Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/VPNController.php
- This file was added.
<?php | |||||
namespace App\Http\Controllers\API\V4; | |||||
use App\Http\Controllers\Controller; | |||||
use Carbon\Carbon; | |||||
use Illuminate\Http\Request; | |||||
use Lcobucci\JWT\Encoding\ChainedFormatter; | |||||
use Lcobucci\JWT\Encoding\JoseEncoder; | |||||
use Lcobucci\JWT\Signer\Key\InMemory; | |||||
use Lcobucci\JWT\Signer\Rsa; | |||||
use Lcobucci\JWT\Token\Builder; | |||||
class VPNController extends Controller | |||||
{ | |||||
/** | |||||
* Token request from the vpn module | |||||
* | |||||
* @param \Illuminate\Http\Request $request The API request. | |||||
* | |||||
* @return \Illuminate\Http\Response The response | |||||
*/ | |||||
public function token(Request $request) | |||||
{ | |||||
$user = $this->guard()->user(); | |||||
if (!$user) { | |||||
machniak: This check is redundant. The route requires authentication. I'd remove this. It will fix the… | |||||
return response()->json(['status' => 'error', 'message' => "Invalid user"], 401); | |||||
Lint: Method App\Http\Controllers\API\V4\VPNController::token() should return Illuminate\Http\Response but returns Illuminate\Http\JsonResponse. Method App\Http\Controllers\API\V4\VPNController::token() should return Illuminate\Http\Response but returns Illuminate\Http\JsonResponse. Lint: Method App\Http\Controllers\API\V4\VPNController::token() should return Illuminate\Http\Response but returns Illuminate\Http\JsonResponse.: Method App\Http\Controllers\API\V4\VPNController::token() should return… | |||||
} | |||||
$signingKey = InMemory::plainText(\config("app.vpn.signing_key")); | |||||
machniakUnsubmitted Not Done Inline ActionsI'd like to see the option described in config/app.php. Also, should we throw an exception when it's not set? machniak: I'd like to see the option described in config/app.php. Also, should we throw an exception when… | |||||
$tokenBuilder = (new Builder(new JoseEncoder(), ChainedFormatter::default())); | |||||
$token = $tokenBuilder | |||||
->issuedAt(Carbon::now()->toImmutable()) | |||||
// The entitlement is hardcoded for now to default. | |||||
// Can be extended in the future based on user entitlements. | |||||
->withClaim('entitlement', "default") | |||||
->getToken(new Rsa\Sha256(), $signingKey); | |||||
return response($token->toString()); | |||||
machniakUnsubmitted Not Done Inline ActionsDo we really not want to return JSON to be consistent with the whole API? machniak: Do we really not want to return JSON to be consistent with the whole API? | |||||
} | |||||
} |
This check is redundant. The route requires authentication. I'd remove this. It will fix the linting issue.