Qiang Xue
11 years ago
6 changed files with 236 additions and 68 deletions
@ -0,0 +1,41 @@
|
||||
<?php |
||||
/** |
||||
* @link http://www.yiiframework.com/ |
||||
* @copyright Copyright (c) 2008 Yii Software LLC |
||||
* @license http://www.yiiframework.com/license/ |
||||
*/ |
||||
|
||||
namespace yii\rest; |
||||
|
||||
use yii\web\User; |
||||
use yii\web\Request; |
||||
use yii\web\Response; |
||||
use yii\web\IdentityInterface; |
||||
use yii\web\UnauthorizedHttpException; |
||||
|
||||
/** |
||||
* AuthInterface is the interface required by classes than support user authentication. |
||||
* |
||||
* @author Qiang Xue <qiang.xue@gmail.com> |
||||
* @since 2.0 |
||||
*/ |
||||
interface AuthInterface |
||||
{ |
||||
/** |
||||
* Authenticates the current user. |
||||
* |
||||
* @param User $user |
||||
* @param Request $request |
||||
* @param Response $response |
||||
* @return IdentityInterface the authenticated user identity. If authentication information is not provided, null will be returned. |
||||
* @throws UnauthorizedHttpException if authentication information is provided but is invalid. |
||||
*/ |
||||
public function authenticate($user, $request, $response); |
||||
/** |
||||
* Handles authentication failure. |
||||
* The implementation should normally throw UnauthorizedHttpException to indicate authentication failure. |
||||
* @param Response $response |
||||
* @throws UnauthorizedHttpException |
||||
*/ |
||||
public function handleFailure($response); |
||||
} |
@ -0,0 +1,50 @@
|
||||
<?php |
||||
/** |
||||
* @link http://www.yiiframework.com/ |
||||
* @copyright Copyright (c) 2008 Yii Software LLC |
||||
* @license http://www.yiiframework.com/license/ |
||||
*/ |
||||
|
||||
namespace yii\rest; |
||||
|
||||
use Yii; |
||||
use yii\base\Component; |
||||
use yii\web\UnauthorizedHttpException; |
||||
|
||||
/** |
||||
* HttpBasicAuth implements the HTTP Basic authentication method. |
||||
* |
||||
* @author Qiang Xue <qiang.xue@gmail.com> |
||||
* @since 2.0 |
||||
*/ |
||||
class HttpBasicAuth extends Component implements AuthInterface |
||||
{ |
||||
/** |
||||
* @var string the HTTP authentication realm |
||||
*/ |
||||
public $realm = 'api'; |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function authenticate($user, $request, $response) |
||||
{ |
||||
if (($accessToken = $request->getAuthUser()) !== null) { |
||||
$identity = $user->loginByAccessToken($accessToken); |
||||
if ($identity !== null) { |
||||
return $identity; |
||||
} |
||||
$this->handleFailure($response); |
||||
} |
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function handleFailure($response) |
||||
{ |
||||
$response->getHeaders()->set('WWW-Authenticate', "Basic realm=\"{$this->realm}\""); |
||||
throw new UnauthorizedHttpException('You are requesting with an invalid access token.'); |
||||
} |
||||
} |
@ -0,0 +1,52 @@
|
||||
<?php |
||||
/** |
||||
* @link http://www.yiiframework.com/ |
||||
* @copyright Copyright (c) 2008 Yii Software LLC |
||||
* @license http://www.yiiframework.com/license/ |
||||
*/ |
||||
|
||||
namespace yii\rest; |
||||
|
||||
use Yii; |
||||
use yii\base\Component; |
||||
use yii\web\UnauthorizedHttpException; |
||||
|
||||
/** |
||||
* HttpBearerAuth implements the authentication method based on HTTP Bearer token. |
||||
* |
||||
* @author Qiang Xue <qiang.xue@gmail.com> |
||||
* @since 2.0 |
||||
*/ |
||||
class HttpBearerAuth extends Component implements AuthInterface |
||||
{ |
||||
/** |
||||
* @var string the HTTP authentication realm |
||||
*/ |
||||
public $realm = 'api'; |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function authenticate($user, $request, $response) |
||||
{ |
||||
$authHeader = $request->getHeaders()->get('Authorization'); |
||||
if ($authHeader !== null && preg_match("/^Bearer\\s+(.*?)$/", $authHeader, $matches)) { |
||||
$identity = $user->loginByAccessToken($matches[1]); |
||||
if ($identity !== null) { |
||||
return $identity; |
||||
} |
||||
|
||||
$this->handleFailure($response); |
||||
} |
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function handleFailure($response) |
||||
{ |
||||
$response->getHeaders()->set('WWW-Authenticate', "Basic realm=\"{$this->realm}\""); |
||||
throw new UnauthorizedHttpException('You are requesting with an invalid access token.'); |
||||
} |
||||
} |
@ -0,0 +1,52 @@
|
||||
<?php |
||||
/** |
||||
* @link http://www.yiiframework.com/ |
||||
* @copyright Copyright (c) 2008 Yii Software LLC |
||||
* @license http://www.yiiframework.com/license/ |
||||
*/ |
||||
|
||||
namespace yii\rest; |
||||
|
||||
use Yii; |
||||
use yii\base\Component; |
||||
use yii\web\UnauthorizedHttpException; |
||||
|
||||
/** |
||||
* QueryParamAuth implements the authentication method based on the access token passed through a query parameter. |
||||
* |
||||
* @author Qiang Xue <qiang.xue@gmail.com> |
||||
* @since 2.0 |
||||
*/ |
||||
class QueryParamAuth extends Component implements AuthInterface |
||||
{ |
||||
/** |
||||
* @var string the parameter name for passing the access token |
||||
*/ |
||||
public $tokenParam = 'access-token'; |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function authenticate($user, $request, $response) |
||||
{ |
||||
$accessToken = $request->get($this->tokenParam); |
||||
if (is_string($accessToken)) { |
||||
$identity = $user->loginByAccessToken($accessToken); |
||||
if ($identity !== null) { |
||||
return $identity; |
||||
} |
||||
} |
||||
if ($accessToken !== null) { |
||||
$this->handleFailure($response); |
||||
} |
||||
return null; |
||||
} |
||||
|
||||
/** |
||||
* @inheritdoc |
||||
*/ |
||||
public function handleFailure($response) |
||||
{ |
||||
throw new UnauthorizedHttpException('You are requesting with an invalid access token.'); |
||||
} |
||||
} |
Loading…
Reference in new issue