|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* @link http://www.yiiframework.com/
|
|
|
|
* @copyright Copyright (c) 2008 Yii Software LLC
|
|
|
|
* @license http://www.yiiframework.com/license/
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace yii\rest;
|
|
|
|
|
|
|
|
use Yii;
|
|
|
|
use yii\base\Component;
|
|
|
|
use yii\web\UnauthorizedHttpException;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* HttpBearerAuth implements the authentication method based on HTTP Bearer token.
|
|
|
|
*
|
|
|
|
* @author Qiang Xue <qiang.xue@gmail.com>
|
|
|
|
* @since 2.0
|
|
|
|
*/
|
|
|
|
class HttpBearerAuth extends Component implements AuthInterface
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* @var string the HTTP authentication realm
|
|
|
|
*/
|
|
|
|
public $realm = 'api';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function authenticate($user, $request, $response)
|
|
|
|
{
|
|
|
|
$authHeader = $request->getHeaders()->get('Authorization');
|
|
|
|
if ($authHeader !== null && preg_match("/^Bearer\\s+(.*?)$/", $authHeader, $matches)) {
|
|
|
|
$identity = $user->loginByAccessToken($matches[1]);
|
|
|
|
if ($identity !== null) {
|
|
|
|
return $identity;
|
|
|
|
}
|
|
|
|
|
|
|
|
$this->handleFailure($response);
|
|
|
|
}
|
|
|
|
|
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function handleFailure($response)
|
|
|
|
{
|
|
|
|
$response->getHeaders()->set('WWW-Authenticate', "Bearer realm=\"{$this->realm}\"");
|
|
|
|
throw new UnauthorizedHttpException('You are requesting with an invalid access token.');
|
|
|
|
}
|
|
|
|
}
|