1919use CodeIgniter \Shield \Authentication \AuthenticatorInterface ;
2020use CodeIgniter \Shield \Authentication \HMAC \HmacEncrypter ;
2121use CodeIgniter \Shield \Config \Auth ;
22+ use CodeIgniter \Shield \Config \AuthToken ;
2223use CodeIgniter \Shield \Entities \User ;
2324use CodeIgniter \Shield \Exceptions \InvalidArgumentException ;
2425use CodeIgniter \Shield \Models \TokenLoginModel ;
@@ -32,14 +33,16 @@ class HmacSha256 implements AuthenticatorInterface
3233
3334 protected ?User $ usernull ;
3435 protected TokenLoginModel $ loginModel
36+ protected AuthToken $ authTokenConfig
3537
3638 /**
3739 * @param UserModel $provider The persistence engine
3840 */
3941 public function __construct (
4042 protected UserModel $ provider
4143 ) {
42- $ this loginModel = model (TokenLoginModel::class);
44+ $ this authTokenConfig = config ('AuthToken ' );
45+ $ this loginModel = model (TokenLoginModel::class);
4346 }
4447
4548 /**
@@ -50,8 +53,6 @@ public function __construct(
5053 */
5154 public function attempt (array $ credentialsResult
5255 {
53- $ configconfig ('AuthToken ' );
54-
5556 /** @var IncomingRequest $request */
5657 $ requestservice ('request ' );
5758
@@ -61,7 +62,7 @@ public function attempt(array $credentials): Result
6162 $ result$ this check ($ credentials
6263
6364 if (! $ resultisOK ()) {
64- if ($ config recordLoginAttempt >= Auth::RECORD_LOGIN_ATTEMPT_FAILURE ) {
65+ if ($ this -> authTokenConfig ->recordLoginAttempt >= Auth::RECORD_LOGIN_ATTEMPT_FAILURE ) {
6566 // Record all failed login attempts.
6667 $ this loginModel ->recordLoginAttempt (
6768 self ::ID_TYPE_HMAC_TOKEN ,
@@ -79,7 +80,7 @@ public function attempt(array $credentials): Result
7980 $ token$ usergetHmacToken ($ this getHmacKeyFromToken ());
8081
8182 if ($ userisBanned ()) {
82- if ($ config recordLoginAttempt >= Auth::RECORD_LOGIN_ATTEMPT_FAILURE ) {
83+ if ($ this -> authTokenConfig ->recordLoginAttempt >= Auth::RECORD_LOGIN_ATTEMPT_FAILURE ) {
8384 // Record a banned login attempt.
8485 $ this loginModel ->recordLoginAttempt (
8586 self ::ID_TYPE_HMAC_TOKEN ,
@@ -103,7 +104,7 @@ public function attempt(array $credentials): Result
103104
104105 $ this login ($ user
105106
106- if ($ config recordLoginAttempt === Auth::RECORD_LOGIN_ATTEMPT_ALL ) {
107+ if ($ this -> authTokenConfig ->recordLoginAttempt === Auth::RECORD_LOGIN_ATTEMPT_ALL ) {
107108 // Record a successful login attempt.
108109 $ this loginModel ->recordLoginAttempt (
109110 self ::ID_TYPE_HMAC_TOKEN ,
@@ -132,7 +133,7 @@ public function check(array $credentials): Result
132133 'success ' => false ,
133134 'reason ' => lang (
134135 'Auth.noToken ' ,
135- [config ( ' AuthToken ' ) ->authenticatorHeader ['hmac ' ]],
136+ [$ this -> authTokenConfig ->authenticatorHeader ['hmac ' ]],
136137 ),
137138 ]);
138139 }
@@ -174,7 +175,7 @@ public function check(array $credentials): Result
174175 if (
175176 isset ($ tokenlast_used_at )
176177 && $ tokenlast_used_at ->isBefore (
177- Time::now ()->subSeconds (config ( ' AuthToken ' ) ->unusedTokenLifetime ),
178+ Time::now ()->subSeconds ($ this -> authTokenConfig ->unusedTokenLifetime ),
178179 )
179180 ) {
180181 return new Result ([
@@ -215,7 +216,7 @@ public function loggedIn(): bool
215216
216217 return $ this attempt ([
217218 'token ' => $ requestgetHeaderLine (
218- config ( ' AuthToken ' ) ->authenticatorHeader ['hmac ' ],
219+ $ this -> authTokenConfig ->authenticatorHeader ['hmac ' ],
219220 ),
220221 ])->isOK ();
221222 }
@@ -276,7 +277,7 @@ public function getFullHmacToken(): ?string
276277 /** @var IncomingRequest $request */
277278 $ requestservice ('request ' );
278279
279- $ header$ requestgetHeaderLine (config ( ' AuthToken ' ) ->authenticatorHeader ['hmac ' ]);
280+ $ header$ requestgetHeaderLine ($ this -> authTokenConfig ->authenticatorHeader ['hmac ' ]);
280281
281282 if ($ header'' ) {
282283 return null ;
0 commit comments