|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types=1); |
|
4
|
|
|
|
|
5
|
|
|
/* |
|
6
|
|
|
* The MIT License (MIT) |
|
7
|
|
|
* |
|
8
|
|
|
* Copyright (c) 2014-2017 Spomky-Labs |
|
9
|
|
|
* |
|
10
|
|
|
* This software may be modified and distributed under the terms |
|
11
|
|
|
* of the MIT license. See the LICENSE file for details. |
|
12
|
|
|
*/ |
|
13
|
|
|
|
|
14
|
|
|
namespace OAuth2Framework\Component\Server\Middleware; |
|
15
|
|
|
|
|
16
|
|
|
use Interop\Http\Server\RequestHandlerInterface; |
|
17
|
|
|
use Interop\Http\Server\MiddlewareInterface; |
|
18
|
|
|
use OAuth2Framework\Component\Server\Model\Client\ClientRepositoryInterface; |
|
19
|
|
|
use OAuth2Framework\Component\Server\Response\OAuth2Exception; |
|
20
|
|
|
use OAuth2Framework\Component\Server\Response\OAuth2ResponseFactoryManager; |
|
21
|
|
|
use OAuth2Framework\Component\Server\TokenEndpointAuthMethod\TokenEndpointAuthMethodManager; |
|
22
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
|
23
|
|
|
|
|
24
|
|
|
final class ClientAuthenticationMiddleware implements MiddlewareInterface |
|
25
|
|
|
{ |
|
26
|
|
|
/** |
|
27
|
|
|
* @var TokenEndpointAuthMethodManager |
|
28
|
|
|
*/ |
|
29
|
|
|
private $tokenEndpointAuthMethodManager; |
|
30
|
|
|
|
|
31
|
|
|
/** |
|
32
|
|
|
* @var bool |
|
33
|
|
|
*/ |
|
34
|
|
|
private $authenticationRequired; |
|
35
|
|
|
|
|
36
|
|
|
/** |
|
37
|
|
|
* @var ClientRepositoryInterface |
|
38
|
|
|
*/ |
|
39
|
|
|
private $clientRepository; |
|
40
|
|
|
|
|
41
|
|
|
/** |
|
42
|
|
|
* ClientAuthenticationMiddleware constructor. |
|
43
|
|
|
* |
|
44
|
|
|
* @param ClientRepositoryInterface $clientRepository |
|
45
|
|
|
* @param TokenEndpointAuthMethodManager $tokenEndpointAuthMethodManager |
|
46
|
|
|
* @param bool $authenticationRequired |
|
47
|
|
|
*/ |
|
48
|
|
|
public function __construct(ClientRepositoryInterface $clientRepository, TokenEndpointAuthMethodManager $tokenEndpointAuthMethodManager, bool $authenticationRequired) |
|
|
|
|
|
|
49
|
|
|
{ |
|
50
|
|
|
$this->clientRepository = $clientRepository; |
|
51
|
|
|
$this->tokenEndpointAuthMethodManager = $tokenEndpointAuthMethodManager; |
|
52
|
|
|
$this->authenticationRequired = $authenticationRequired; |
|
53
|
|
|
} |
|
54
|
|
|
|
|
55
|
|
|
/** |
|
56
|
|
|
* {@inheritdoc} |
|
57
|
|
|
*/ |
|
58
|
|
|
public function process(ServerRequestInterface $request, RequestHandlerInterface $requestHandler) |
|
59
|
|
|
{ |
|
60
|
|
|
$clientId = $this->tokenEndpointAuthMethodManager->findClientInformationInTheRequest($request, $authentication_method, $client_credentials); |
|
61
|
|
|
$client = null; |
|
62
|
|
|
if (null !== $clientId) { |
|
63
|
|
|
$client = $this->clientRepository->find($clientId); |
|
64
|
|
|
} |
|
65
|
|
|
if (null !== $client && false === $this->tokenEndpointAuthMethodManager->isClientAuthenticated($request, $client, $authentication_method, $client_credentials)) { |
|
|
|
|
|
|
66
|
|
|
$client = null; |
|
67
|
|
|
} |
|
68
|
|
|
if (true === $this->authenticationRequired && null === $client) { |
|
69
|
|
|
throw new OAuth2Exception( |
|
70
|
|
|
401, |
|
71
|
|
|
[ |
|
72
|
|
|
'error' => OAuth2ResponseFactoryManager::ERROR_INVALID_CLIENT, |
|
73
|
|
|
'error_description' => 'Client authentication failed.', |
|
74
|
|
|
] |
|
75
|
|
|
); |
|
76
|
|
|
} |
|
77
|
|
|
if (null !== $client) { |
|
78
|
|
|
$request = $request->withAttribute('client', $client); |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
return $requestHandler->handle($request); |
|
82
|
|
|
} |
|
83
|
|
|
} |
|
84
|
|
|
|
OAuth2-Framework /
oauth2-framework
Loading history...
Very long variable names usually make code harder to read. It is therefore recommended not to make variable names too verbose.