* (c) 2021 PHP Open Source Saver * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace PHPOpenSourceSaver\JWTAuth\Http\Middleware; use Illuminate\Http\JsonResponse; use Illuminate\Http\Request; use Illuminate\Http\Response; use PHPOpenSourceSaver\JWTAuth\Exceptions\JWTException; use PHPOpenSourceSaver\JWTAuth\JWTAuth; use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; abstract class BaseMiddleware { /** * The JWT Authenticator. */ protected JWTAuth $auth; /** * Create a new BaseMiddleware instance. * * @return void */ public function __construct(JWTAuth $auth) { $this->auth = $auth; } /** * Check the request for the presence of a token. * * @return void * * @throws BadRequestHttpException */ public function checkForToken(Request $request) { if (!$this->auth->parser()->setRequest($request)->hasToken()) { throw new UnauthorizedHttpException('jwt-auth', 'Token not provided'); } } /** * Attempt to authenticate a user via the token in the request. * * @return void * * @throws UnauthorizedHttpException */ public function authenticate(Request $request) { $this->checkForToken($request); try { if (!$this->auth->parseToken()->authenticate()) { throw new UnauthorizedHttpException('jwt-auth', 'User not found'); } } catch (JWTException $e) { throw new UnauthorizedHttpException('jwt-auth', $e->getMessage(), $e, $e->getCode()); } } /** * Set the authentication header. * * @param Response|JsonResponse $response * @param string|null $token * * @return Response|JsonResponse */ protected function setAuthenticationHeader($response, $token = null) { $token = $token ?: $this->auth->refresh(); $response->headers->set('Authorization', 'Bearer '.$token); return $response; } }