add expires_in and issued_at to response

Author: pbergman

example.php

@@ -12,7 +12,8 @@
     'prop.issuer'       => 'auth.docker.com',
 ));
 $app->on($app::REGISTRY_REQUEST_EVENT, function(DockerToken\Event\TokenRequestEvent $event){
-    if ($event->getParameters()->getAuthUsername() !== 'foo' || $event->getParameters()->getAuthUsername() !== 'bar')
-    throw new \DockerToken\Exception\InvalidAccessException();
+    if ($event->getParameters()->getAuthUsername() !== 'foo' || $event->getParameters()->getAuthUsername() !== 'bar') {
+        throw new \DockerToken\Exception\InvalidAccessException();
+    }
 });
 $app->run();

src/DockerToken/Application.php

@@ -71,7 +71,7 @@ protected function configureRoute()
                         );
                     }
                 }
-
+                // as described on https://docs.docker.com/registry/spec/auth/token/
                 return $this->json(
                     [
                         'token' =>  JWT::encode(
@@ -80,6 +80,8 @@ protected function configureRoute()
                             'RS256',
                             $this->getKid()
                         ),
+                        'expires_in' => $token->getExpiresIn(),
+                        'issued_at'  => $token->getIssuedAt(),
                     ],
                     Response::HTTP_OK
                 );
@@ -91,7 +93,8 @@ protected function configureRoute()
                 );
             } catch (\Exception $e) {
                 $this['logger']->error(
-                    sprintf('Exception thrown: %s @ %s(%s),', $e->getMessage(), $e->getFile(), $e->getLine()));
+                    sprintf('Exception thrown: %s @ %s(%s),', $e->getMessage(), $e->getFile(), $e->getLine())
+                );
                 return new Response($e->getMessage(), Response::HTTP_INTERNAL_SERVER_ERROR);
             }
         });
@@ -141,7 +144,12 @@ protected function initializeLogger()
         }
      }
 
-
+    /**
+     * @return \Psr\Log\LoggerInterface
+     */
+    public function getLogger(){
+        return $this['logger'];
+    }
 
     /**
      * Create a kid from the public that the registry will

src/DockerToken/WebToken/ClaimSet.php

@@ -33,14 +33,35 @@ public function __construct($audience = null, $subject = null, $issuer = null)
             "iss"    => $issuer,
             "sub"    => $subject,
             "aud"    => $audience,
-            "exp"    => time() + (60 * 60),    // Expire in hour
-            "nbf"    => time() - (60 * 10),    // Not before 10 minutes ago
-            "iat"    => time(),                // issued time
+            "exp"    => time() + $this->getExpiresIn(), // Expire in hour
+            "nbf"    => time() - (60 * 10),             // Not before 10 minutes ago
+            "iat"    => time(),                         // issued time
             "jti"    => strtoupper(bin2hex(openssl_random_pseudo_bytes(16))),
             'access' => [],
         ], self::ARRAY_AS_PROPS);
     }
 
+    /**
+     * Get time for token to be valid
+     *
+     * @return int
+     */
+    public function getExpiresIn()
+    {
+        return (60 * 60); // One hour
+    }
+
+    /**
+     * @return string
+     */
+    public function getIssuedAt()
+    {
+        $it = new \DateTime("@" . $this["iat"]);
+        $it->setTimezone(new \DateTimeZone("UTC"));
+        return $it->format('Y-m-d\TH:i:s\Z');
+    }
+
+
     /**
      * @param Access $access
      */