Php-Template/src/Attributes/Guards/Jwt.php

<?php

declare(strict_types=1);

namespace Siteworxpro\App\Attributes\Guards;

use Attribute;
use Siteworxpro\App\Services\Facades\Config;

/**
 * Attribute to guard classes or methods with JWT claim requirements.
 *
 * Apply this attribute to a class or method to declare the expected JWT issuer and/or audience.
 * If either the issuer or audience is an empty string, the value will be resolved from configuration:
 * - `jwt.issuer`
 * - `jwt.audience`
 *
 * Targets: class or method.
 */
#[Attribute(Attribute::TARGET_CLASS | Attribute::TARGET_METHOD)]
readonly class Jwt
{
    /**
     * Initialize the Jwt attribute with optional overrides for expected JWT claims.
     *
     * @param string $issuer   Optional expected JWT issuer (`iss`). Empty string uses `Config::get('jwt.issuer')`.
     * @param string $audience Optional expected JWT audience (`aud`). Empty string uses `Config::get('jwt.audience')`.
     */
    public function __construct(
        private string $issuer = '',
        private string $audience = '',
    ) {
    }

    /**
     * Get the expected audience for validation.
     *
     * Returns the constructor-provided audience when non-empty; otherwise falls back to `jwt.audience` config.
     *
     * @return string The audience value to enforce.
     */
    public function getAudience(): string
    {
        if ($this->audience === '') {
            return Config::get('jwt.audience') ?? '';
        }

        return $this->audience;
    }

    /**
     * Get the expected issuer for validation.
     *
     * Returns the constructor-provided issuer when non-empty; otherwise falls back to `jwt.issuer` config.
     *
     * @return string The issuer value to enforce.
     */
    public function getIssuer(): string
    {
        if ($this->issuer === '') {
            return Config::get('jwt.issuer') ?? '';
        }

        return $this->issuer;
    }
}