

  47.             $builder->withHeader($options["name"], $options["value"]);
    48. 

  48.         }
    49. 

  49. 

  50.         return (string)$builder->getToken($config->signer(), $config->signingKey());
    51. 

  51.     }
    52. 

  52. 

  53.     public static function check($token=""){
    54. 

  54.         $token = empty($token) ? Request::header("Auth-Token") : $token;
    55. 

  55.         $value = trim(ltrim($token, 'Bearer'));
    56. 

  56.         if(empty($value)){
    57. 

  57.             throw new \Exception("您还未登录,请登录",401);
    58. 

  58.         }
    59. 

  59. 

  60.         if(self::verify($value)){
    61. 

  61.             return $value;
    62. 

  62.         }
    63. 

  63.     }
    64. 

  64. 

  65.     /**
    66. 

  66.      * 检测
    67. 

  67.      * @param string $data
    68. 

  68.      * @return bool
    69. 

  69.      */
    70. 

  70.     public static function verify($data){
    71. 

  71.         $config = Config::get();
    72. 

  72.         $token = $config->parser()->parse($data);
    73. 

  73. 

  74.         if(!($token instanceof Plain)){
    75. 

  75.             throw new \Exception("验证token未通过",401);
    76. 

  76.         }
    77. 

  77. 

  78.         // 验证是否过期
    79. 

  79.         $claims = $token->claims();
    80. 

  80.         $jti = (string)$claims->get('jti');
    81. 

  81.         $iss = (string)$claims->get('iss');
    82. 

  82.         //$aud = $claims->get('aud');
    83. 

  83. 

  84.          $nbf = $claims->get('nbf');
    85. 

  85.          $exp = $claims->get('exp');
    86. 

  86.          $now = new \DateTimeImmutable();
    87. 

  87. 

  88.          // 未分配
    89. 

  89.          if($nbf > $now) {
    90. 

  90.              throw new \Exception("token还未生效",4001);
    91. 

  91.          }
    92. 

  92. 

  93.          // 已过期
    94. 

  94.          if($exp < $now) {
    95. 

  95.              throw new \Exception("token已过期",401);
    96. 

  96.          }
    97. 

  97. 

  98.         $timezone = new DateTimeZone('Asia/Shanghai');
    99. 

  99.         $now = new SystemClock($timezone);
    100. 

  100.         $validateAt = new ValidAt($now);
    101. 

  101. 

  102.         //验证jwt id是否匹配
    103. 

  103.         $validationIdentifiedBy = new IdentifiedBy($jti);
    104. 

  104. 

  105.         // 验证签发人url是否正确
    106. 

  106.         $validationIssuedBy = new IssuedBy($iss);
    107. 

  107. 

  108.         $validationSignedWith = new SignedWith($config->signer(),$config->signingKey());
    109. 

  109.         $config->setValidationConstraints(
    110. 

  110.             $validateAt,$validationIdentifiedBy,$validationIssuedBy,$validationSignedWith
    111. 

  111.         );
    112. 

  112.         $constraints = $config->validationConstraints();
    113. 

  113. 

  114.         try {
    115. 

  115.             $config->validator()->assert($token, ...$constraints);
    116. 

  116.             return true;
    117. 

  117.         } catch (RequiredConstraintsViolated $e) {
    118. 

  118.             throw new \Exception($e->getMessage(),401);
    119. 

  119.         }
    120. 

  120.     }
    121. 

  121. 

  122.     /**
    123. 

  123.      * 解析
    124. 

  124.      * @param string $data
    125. 

  125.      * @param string $field
    126. 

  126.      * @return false|\Lcobucci\JWT\Token\DataSet
    127. 

  127.      */
    128. 

  128.     public static function parse($data,$field=""){
    129. 

  129.         $config = Config::get();
    130. 

  130.         $token = $config->parser()->parse($data);
    131. 

  131.         if(!($token instanceof Plain)){
    132. 

  132.             return false;
    133. 

  133.         }
    134. 

  134. 

  135.         if(empty($field)){
    136. 

  136.             return $token->claims();
    137. 

  137.         }
    138. 

  138. 

  139.         $value = $token->claims()->get($field);
    140. 

  140.         return self::parseData($value);
    141. 

  141.     }
    142. 

  142. 

  143.     public static function parseData($value){
    144. 

  144. 

  145.         $string = base64_decode($value);
    146. 

  146.         $arr = explode('|', $string);
    147. 

  147.         if (count($arr) != 3) {
    148. 

  148.             return 1;
    149. 

  149.         }
    150. 

  150. 

  151.         list($value,$time,$md5) = $arr;
    152. 

  152.         if(md5(env('jwt.sign').$value.$time) == $md5){
    153. 

  153.             return ["value"=>$value,"time"=>$time];
    154. 

  154.         }
    155. 

  155. 

  156.         return 2;
    157. 

  157.     }
    158. 

  158. }
    159.