systemsdk / docker-symfony-api / #74

Build # #74

Build Type

push

Committed by DKravtsov

Commit Message

Php 8.2, symfony 6.2, updated RabbitMQ, updated composer dependencies, refactoring.

Run Details

51 of 51 new or added lines in 44 files covered. (100.0%)

1479 of 2668 relevant lines covered (55.43%)

23.59 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

59.09

/src/User/Transport/EventSubscriber/JWTDecodedSubscriber.php

<?php

declare(strict_types=1);

namespace App\User\Transport\EventSubscriber;

use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
use Lexik\Bundle\JWTAuthenticationBundle\Events;
use Psr\Log\LoggerInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;

use function array_key_exists;
use function hash;
use function implode;

/**
 * Class JWTDecodedSubscriber
 *
 * @package App\User
 */
class JWTDecodedSubscriber implements EventSubscriberInterface
{
    public function __construct(
        private readonly RequestStack $requestStack,
        private readonly LoggerInterface $logger,
    ) {
    }

    /**
     * {@inheritdoc}
     *
     * @return array<string, string>
     */
    public static function getSubscribedEvents(): array
    {
        return [
            JWTDecodedEvent::class => 'onJWTDecoded',
            Events::JWT_DECODED => 'onJWTDecoded',
        ];
    }

    /**
     * Subscriber method to make some custom JWT payload checks.
     *
     * This method is called when 'lexik_jwt_authentication.on_jwt_decoded' event is broadcast.
     */
    public function onJWTDecoded(JWTDecodedEvent $event): void
    {
        // No need to continue event is invalid
        if (!$event->isValid()) {
            return;
        }

        $request = $this->requestStack->getCurrentRequest();
        $this->checkPayload($event, $request);

        if ($request === null) {
            $this->logger->error('Request not available');
            $event->markAsInvalid();
        }
    }

    /**
     * Method to check payload data.
     */
    private function checkPayload(JWTDecodedEvent $event, ?Request $request): void
    {
        if ($request === null) {
            return;
        }

        $payload = $event->getPayload();
        // Get bits for checksum calculation
        $bits = [
            $request->getClientIp(),
            $request->headers->get('User-Agent'),
        ];
        // Calculate checksum
        $checksum = hash('sha512', implode('|', $bits));

        // Custom checks to validate user's JWT
        if (!array_key_exists('checksum', $payload) || $payload['checksum'] !== $checksum) {
            $event->markAsInvalid();
        }
    }
}

1	<?php
2
3	declare(strict_types=1);
4
5	namespace App\User\Transport\EventSubscriber;
6
7	use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
8	use Lexik\Bundle\JWTAuthenticationBundle\Events;
9	use Psr\Log\LoggerInterface;
10	use Symfony\Component\EventDispatcher\EventSubscriberInterface;
11	use Symfony\Component\HttpFoundation\Request;
12	use Symfony\Component\HttpFoundation\RequestStack;
13
14	use function array_key_exists;
15	use function hash;
16	use function implode;
17
18	/**
19	* Class JWTDecodedSubscriber
20	*
21	* @package App\User
22	*/
23	class JWTDecodedSubscriber implements EventSubscriberInterface
24	{
25	public function __construct(
26	private readonly RequestStack $requestStack,
27	private readonly LoggerInterface $logger,
28	) {
29	}	120✔
30
31	/**
32	* {@inheritdoc}
33	*
34	* @return array<string, string>
35	*/
36	public static function getSubscribedEvents(): array
37	{
38	return [	×
39	JWTDecodedEvent::class => 'onJWTDecoded',	×
40	Events::JWT_DECODED => 'onJWTDecoded',	×
41	];	×
42	}
43
44	/**
45	* Subscriber method to make some custom JWT payload checks.
46	*
47	* This method is called when 'lexik_jwt_authentication.on_jwt_decoded' event is broadcast.
48	*/
49	public function onJWTDecoded(JWTDecodedEvent $event): void
50	{
51	// No need to continue event is invalid
52	if (!$event->isValid()) {	120✔
53	return;	×
54	}
55
56	$request = $this->requestStack->getCurrentRequest();	120✔
57	$this->checkPayload($event, $request);	120✔
58
59	if ($request === null) {	120✔
60	$this->logger->error('Request not available');	×
61	$event->markAsInvalid();	×
62	}
63	}
64
65	/**
66	* Method to check payload data.
67	*/
68	private function checkPayload(JWTDecodedEvent $event, ?Request $request): void
69	{
70	if ($request === null) {	120✔
71	return;	×
72	}
73
74	$payload = $event->getPayload();	120✔
75	// Get bits for checksum calculation
76	$bits = [	120✔
77	$request->getClientIp(),	120✔
78	$request->headers->get('User-Agent'),	120✔
79	];	120✔
80	// Calculate checksum
81	$checksum = hash('sha512', implode('\|', $bits));	120✔
82
83	// Custom checks to validate user's JWT
84	if (!array_key_exists('checksum', $payload) \|\| $payload['checksum'] !== $checksum) {	120✔
85	$event->markAsInvalid();	×
86	}
87	}
88	}

systemsdk / docker-symfony-api / #74

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous