PHP Server::getAccessTokenData方法代码示例

 /** @return null|mixed */
 protected function getIdentity()
 {
     $accessToken = $this->request->getQuery('access_token', $this->request->getPost('access_token'));
     if ($accessToken === null) {
         return null;
     }
     $oAuthRequest = OAuth2RequestFactory::create($this->request);
     $accessTokenData = $this->oauthServer->getAccessTokenData($oAuthRequest);
     return $this->identity = $this->identityStorageAdapter->findByUsername($accessTokenData['user_id']);
 }

 /**
  * {@inheritDoc}
  */
 public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
 {
     try {
         $oauth2request = Util::convertRequestFromPsr7($request);
         if (!$this->server->verifyResourceRequest($oauth2request)) {
             return Util::convertResponseToPsr7($this->server->getResponse(), $response);
         }
         $request = $request->withAttribute('access_token', $this->server->getAccessTokenData($oauth2request));
     } catch (\Exception $ex) {
         return new JsonResponse(['error' => $ex->getMessage(), 'error_description' => $ex->getMessage()], 500);
     }
     return $next($request, $response);
 }

 /**
  * {@inheritDoc}
  */
 public function authenticate(TokenInterface $token)
 {
     $oauthRequest = OAuthRequest::createFromRequest($token->request);
     // Not authenticated
     if (!$this->server->verifyResourceRequest($oauthRequest)) {
         throw new AuthenticationException('OAuth2 authentication failed');
     }
     $userData = $this->server->getAccessTokenData($oauthRequest);
     $user = $this->userProvider->findById($userData['user_id']);
     $roles = $this->roleFinder->findRoleNamesByUserId($user->getId());
     $user->setRoles($roles);
     $authenticatedToken = new OAuth2UserToken($roles);
     $authenticatedToken->setUser($user);
     $authenticatedToken->setAuthenticated(true);
     $authenticatedToken->setOAuthToken($token->getOAuthToken());
     return $authenticatedToken;
 }

 /**
  * Validates a request and takes a scope value that could result
  * in a user id being put into the request if it's valid.
  *
  * @param HttpFoundation\Request $request
  * @param string $scope
  * @return null|HttpFoundation\Response
  */
 public function validateRequest(HttpFoundation\Request $request, $scope)
 {
     $this->log->addDebug(print_r($request, true), ['namespace' => 'HackTheDinos\\Controllers\\OAuth', 'method' => 'validateRequest', 'type' => 'request', 'scope' => $scope]);
     $bridgeRequest = HttpFoundationBridge\Request::createFromRequest($request);
     if ($this->server->verifyResourceRequest($bridgeRequest, null, $scope)) {
         //Put the userId into the request if we're validating at the user scope
         if ($scope === 'user') {
             $token = $this->server->getAccessTokenData($bridgeRequest);
             $request->request->set('userId', $token['user_id']);
         } else {
             //Set the userId to 0 which should make any
             //searches relying on this being valid to fail.
             $request->request->set('userId', 0);
         }
         return null;
     }
     $this->log->addWarning('Failed to validate request', ['namespace' => 'HackTheDinos\\Controllers\\OAuth', 'method' => 'validateRequest', 'scope' => $scope]);
     return new HttpFoundation\Response('Not Authorized', 401);
 }

 public function resource($path)
 {
     // Handle a request for an OAuth2.0 Access Token and send the response to the client
     if (!$this->server->verifyResourceRequest(Request::createFromGlobals())) {
         $this->server->getResponse()->send();
         die;
     }
     $token = $this->server->getAccessTokenData(Request::createFromGlobals());
     $return = array();
     if (is_callable($this->resourceHandler)) {
         $return = call_user_func($this->resourceHandler, $path, $token['user_id']);
     }
     echo json_encode($return);
 }

