OpenTok JWT认证错误
当对opentok REST API执行REST请求时,我得到的是我的jwt令牌已过期 我想了想,对服务器执行了一个虚拟请求 为了获取服务器日期,通过使用来自服务器的相同日期作为令牌过期时间,我能够列出属于会话的视频 这显然是错误的,iat时间和exp时间不应与服务器日期匹配 可能的解决办法: A用户应该能够指定其服务器时区,OpenTok REST服务器应该与为给定项目配置的时区相关的日期相匹配OpenTok JWT认证错误,opentok,Opentok,当对opentok REST API执行REST请求时,我得到的是我的jwt令牌已过期 我想了想,对服务器执行了一个虚拟请求 为了获取服务器日期,通过使用来自服务器的相同日期作为令牌过期时间,我能够列出属于会话的视频 这显然是错误的,iat时间和exp时间不应与服务器日期匹配 可能的解决办法: A用户应该能够指定其服务器时区,OpenTok REST服务器应该与为给定项目配置的时区相关的日期相匹配 b忽略IAT,考虑秒的有效时间。 谢谢补丁 /** * Useless class used
b忽略IAT,考虑秒的有效时间。
谢谢补丁/**
* Useless class used to fix bugs and solve single session archive fetching
* issue in opentok.
*
* This class also implements JWT in order to comply with the new authentication
* system that will be in use during July of 2017.
*
* A problem was also detected when trying to authenticate (date issue)
*
* @see https://github.com/opentok/OpenTok-PHP-SDK/issues/172
* @see https://stackoverflow.com/questions/44768499/opentok-jwt-authenticacion-bug
*
* @author Federico Stange <jpfstange@gmail.com>
*/
namespace stange\opentok;
use \Firebase\JWT\JWT;
use \Guzzle\Common\Event;
use \OpenTok\Util\Client as OpenTokClient;
class OTAuthPlugin extends \OpenTok\Util\Plugin\PartnerAuth{
private $timestamp = null;
public static function getSubscribedEvents(){
return array('request.before_send' => 'onBeforeSend');
}
public function setTimestamp($time){
$this->timestamp =$time;
return $this;
}
public function getTimestamp(){
return $this->timestamp;
}
public function onBeforeSend(Event $event){
$event['request']->addHeader(
'X-OPENTOK-AUTH',
$this->createAuthHeader()
);
}
private function createAuthHeader(){
$token = array(
'ist' => 'project',
'iss' => $this->apiKey,
'iat' => $this->timestamp,
'exp' => $this->timestamp+180,
'jti' => uniqid()
);
return JWT::encode($token, $this->apiSecret);
}
}
class Client extends OpenTokClient{
public function configure($apiKey, $apiSecret, $apiUrl){
$this->apiKey = $apiKey;
$this->apiSecret = $apiSecret;
$this->setBaseUrl($apiUrl);
$this->setUserAgent(OPENTOK_SDK_USER_AGENT, true);
$opentokAuthPlugin = new OTAuthPlugin($apiKey, $apiSecret);
$opentokAuthPlugin->setTimestamp($this->getServerDate());
$this->addSubscriber($opentokAuthPlugin);
$this->configured = true;
}
/**
* Make a request for getting the server date
* this is a bug and it has been reported to the opentok team.
* and to the tech support department.
*
*
*/
public function getServerDate(){
try{
$response = $this->get(
"/v2/project/". md5(uniqid())
)->send();
} catch (\Exception $e) {
$date = $e->getResponse()->getHeader('Date')->toArray();
$date = $date[0];
$serverDate = \DateTime::createFromFormat(
"D, d M Y H:i:s e",
$date
);
return $serverDate->getTimestamp();
}
return $serverDate;
}
public function listArchivesInSession($sessionId){
$url = "/v2/project/{$this->apiKey}/archive?sessionId=$sessionId";
$request = $this->get($url);
return $request->send()->json();
}
}
这表示服务器上的时钟未正确同步。从2.5.0版开始的PHPSDK已经实现了JWT,并且已经被证明工作正常。我建议您升级到v2.5.0,并确保服务器时钟准确无误