chore: add Firebase JWT (#38)

momentohq · Oct 27, 2022 · 574419c · 574419c
1 parent baa460c
commit 574419c
Show file tree

Hide file tree

Showing 4 changed files with 89 additions and 15 deletions.
diff --git a/composer.json b/composer.json
@@ -22,9 +22,10 @@
     },
     "require": {
         "php": ">=7.4",
+        "ext-grpc": "*",
+        "firebase/php-jwt": "^6.3",
         "google/protobuf": "3.21.5",
-        "grpc/grpc": "1.42.0",
-        "ext-grpc": "*"
+        "grpc/grpc": "1.42.0"
     },
     "require-dev": {
         "composer/composer" : "^2.4.1",

diff --git a/composer.lock b/composer.lock
diff --git a/src/Auth/AuthUtils.php b/src/Auth/AuthUtils.php
@@ -2,26 +2,36 @@
 
 namespace Momento\Auth;
 
+use Firebase\JWT\JWT;
 use Momento\Cache\Errors\InvalidArgumentError;
 
+
 class AuthUtils
 {
 
-    private static function throwBadAuthToken() {
+    private static function throwBadAuthToken()
+    {
         throw new InvalidArgumentError('Invalid Momento auth token.');
     }
 
-    public static function parseAuthToken(string $authToken) : array {
-        $exploded = explode (".", $authToken);
+    public static function parseAuthToken(string $authToken): object
+    {
+        $exploded = explode(".", $authToken);
         if (count($exploded) != 3) {
             self::throwBadAuthToken();
         }
-        list($header, $payload, $signature) = $exploded;
-        $token = json_decode(base64_decode($payload), true);
-        if ($token === null) {
+
+        try {
+            list($header, $payload, $signature) = $exploded;
+            $payload = JWT::jsonDecode(JWT::urlsafeB64Decode($payload));
+        } catch (\Exception) {
+            self::throwBadAuthToken();
+        }
+
+        if ($payload === null) {
             self::throwBadAuthToken();
         }
-        return $token;
+        return $payload;
     }
 
 }
diff --git a/src/Auth/EnvMomentoTokenProvider.php b/src/Auth/EnvMomentoTokenProvider.php
@@ -1,4 +1,5 @@
 <?php
+
 namespace Momento\Auth;
 
 use Momento\Auth\AuthUtils;
@@ -20,21 +21,21 @@ public function __construct(string $envVariableName)
         }
         $payload = AuthUtils::parseAuthToken($authToken);
         $this->authToken = $authToken;
-        $this->controlEndpoint = $payload["cp"];
-        $this->cacheEndpoint = $payload["c"];
+        $this->controlEndpoint = $payload->cp;
+        $this->cacheEndpoint = $payload->c;
     }
 
-    public function getAuthToken() : string
+    public function getAuthToken(): string
     {
         return $this->authToken;
     }
 
-    public function getCacheEndpoint() : string
+    public function getCacheEndpoint(): string
     {
         return $this->cacheEndpoint;
     }
 
-    public function getControlEndpoint() : string
+    public function getControlEndpoint(): string
     {
         return $this->controlEndpoint;
     }