Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
| Total | |
9.09% |
1 / 11 |
|
50.00% |
1 / 2 |
CRAP | |
0.00% |
0 / 1 |
| TokenValidationService | |
9.09% |
1 / 11 |
|
50.00% |
1 / 2 |
43.81 | |
0.00% |
0 / 1 |
| __construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
| validateCaptchaToken | |
0.00% |
0 / 10 |
|
0.00% |
0 / 1 |
42 | |||
| 1 | <?php |
| 2 | |
| 3 | declare(strict_types=1); |
| 4 | |
| 5 | namespace BO\Zmscitizenapi\Services\Captcha; |
| 6 | |
| 7 | use BO\Zmscitizenapi\Utils\ClientIpHelper; |
| 8 | use Firebase\JWT\JWT; |
| 9 | use Firebase\JWT\Key; |
| 10 | use Firebase\JWT\ExpiredException; |
| 11 | |
| 12 | class TokenValidationService |
| 13 | { |
| 14 | public const TOKEN_VALID = 'valid'; |
| 15 | public const TOKEN_MISSING = 'missing'; |
| 16 | public const TOKEN_INVALID = 'invalid'; |
| 17 | public const TOKEN_EXPIRED = 'expired'; |
| 18 | private string $captchaTokenSecret; |
| 19 | |
| 20 | public function __construct() |
| 21 | { |
| 22 | $this->captchaTokenSecret = \App::$CAPTCHA_TOKEN_SECRET; |
| 23 | } |
| 24 | |
| 25 | public function validateCaptchaToken(?string $token): string |
| 26 | { |
| 27 | if (empty($token)) { |
| 28 | return self::TOKEN_MISSING; |
| 29 | } |
| 30 | |
| 31 | try { |
| 32 | $payload = (array) JWT::decode($token, new Key($this->captchaTokenSecret, 'HS256')); |
| 33 | if (empty($payload['ip']) || $payload['ip'] !== ClientIpHelper::getClientIp()) { |
| 34 | return self::TOKEN_INVALID; |
| 35 | } |
| 36 | |
| 37 | return self::TOKEN_VALID; |
| 38 | } catch (ExpiredException $e) { |
| 39 | return self::TOKEN_EXPIRED; |
| 40 | } catch (\Exception $e) { |
| 41 | return self::TOKEN_INVALID; |
| 42 | } |
| 43 | } |
| 44 | } |