 /**
  * Validates a request and takes a scope value that could result
  * in a user id being put into the request if it's valid. The
  * passThrough flag will allow the request to continue when it
  * would otherwise fail with a 401 response.
  *
  * @param HttpFoundation\Request $request
  * @param string $scope
  * @param bool $passThrough
  * @return null|HttpFoundation\Response
  */
 public function validateRequest(HttpFoundation\Request $request, $scope, $passThrough = false)
 {
     $this->log->addDebug(print_r($request, true), ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'type' => 'request', 'scope' => $scope]);
     $bridgeRequest = HttpFoundationBridge\Request::createFromRequest($request);
     if ($this->server->verifyResourceRequest($bridgeRequest, null, $scope)) {
         //Put the user into the request if we're validating at the user scope
         if ($scope === 'user') {
             $token = $this->server->getAccessTokenData($bridgeRequest);
             $request->request->set('user', $this->usersRepo->getById($token['user_id']));
         } else {
             //Set the user to null which should make any
             //searches relying on this being valid to fail.
             $request->request->set('user', null);
         }
         return null;
         //If the request shouldn't hard fail. This should only have a few specific use cases.
     } elseif ($passThrough) {
         $this->log->addInfo('OAuth Pass Through', ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'type' => 'request', 'scope' => $scope, 'passThrough' => true]);
         return null;
     }
     $this->log->addInfo('Failed to validate request', ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'scope' => $scope]);
     return new HttpFoundation\Response('Not Authorized', 401);
 }

 /**
  * Attempt to authenticate the current request.
  *
  * @param Request $request
  * @param Response $response
  * @param MvcAuthEvent $mvcAuthEvent
  * @return false|Identity\IdentityInterface False on failure, IdentityInterface
  *     otherwise
  */
 public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent)
 {
     $oauth2request = new OAuth2Request($request->getQuery()->toArray(), $request->getPost()->toArray(), [], $request->getCookie() ? $request->getCookie()->getArrayCopy() : [], $request->getFiles() ? $request->getFiles()->toArray() : [], method_exists($request, 'getServer') ? $request->getServer()->toArray() : $_SERVER, $request->getContent(), $request->getHeaders()->toArray());
     // Failure to validate
     if (!$this->oauth2Server->verifyResourceRequest($oauth2request)) {
         $oauth2Response = $this->oauth2Server->getResponse();
         $status = $oauth2Response->getStatusCode();
         // 401 or 403 mean invalid credentials or unauthorized scopes; report those.
         if (in_array($status, [401, 403], true) && null !== $oauth2Response->getParameter('error')) {
             return $this->mergeOAuth2Response($status, $response, $oauth2Response);
         }
         // Merge in any headers; typically sets a WWW-Authenticate header.
         $this->mergeOAuth2ResponseHeaders($response, $oauth2Response->getHttpHeaders());
         // Otherwise, no credentials were present at all, so we just return a guest identity.
         return new Identity\GuestIdentity();
     }
     $token = $this->oauth2Server->getAccessTokenData($oauth2request);
     $identity = new Identity\AuthenticatedIdentity($token);
     $identity->setName($token['user_id']);
     return $identity;
 }

    /**
     * Attempt to authenticate the current request.
     *
     * @param Request $request
     * @param Response $response
     * @param MvcAuthEvent $mvcAuthEvent
     * @return false|IdentityInterface False on failure, IdentityInterface
     *     otherwise
     */
    public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent)
    {
        $content       = $request->getContent();
        $oauth2request = new OAuth2Request(
            $_GET,
            $_POST,
            array(),
            $_COOKIE,
            $_FILES,
            $_SERVER,
            $content,
            $request->getHeaders()->toArray()
        );

        if (! $this->oauth2Server->verifyResourceRequest($oauth2request)) {
            return false;
        }

        $token    = $this->oauth2Server->getAccessTokenData($oauth2request);
        $identity = new Identity\AuthenticatedIdentity($token);
        $identity->setName($token['user_id']);
        return $identity;
    }

