Changeset View
Changeset View
Standalone View
Standalone View
src/app/Http/Controllers/API/V4/VPNController.php
- This file was added.
<?php | |||||
namespace App\Http\Controllers\API\V4; | |||||
use App\Http\Controllers\Controller; | |||||
use Carbon\Carbon; | |||||
use Illuminate\Http\Request; | |||||
use Lcobucci\JWT\Encoding\ChainedFormatter; | |||||
use Lcobucci\JWT\Encoding\JoseEncoder; | |||||
use Lcobucci\JWT\Signer\Key\InMemory; | |||||
use Lcobucci\JWT\Signer\Rsa; | |||||
use Lcobucci\JWT\Token\Builder; | |||||
class VPNController extends Controller | |||||
{ | |||||
/** | |||||
* Token request from the vpn module | |||||
* | |||||
* @param \Illuminate\Http\Request $request The API request. | |||||
* | |||||
* @return \Illuminate\Http\JsonResponse The response | |||||
*/ | |||||
public function token(Request $request) | |||||
{ | |||||
$signingKey = \config("app.vpn.token_signing_key"); | |||||
if (empty($signingKey)) { | |||||
throw new \Exception("app.vpn.token_signing_key is not set"); | |||||
machniak: This check is redundant. The route requires authentication. I'd remove this. It will fix the… | |||||
} | |||||
$tokenBuilder = (new Builder(new JoseEncoder(), ChainedFormatter::default())); | |||||
$token = $tokenBuilder | |||||
Not Done Inline ActionsI'd like to see the option described in config/app.php. Also, should we throw an exception when it's not set? machniak: I'd like to see the option described in config/app.php. Also, should we throw an exception when… | |||||
->issuedAt(Carbon::now()->toImmutable()) | |||||
// The entitlement is hardcoded for now to default. | |||||
// Can be extended in the future based on user entitlements. | |||||
->withClaim('entitlement', "default") | |||||
->getToken(new Rsa\Sha256(), InMemory::plainText($signingKey)); | |||||
return response()->json(['status' => 'ok', 'token' => $token->toString()]); | |||||
} | |||||
} | |||||
Not Done Inline ActionsDo we really not want to return JSON to be consistent with the whole API? machniak: Do we really not want to return JSON to be consistent with the whole API? |
This check is redundant. The route requires authentication. I'd remove this. It will fix the linting issue.