File: C:/laragon/www/beplocal/Utilities.php
<?php
include_once 'DBClassOkta.php';
require "vendor/autoload.php";
include_once 'Utilities.php';
use \Firebase\JWT\JWT;
function verificaToken($jwt, $auth_level){
$secret_key = "OKTA2022@2202ATKO";
$databaseService = new DatabaseService();
$conn = $databaseService->getConnection();
//array('HS256')
if($jwt) {
try {
$decoded = JWT::decode($jwt, $secret_key, array('HS256'));
$user = $decoded->data->Login;
$nome = $decoded->data->Nome;
$cognome = $decoded->data->Cognome;
$scadenza = $decoded->exp;
if(time() >= $scadenza){
return false;
}
else{
if($auth_level == "*"){
return true;
}
else {
//cerco se nel DB l'utente รจ abilitato al livello di autorizzazione richiesto
$query = "Select ".
"us.login, ".
"us.nome, ".
"us.cognome, ".
"us.tipoUtenza, ".
"al.CodificaLivello ".
"From Users as us ".
"inner join UserAuth as ua on us.idUsers = ua.idUser ".
"inner join AuthLevel as al on al.idAuthLevel = ua.IdAuth ".
"where us.login = :user and ( (al.CodificaLivello = :authLevel ) || (al.CodificaLivello = 'ALL' ))";
$stmt = $conn->prepare( $query ,[PDO::ATTR_CURSOR => PDO::CURSOR_FWDONLY]);
$stmt->execute(['user' => $user, 'authLevel'=>$auth_level]);
$num = $stmt->rowCount();
if($num > 0){
return true;
}else {
return false;
}
}
}
}
catch (Exception $e) {
return false;
}
}else{
return false;
}
}
?>