 /**
  * Listen to the authentication event
  *
  * @param MvcAuthEvent $mvcAuthEvent
  * @return mixed
  */
 public function __invoke(MvcAuthEvent $mvcAuthEvent)
 {
     $mvcEvent = $mvcAuthEvent->getMvcEvent();
     $request = $mvcEvent->getRequest();
     $response = $mvcEvent->getResponse();
     if (!$request instanceof HttpRequest || $request->isOptions()) {
         return;
     }
     $type = false;
     if ($this->httpAdapter instanceof HttpAuth) {
         $this->httpAdapter->setRequest($request);
         $this->httpAdapter->setResponse($response);
     }
     $authHeader = $request->getHeader('Authorization');
     if ($authHeader) {
         $headerContent = trim($authHeader->getFieldValue());
         // we only support headers in the format: Authorization: xxx yyyyy
         if (strpos($headerContent, ' ') === false) {
             $identity = new Identity\GuestIdentity();
             $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
             return $identity;
         }
         list($type, $credential) = preg_split('# #', $headerContent, 2);
     }
     if (!$type && !in_array($request->getMethod(), $this->requestsWithoutBodies) && $request->getHeaders()->has('Content-Type') && $request->getHeaders()->get('Content-Type')->match('application/x-www-form-urlencoded') && $request->getPost('access_token')) {
         $type = 'oauth2';
     }
     if (!$type && null !== $request->getQuery('access_token')) {
         $type = 'oauth2';
     }
     if (!$type) {
         if ($this->httpAdapter instanceof HttpAuth) {
             $this->httpAdapter->challengeClient();
         }
         $identity = new Identity\GuestIdentity();
         $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
         return $identity;
     }
     switch (strtolower($type)) {
         case 'basic':
         case 'digest':
             if (!$this->httpAdapter instanceof HttpAuth) {
                 $identity = new Identity\GuestIdentity();
                 $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
                 return $identity;
             }
             $auth = $mvcAuthEvent->getAuthenticationService();
             $result = $auth->authenticate($this->httpAdapter);
             $mvcAuthEvent->setAuthenticationResult($result);
             if ($result->isValid()) {
                 $resultIdentity = $result->getIdentity();
                 // Pass full discovered identity to AuthenticatedIdentity object
                 $identity = new Identity\AuthenticatedIdentity($resultIdentity);
                 // But determine name separately
                 $name = $resultIdentity;
                 if (is_array($resultIdentity)) {
                     $name = isset($resultIdentity['username']) ? $resultIdentity['username'] : (string) $resultIdentity;
                 }
                 $identity->setName($name);
                 // Set in MvcEvent
                 $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
                 return $identity;
             }
             $identity = new Identity\GuestIdentity();
             $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
             return $identity;
         case 'oauth2':
         case 'bearer':
             if (!$this->oauth2Server instanceof OAuth2Server) {
                 $identity = new Identity\GuestIdentity();
                 $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
                 return $identity;
             }
             $content = $request->getContent();
             $oauth2request = new OAuth2Request($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER, $content);
             if ($this->oauth2Server->verifyResourceRequest($oauth2request)) {
                 $token = $this->oauth2Server->getAccessTokenData($oauth2request);
                 $identity = new Identity\AuthenticatedIdentity($token);
                 $identity->setName($token['user_id']);
                 $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
                 return $identity;
             }
             $identity = new Identity\GuestIdentity();
             $mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
             return $identity;
         case 'token':
             throw new \Exception('zf-mvc-auth has not yet implemented a "token" authentication adapter');
     }
 }

 /**
  * @return array access token data
  */
 public function getAccessTokenData()
 {
     if ($this->_tokenData === null) {
         $this->_tokenData = $this->_server->getAccessTokenData($this->getRequest());
     }
     return $this->_tokenData;
 }

 public function getAccessToken(HttpRequest $httpRequest)
 {
     $oauthRequest = $this->buildRequest($httpRequest);
     return $this->server->getAccessTokenData($oauthRequest);
 }