Libreria para revision

alancting/php-microsoft-jwt

app/Http/Controllers/API/MovieController.php

@@ -3,69 +3,40 @@
 namespace App\Http\Controllers\API;
 
 use App\Models\Movie;
-use Firebase\JWT\JWT;
-use Firebase\JWT\Key;
 use Illuminate\Http\Request;
 use App\Http\Controllers\Controller;
+
+use Alancting\Microsoft\JWT\AzureAd\AzureAdConfiguration;
+use Alancting\Microsoft\JWT\AzureAd\AzureAdAccessTokenJWT;
+use Alancting\Microsoft\JWT\AzureAd\AzureAdIdTokenJWT;
+
 class MovieController extends Controller
 {
     /**
      * Display a listing of the resource.
      */
-    private $string_microsoftPublicKeyURL = 'https://login.microsoftonline.com/9af622ec-f1a5-4422-bdc9-8c20039ed9eb/discovery/v2.0/keys';
-    public function getPublicKeyFromX5C($string_certText) {
-        $object_cert = openssl_x509_read($string_certText);
-        $object_pubkey = openssl_pkey_get_public($object_cert);
-        $array_publicKey = openssl_pkey_get_details($object_pubkey);
-        return $array_publicKey['key'];
-    }
-    public function loadKeysFromAzure($string_microsoftPublicKeyURL) {
-        $array_keys = array();
-
-        $jsonString_microsoftPublicKeys = file_get_contents($string_microsoftPublicKeyURL);
-        $array_microsoftPublicKeys = json_decode($jsonString_microsoftPublicKeys, true);
-
-        foreach($array_microsoftPublicKeys['keys'] as $array_publicKey) {
-            $string_certText = "-----BEGIN CERTIFICATE-----\r\n".chunk_split($array_publicKey['x5c'][0],64)."-----END CERTIFICATE-----\r\n";
-            $array_keys[$array_publicKey['kid']] = $this->getPublicKeyFromX5C($string_certText);
-        }
-
-        return $array_keys;
-    }
+    //private $string_microsoftPublicKeyURL = 'https://login.microsoftonline.com/9af622ec-f1a5-4422-bdc9-8c20039ed9eb/discovery/v2.0/keys';
+    //9af622ec-f1a5-4422-bdc9-8c20039ed9eb
+    private $config_options = [
+        'tenant' => '9af622ec-f1a5-4422-bdc9-8c20039ed9eb',
+        'tenant_id' => '9af622ec-f1a5-4422-bdc9-8c20039ed9eb',
+        'client_id' => 'ab3eaf82-413c-4808-b011-0086680b9795'
+    ];
+    private $audience = "87ce3de8-5800-4291-98bc-628c7d525bf7";
     public function index(Request $request)
     {
         //$headers = $request->headers->all();
         if($request->hasHeader('Authorization')){
-            $authorization = $request->header("Authorization");
-            $array_publicKeysWithKIDasArrayKey = $this->loadKeysFromAzure($this->string_microsoftPublicKeyURL);
+            $authorization = explode(' ', $request->header("Authorization"))[1];
             //---
-            $jwt = str_replace('Bearer ', '', $authorization);
-            // Verifica el token JWT
-            // Suponiendo que $array_publicKeysWithKIDasArrayKey es tu arreglo de claves públicas
-            $KidFinal = "";
-            $dec = "";
-            foreach ($array_publicKeysWithKIDasArrayKey as $kid => $publicKey) {
-                try {
-                    $KidFinal = "";
-                    $dec = "";
-                    // Decodificar el token JWT con la clave pública actual
-                    $decoded = JWT::decode($jwt, new Key($publicKey, 'RS256'));
-                    // Si la decodificación es exitosa, significa que esta clave se utilizó para firmar el token
-                    $KidFinal = $kid;
-                    $dec = $decoded;
-                    break; // Salir del bucle ya que hemos encontrado la clave correcta
-                } catch (\Exception $e) {
-                    // Si ocurre una excepción, continuar con la siguiente clave
-                    continue;
-                }
-            }
+            $config = new AzureAdConfiguration($this->config_options);
+            $access_token_jwt = new AzureAdAccessTokenJWT($config, $authorization, $this->audience);
             //---
             $movies = Movie::all();
             return response()->json([
                 'movies'=>$movies,
                 'token'=>$authorization,
-                'kid' => $KidFinal,
-                "decoded" => $dec,
+                'payload'=> $access_token_jwt->getPayload()
             ]);
         }else{
             return response()->json([

composer.json

@@ -6,6 +6,7 @@
     "license": "MIT",
     "require": {
         "php": "^8.1",
+        "alancting/php-microsoft-jwt": "^1.1",
         "firebase/php-jwt": "^6.10",
         "guzzlehttp/guzzle": "^7.2",
         "laravel/framework": "^10.10",