Эхлэл Бүгдийг харах Тусламж
Бүртгүүлэх Нэвтрэх
MixTech
/
MixMail
5
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Салаа: master
Салаанууд Тагууд
MixMail
/
middlewares
/
ExternalAuthMiddleware.php

ExternalAuthMiddleware.php 2.1 KB
Байнгын холболт Түүх Анхны өгөгдөл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 
  1. <?php
    2. 

  2. 

  3. namespace Middlewares;
    4. 

  4. 

  5. use Libs\ResponseLib;
    6. 

  6. use Models\ApplicationModel;
    7. 

  7. use Psr\Http\Message\ServerRequestInterface;
    8. 

  8. use Middlewares\JwtAuthMiddleware;
    9. 

  9. use Middlewares\HmacAuthMiddleware;
    10. 

  10. use Middlewares\ExternalJwtAuthMiddleware;
    11. 

  11. 

  12. class ExternalAuthMiddleware
    13. 

  13. {
    14. 

  14.     private ApplicationModel $apps;
    15. 

  15.     private string $appIdHeader;
    16. 

  16. 

  17.     public function __construct()
    18. 

  18.     {
    19. 

  19.         $this->apps = new ApplicationModel();
    20. 

  20.         $this->appIdHeader = $_ENV['APP_ID_HEADER'] ?? 'x-app-id';
    21. 

  21.     }
    22. 

  22. 

  23.     public function __invoke(ServerRequestInterface $request, callable $next)
    24. 

  24.     {
    25. 

  25.         // 1) Discover application by ID header (or default)
    26. 

  26.         $idHeaderVal = $request->getHeaderLine($this->appIdHeader);
    27. 

  27.         $id = $idHeaderVal !== '' ? (int)$idHeaderVal : (int)($_ENV['DEFAULT_APPLICATION_ID'] ?? 0);
    28. 

  28.         if ($id <= 0) {
    29. 

  29.             return ResponseLib::sendFail('Unauthorized: Missing application id', [], 'E_VALIDATE')->withStatus(401);
    30. 

  30.         }
    31. 

  31. 

  32.         $app = $this->apps->getById($id);
    33. 

  33.         if (!$app) {
    34. 

  34.             return ResponseLib::sendFail('Unauthorized: Application not found', [], 'E_VALIDATE')->withStatus(401);
    35. 

  35.         }
    36. 

  36.         // must be active
    37. 

  37.         if (($app['aplication_flag'] ?? '') !== 'a') {
    38. 

  38.             return ResponseLib::sendFail('Unauthorized: Inactive application', [], 'E_VALIDATE')->withStatus(401);
    39. 

  39.         }
    40. 

  40. 

  41.         $method = strtolower($app['aplication_auth_method'] ?? 'external_jwt');
    42. 

  42.         
    43. 

  43.         // 2) Route based on method
    44. 

  44.         if ($method === 'jwt') {
    45. 

  45.             $jwt = new JwtAuthMiddleware();
    46. 

  46.             return $jwt($request, $next);
    47. 

  47.         }
    48. 

  48.         if ($method === 'hmac') {
    49. 

  49.             $hmac = new HmacAuthMiddleware();
    50. 

  50.             return $hmac($request, $next);
    51. 

  51.         }
    52. 

  52. 

  53.         // Default: external_jwt
    54. 

  54.         if (empty($app['aplication_url'])) {
    55. 

  55.             return ResponseLib::sendFail('Unauthorized: Application URL not configured for external auth', [], 'E_VALIDATE')->withStatus(401);
    56. 

  56.         }
    57. 

  57.         $external = new ExternalJwtAuthMiddleware($app['aplication_url']);
    58. 

  58.         return $external($request, $next);
    59. 

  59.     }
    60. 

  60. }
    61.