改进 token 认证
This commit is contained in:
parent
f7ebda06f7
commit
68252ab4a0
@ -52,11 +52,11 @@ private function setJWTGuard(): void
|
||||
return response()->json(['error' => 'Invalid token, '.$e->getMessage()], 401);
|
||||
}
|
||||
|
||||
if (! in_array($decoded->aud, config('oauth.trusted_aud'))) {
|
||||
return response()->json(['error' => 'The application rejected the token, token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
|
||||
}
|
||||
if (config('oauth.force_aud')) {
|
||||
if (! in_array($decoded->aud, config('oauth.trusted_aud'))) {
|
||||
return response()->json(['error' => 'The application rejected the token, token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
|
||||
}
|
||||
|
||||
if (config('oauth.force_aud') && $decoded->aud != config('oauth.client_id')) {
|
||||
return response()->json(['error' => 'The token not match the application, '.' token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user