Revoke JWT JTIs when modifying a subuser's permissions

2020-11-03 21:01:15 -08:00 · 2020-11-03 21:01:15 -08:00 · 009f9c297d
commit 009f9c297d
parent c4df534722
3 changed files with 69 additions and 13 deletions
--- a/app/Repositories/Wings/DaemonServerRepository.php
+++ b/app/Repositories/Wings/DaemonServerRepository.php
@ -126,11 +126,10 @@ class DaemonServerRepository extends DaemonRepository
    }

    /**
-     * Requests the daemon to create a full archive of the server.
-     * Once the daemon is finished they will send a POST request to
-     * "/api/remote/servers/{uuid}/archive" with a boolean.
+     * Requests the daemon to create a full archive of the server. Once the daemon is finished
+     * they will send a POST request to "/api/remote/servers/{uuid}/archive" with a boolean.
     *
-     * @throws DaemonConnectionException
+     * @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
     */
    public function requestArchive(): void
    {
@ -144,4 +143,25 @@ class DaemonServerRepository extends DaemonRepository
            throw new DaemonConnectionException($exception);
        }
    }
+
+    /**
+     * Revokes an array of JWT JTI's by marking any token generated before the current time on
+     * the Wings instance as being invalid.
+     *
+     * @param array $jtis
+     * @throws \Pterodactyl\Exceptions\Http\Connection\DaemonConnectionException
+     */
+    public function revokeJTIs(array $jtis): void
+    {
+        Assert::isInstanceOf($this->server, Server::class);
+
+        try {
+            $this->getHttpClient()
+                ->post(sprintf('/api/servers/%s/ws/deny', $this->server->uuid), [
+                    'json' => ['jtis' => $jtis],
+                ]);
+        } catch (TransferException $exception) {
+            throw new DaemonConnectionException($exception);
+        }
+    }
 }