Merge pull request #3 from hyva-themes/check-customer-token-valid

Check if customer token is valid
hyva-themes · Mar 5, 2021 · 289f36b · 289f36b
2 parents 9fd3771 + d7e4e59
commit 289f36b
Showing 1 changed file with 64 additions and 4 deletions.
diff --git a/src/CustomerData/CustomerPlugin.php b/src/CustomerData/CustomerPlugin.php
@@ -9,13 +9,19 @@
 
 namespace Hyva\GraphqlTokens\CustomerData;
 
+use Magento\Authorization\Model\UserContextInterface;
 use Magento\Customer\CustomerData\Customer;
 use Magento\Customer\Helper\Session\CurrentCustomer;
+use Magento\Framework\Stdlib\DateTime;
+use Magento\Framework\Stdlib\DateTime\DateTime as Date;
+use Magento\Integration\Helper\Oauth\Data as OauthHelper;
+use Magento\Integration\Model\Oauth\Token;
 use Magento\Integration\Model\Oauth\Token as TokenModel;
 use Magento\Integration\Model\Oauth\TokenFactory as TokenModelFactory;
 
 class CustomerPlugin
 {
+
     /**
      * @var CurrentCustomer
      */
@@ -25,15 +31,65 @@ class CustomerPlugin
      * @var TokenModelFactory
      */
     private $tokenModelFactory;
+
+    /**
+     * @var OauthHelper
+     */
+    private $oauthHelper;
+
+    /**
+     * @var DateTime
+     */
+    private $dateTime;
+
+    /**
+     * @var Date
+     */
+    private $date;
 
     public function __construct(
         CurrentCustomer $currentCustomer,
-        TokenModelFactory $tokenModelFactory
-    ) {
+        TokenModelFactory $tokenModelFactory,
+        DateTime $dateTime,
+        Date $date,
+        OauthHelper $oauthHelper
+    )
+    {
         $this->currentCustomer = $currentCustomer;
         $this->tokenModelFactory = $tokenModelFactory;
+        $this->oauthHelper = $oauthHelper;
+        $this->dateTime = $dateTime;
+        $this->date = $date;
     }
 
+    /**
+     * Check if token is expired. Copied from
+     * \Magento\Webapi\Model\Authorization\TokenUserContext::isTokenExpired
+     *
+     * @param Token $token
+     * @return bool
+     */
+    private function isTokenExpired(Token $token): bool
+    {
+        if ($token->getUserType() == UserContextInterface::USER_TYPE_ADMIN) {
+            $tokenTtl = $this->oauthHelper->getAdminTokenLifetime();
+        } elseif ($token->getUserType() == UserContextInterface::USER_TYPE_CUSTOMER) {
+            $tokenTtl = $this->oauthHelper->getCustomerTokenLifetime();
+        } else {
+            // other user-type tokens are considered always valid
+            return false;
+        }
+
+        if (empty($tokenTtl)) {
+            return false;
+        }
+
+        if ($this->dateTime->strToTime($token->getCreatedAt()) < ($this->date->gmtTimestamp() - $tokenTtl * 3600)) {
+            return true;
+        }
+
+        return false;
+    }
     /**
      * @param Customer $subject
      * @param array $result
@@ -48,8 +104,12 @@ public function afterGetSectionData(Customer $subject, array $result)
 
         /** @var TokenModel $tokenModel */
         $tokenModel = $this->tokenModelFactory->create();
-        $token = $tokenModel->loadByCustomerId($customerId)->getToken()
-            ?? $tokenModel->createCustomerToken($customerId)->getToken();
+
+        $token = $tokenModel->loadByCustomerId($customerId);
+
+        if (!$token->getId() || $token->getRevoked() || $this->isTokenExpired($token)) {
+            $token = $tokenModel->createCustomerToken($customerId)->getToken();
+        }
 
         if ($token) {
             $result['signin_token'] = $token;