當執行對opentok rest API的REST請求時,我得到了我的jwt令牌「已過期」。OpenTok JWT Authenticacion Bug
想知道一點點,我只是爲了獲取服務器日期,通過使用與服務器相同的日期作爲令牌過期時間,我能夠列出屬於會話的視頻,向服務器 執行虛擬請求。
這顯然是錯誤的,iat時間和exp時間不應該與服務器日期匹配。
可能的解決方案:
A)的用戶應當能夠指定他的服務器時區和OpenTok REST服務器應該匹配關於配置給定項目時區的日期。 B)不考慮iat並考慮以秒爲單位的到期時間。
感謝
補丁
/**
* Useless class used to fix bugs and solve single session archive fetching
* issue in opentok.
*
* This class also implements JWT in order to comply with the new authentication
* system that will be in use during July of 2017.
*
* A problem was also detected when trying to authenticate (date issue)
*
* @see https://github.com/opentok/OpenTok-PHP-SDK/issues/172
* @see https://stackoverflow.com/questions/44768499/opentok-jwt-authenticacion-bug
*
* @author Federico Stange <[email protected]>
*/
namespace stange\opentok;
use \Firebase\JWT\JWT;
use \Guzzle\Common\Event;
use \OpenTok\Util\Client as OpenTokClient;
class OTAuthPlugin extends \OpenTok\Util\Plugin\PartnerAuth{
private $timestamp = null;
public static function getSubscribedEvents(){
return array('request.before_send' => 'onBeforeSend');
}
public function setTimestamp($time){
$this->timestamp =$time;
return $this;
}
public function getTimestamp(){
return $this->timestamp;
}
public function onBeforeSend(Event $event){
$event['request']->addHeader(
'X-OPENTOK-AUTH',
$this->createAuthHeader()
);
}
private function createAuthHeader(){
$token = array(
'ist' => 'project',
'iss' => $this->apiKey,
'iat' => $this->timestamp,
'exp' => $this->timestamp+180,
'jti' => uniqid()
);
return JWT::encode($token, $this->apiSecret);
}
}
class Client extends OpenTokClient{
public function configure($apiKey, $apiSecret, $apiUrl){
$this->apiKey = $apiKey;
$this->apiSecret = $apiSecret;
$this->setBaseUrl($apiUrl);
$this->setUserAgent(OPENTOK_SDK_USER_AGENT, true);
$opentokAuthPlugin = new OTAuthPlugin($apiKey, $apiSecret);
$opentokAuthPlugin->setTimestamp($this->getServerDate());
$this->addSubscriber($opentokAuthPlugin);
$this->configured = true;
}
/**
* Make a request for getting the server date
* this is a bug and it has been reported to the opentok team.
* and to the tech support department.
*
*
*/
public function getServerDate(){
try{
$response = $this->get(
"/v2/project/". md5(uniqid())
)->send();
} catch (\Exception $e) {
$date = $e->getResponse()->getHeader('Date')->toArray();
$date = $date[0];
$serverDate = \DateTime::createFromFormat(
"D, d M Y H:i:s e",
$date
);
return $serverDate->getTimestamp();
}
return $serverDate;
}
public function listArchivesInSession($sessionId){
$url = "/v2/project/{$this->apiKey}/archive?sessionId=$sessionId";
$request = $this->get($url);
return $request->send()->json();
}
}
這是一個跡象,你的服務器上的時鐘同步有誤。從版本2.5.0開始的PHP SDK已經實現了JWT並且已被證明能夠正常工作。我建議您升級到v2.5.0並確保您的服務器時鐘準確無誤。