vendor/gesdinet/jwt-refresh-token-bundle/EventListener/AttachRefreshTokenOnSuccessListener.php line 109

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the GesdinetJWTRefreshTokenBundle package.
  5.  *
  6.  * (c) Gesdinet <http://www.gesdinet.com/>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Gesdinet\JWTRefreshTokenBundle\EventListener;
  14. use Gesdinet\JWTRefreshTokenBundle\Generator\RefreshTokenGeneratorInterface;
  15. use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenInterface;
  16. use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManagerInterface;
  17. use Gesdinet\JWTRefreshTokenBundle\Request\Extractor\ExtractorInterface;
  18. use Lexik\Bundle\JWTAuthenticationBundle\Event\AuthenticationSuccessEvent;
  19. use Symfony\Component\HttpFoundation\Cookie;
  20. use Symfony\Component\Security\Core\User\UserInterface;
  21. use Symfony\Component\HttpFoundation\RequestStack;
  22. use Symfony\Component\HttpKernel\Kernel;
  24. class AttachRefreshTokenOnSuccessListener
  25. {
  26.     /**
  27.      * @var RefreshTokenManagerInterface
  28.      */
  29.     protected $refreshTokenManager;
  31.     /**
  32.      * @var int
  33.      */
  34.     protected $ttl;
  36.     /**
  37.      * @var RequestStack
  38.      */
  39.     protected $requestStack;
  41.     /**
  42.      * @var string
  43.      */
  44.     protected $tokenParameterName;
  46.     /**
  47.      * @var bool
  48.      */
  49.     protected $singleUse;
  51.     /**
  52.      * @var RefreshTokenGeneratorInterface
  53.      */
  54.     protected $refreshTokenGenerator;
  56.     /**
  57.      * @var ExtractorInterface
  58.      */
  59.     protected $extractor;
  61.     protected array $cookieSettings;
  63.     protected bool $returnExpiration;
  65.     protected string $returnExpirationParameterName;
  67.     /**
  68.      * @param int    $ttl
  69.      * @param string $tokenParameterName
  70.      * @param bool   $singleUse
  71.      */
  72.     public function __construct(
  73.         RefreshTokenManagerInterface $refreshTokenManager,
  74.         $ttl,
  75.         RequestStack $requestStack,
  76.         $tokenParameterName,
  77.         $singleUse,
  78.         RefreshTokenGeneratorInterface $refreshTokenGenerator,
  79.         ExtractorInterface $extractor,
  80.         array $cookieSettings,
  81.         bool $returnExpiration false,
  82.         string $returnExpirationParameterName 'refresh_token_expiration'
  83.     ) {
  84.         $this->refreshTokenManager $refreshTokenManager;
  85.         $this->ttl $ttl;
  86.         $this->requestStack $requestStack;
  87.         $this->tokenParameterName $tokenParameterName;
  88.         $this->singleUse $singleUse;
  89.         $this->refreshTokenGenerator $refreshTokenGenerator;
  90.         $this->extractor $extractor;
  91.         $this->cookieSettings array_merge([
  92.             'enabled' => false,
  93.             'same_site' => 'lax',
  94.             'path' => '/',
  95.             'domain' => null,
  96.             'http_only' => true,
  97.             'secure' => true,
  98.             'remove_token_from_body' => true,
  99.             'partitioned' => false,
  100.         ], $cookieSettings);
  101.         $this->returnExpiration $returnExpiration;
  102.         $this->returnExpirationParameterName $returnExpirationParameterName;
  104.         if ($this->cookieSettings['partitioned'] && Kernel::VERSION '6.4') {
  105.             throw new \LogicException(sprintf('The `partitioned` option for cookies is only available for Symfony 6.4 and above. You are currently on version %s'Kernel::VERSION));
  106.         }
  107.     }
  109.     public function attachRefreshToken(AuthenticationSuccessEvent $event): void
  110.     {
  111.         $user $event->getUser();
  113.         if (!$user instanceof UserInterface) {
  114.             return;
  115.         }
  117.         $data $event->getData();
  118.         $request $this->requestStack->getCurrentRequest();
  120.         if (null === $request) {
  121.             return;
  122.         }
  124.         // Extract refreshToken from the request
  125.         $refreshTokenString $this->extractor->getRefreshToken($request$this->tokenParameterName);
  127.         // Remove the current refreshToken if it is single-use
  128.         if ($refreshTokenString && true === $this->singleUse) {
  129.             $refreshToken $this->refreshTokenManager->get($refreshTokenString);
  130.             $refreshTokenString null;
  132.             if ($refreshToken instanceof RefreshTokenInterface) {
  133.                 $this->refreshTokenManager->delete($refreshToken);
  134.             }
  135.         }
  137.         // Set or create the refreshTokenString
  138.         if ($refreshTokenString) {
  139.             $data[$this->tokenParameterName] = $refreshTokenString;
  141.             if ($this->returnExpiration) {
  142.                 $refreshToken $this->refreshTokenManager->get($refreshTokenString);
  143.                 $data[$this->returnExpirationParameterName] = ($refreshToken) ? $refreshToken->getValid()->getTimestamp() : 0;
  144.             }
  145.         } else {
  146.             $refreshToken $this->refreshTokenGenerator->createForUserWithTtl($user$this->ttl);
  148.             $this->refreshTokenManager->save($refreshToken);
  149.             $refreshTokenString $refreshToken->getRefreshToken();
  150.             $data[$this->tokenParameterName] = $refreshTokenString;
  152.             if ($this->returnExpiration) {
  153.                 $data[$this->returnExpirationParameterName] = $refreshToken->getValid()->getTimestamp();
  154.             }
  155.         }
  157.         // Add a response cookie if enabled
  158.         if ($this->cookieSettings['enabled']) {
  159.             $event->getResponse()->headers->setCookie(
  160.                 new Cookie(
  161.                     $this->tokenParameterName,
  162.                     $refreshTokenString,
  163.                     time() + $this->ttl,
  164.                     $this->cookieSettings['path'],
  165.                     $this->cookieSettings['domain'],
  166.                     $this->cookieSettings['secure'],
  167.                     $this->cookieSettings['http_only'],
  168.                     false,
  169.                     $this->cookieSettings['same_site'],
  170.                     $this->cookieSettings['partitioned'],
  171.                 )
  172.             );
  174.             // Remove the refreshTokenString from the response body
  175.             if (isset($this->cookieSettings['remove_token_from_body']) && $this->cookieSettings['remove_token_from_body']) {
  176.                 unset($data[$this->tokenParameterName]);
  177.             }
  178.         }
  180.         // Set response data
  181.         $event->setData($data);
  182.     }
  183. }