You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
53 lines
1.3 KiB
53 lines
1.3 KiB
<?php |
|
/** |
|
* @link http://www.yiiframework.com/ |
|
* @copyright Copyright (c) 2008 Yii Software LLC |
|
* @license http://www.yiiframework.com/license/ |
|
*/ |
|
|
|
namespace yii\rest; |
|
|
|
use Yii; |
|
use yii\base\Component; |
|
use yii\web\UnauthorizedHttpException; |
|
|
|
/** |
|
* HttpBearerAuth implements the authentication method based on HTTP Bearer token. |
|
* |
|
* @author Qiang Xue <qiang.xue@gmail.com> |
|
* @since 2.0 |
|
*/ |
|
class HttpBearerAuth extends Component implements AuthInterface |
|
{ |
|
/** |
|
* @var string the HTTP authentication realm |
|
*/ |
|
public $realm = 'api'; |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
public function authenticate($user, $request, $response) |
|
{ |
|
$authHeader = $request->getHeaders()->get('Authorization'); |
|
if ($authHeader !== null && preg_match("/^Bearer\\s+(.*?)$/", $authHeader, $matches)) { |
|
$identity = $user->loginByAccessToken($matches[1]); |
|
if ($identity !== null) { |
|
return $identity; |
|
} |
|
|
|
$this->handleFailure($response); |
|
} |
|
|
|
return null; |
|
} |
|
|
|
/** |
|
* @inheritdoc |
|
*/ |
|
public function handleFailure($response) |
|
{ |
|
$response->getHeaders()->set('WWW-Authenticate', "Bearer realm=\"{$this->realm}\""); |
|
throw new UnauthorizedHttpException('You are requesting with an invalid access token.'); |
|
} |
|
}
|
|
|