@@ -43,7 +43,9 @@ function __construct(Dispatcher $events)
4343 public function store ($ version$ deviceToken$ websitePushIdRequest $ request
4444 {
4545 // Decrypt our user info.
46- $ userInfodecrypt ($ this extractAuthenticationToken ($ request
46+ $ userInfo$ this extractUserInfo (
47+ $ this extractAuthenticationToken ($ request
48+ );
4749
4850 $ this events ->dispatch (new WebPushSubscribed ($ version$ deviceToken$ websitePushId$ userInfo
4951
@@ -64,14 +66,43 @@ public function store($version, $deviceToken, $websitePushId, Request $request)
6466 public function destroy ($ version$ deviceToken$ websitePushIdRequest $ request
6567 {
6668 // Decrypt our user info.
67- $ userInfodecrypt ($ this extractAuthenticationToken ($ request
69+ $ userInfo$ this extractUserInfo (
70+ $ this extractAuthenticationToken ($ request
71+ );
6872
6973 $ this events ->dispatch (new WebPushUnsubscribed ($ version$ deviceToken$ websitePushId$ userInfo
7074
7175 // Return with an empty OK response.
7276 return response ('' );
7377 }
7478
79+ /**
80+ * Extract the user information from auth token.
81+ *
82+ * @param string $authenticationToken
83+ * @return array
84+ */
85+ private function extractUserInfo (string $ authenticationTokenarray
86+ {
87+ try {
88+ $ userInfojson_decode (
89+ decrypt ($ authenticationToken
90+ true /* extract as assoc array */
91+ );
92+
93+ if ($ userInfonull ) {
94+ throw new Exception ('UserInfo is not in a valid JSON format. ' );
95+ }
96+
97+ // Return successful decoded user info.
98+ return $ userInfo
99+ } catch (Exception $ exc
100+ // Return the plain auth token in error case. This could be, because
101+ // the user decided to handle the token resolver by himself.
102+ return $ authenticationToken
103+ }
104+ }
105+
75106 /**
76107 * Extract the authentication header token.
77108 *
0 commit comments