1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace AdvancedLearning\Oauth2Server\Middleware; |
4
|
|
|
|
5
|
|
|
use AdvancedLearning\Oauth2Server\Repositories\AccessTokenRepository; |
6
|
|
|
use GuzzleHttp\Psr7\Response; |
7
|
|
|
use League\OAuth2\Server\Exception\OAuthServerException; |
8
|
|
|
use League\OAuth2\Server\ResourceServer; |
9
|
|
|
use Robbie\Psr7\HttpRequestAdapter; |
10
|
|
|
use Robbie\Psr7\HttpResponseAdapter; |
11
|
|
|
use SilverStripe\Control\HTTPRequest; |
12
|
|
|
use SilverStripe\Control\HTTPResponse; |
13
|
|
|
use SilverStripe\Control\HTTPResponse_Exception; |
14
|
|
|
use SilverStripe\Control\Middleware\HTTPMiddleware; |
15
|
|
|
use SilverStripe\Core\Application; |
16
|
|
|
use SilverStripe\Core\Environment; |
17
|
|
|
|
18
|
|
|
/** |
19
|
|
|
* Class ResourceServerMiddleware. |
20
|
|
|
* |
21
|
|
|
* Replacement for @see \League\OAuth2\Server\Middleware\ResourceServerMiddleware |
22
|
|
|
* to make it compatible with SilverStripe. |
23
|
|
|
* |
24
|
|
|
* @package AdvancedLearning\Oauth2Server\Middleware |
25
|
|
|
*/ |
26
|
|
|
class ResourceServerMiddleware implements HTTPMiddleware |
27
|
|
|
{ |
28
|
|
|
/** |
29
|
|
|
* @var Application |
30
|
|
|
*/ |
31
|
|
|
protected $application = null; |
32
|
|
|
|
33
|
|
|
/** |
34
|
|
|
* @var ResourceServer |
35
|
|
|
*/ |
36
|
|
|
protected $server; |
37
|
|
|
|
38
|
|
|
/** |
39
|
|
|
* Build error control chain for an application |
40
|
|
|
* |
41
|
|
|
* @param Application $application The SilverStripe Application. |
42
|
|
|
* @param ResourceServer $server Optional ResourceServer to be used in replace of the default. |
43
|
|
|
*/ |
44
|
|
|
public function __construct(Application $application, ResourceServer $server = null) |
45
|
|
|
{ |
46
|
|
|
$this->application = $application; |
47
|
|
|
$this->server = $server; |
48
|
|
|
} |
49
|
|
|
|
50
|
|
|
/** |
51
|
|
|
* Process the middleware. |
52
|
|
|
* |
53
|
|
|
* @param HTTPRequest $request The incoming request. |
54
|
|
|
* @param callable $next The next middleware. |
55
|
|
|
* |
56
|
|
|
* @return HTTPResponse |
57
|
|
|
*/ |
58
|
|
|
public function process(HTTPRequest $request, callable $next) |
59
|
|
|
{ |
60
|
|
|
$requestAdapter = new HttpRequestAdapter(); |
61
|
|
|
$responseAdapter = new HttpResponseAdapter(); |
62
|
|
|
|
63
|
|
|
$server = $this->getServer(); |
64
|
|
|
$psrRequest = $requestAdapter->toPsr7($request); |
65
|
|
|
$psrResponse = new Response(); |
66
|
|
|
|
67
|
|
|
try { |
68
|
|
|
$psrRequest = $server->validateAuthenticatedRequest($psrRequest); |
69
|
|
|
} catch (OAuthServerException $exception) { |
70
|
|
|
return $responseAdapter->fromPsr7($exception->generateHttpResponse($psrResponse)); |
|
|
|
|
71
|
|
|
// @codeCoverageIgnoreStart |
72
|
|
|
} catch (\Exception $exception) { |
73
|
|
|
return $responseAdapter->fromPsr7((new OAuthServerException($exception->getMessage(), 0, 'unknown_error', 500)) |
|
|
|
|
74
|
|
|
->generateHttpResponse($psrResponse)); |
75
|
|
|
// @codeCoverageIgnoreEnd |
76
|
|
|
} |
77
|
|
|
|
78
|
|
|
// Pass the request on to the next responder in the chain |
79
|
|
|
return $next($requestAdapter->fromPsr7($psrRequest)); |
80
|
|
|
} |
81
|
|
|
|
82
|
|
|
/** |
83
|
|
|
* Get the Oauth2 server to handle authentication. |
84
|
|
|
* |
85
|
|
|
* @return \League\OAuth2\Server\ResourceServer |
86
|
|
|
*/ |
87
|
|
|
protected function getServer() |
88
|
|
|
{ |
89
|
|
|
if (!empty($this->server)) { |
90
|
|
|
return $this->server; |
91
|
|
|
} |
92
|
|
|
|
93
|
|
|
// Init our repositories |
94
|
|
|
$accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface |
95
|
|
|
|
96
|
|
|
// Path to authorization server's public key |
97
|
|
|
$publicKeyPath = Environment::getEnv('OAUTH_PUBLIC_KEY_PATH'); |
98
|
|
|
|
99
|
|
|
// Setup the authorization server |
100
|
|
|
$server = new \League\OAuth2\Server\ResourceServer( |
101
|
|
|
$accessTokenRepository, |
102
|
|
|
$publicKeyPath |
103
|
|
|
); |
104
|
|
|
|
105
|
|
|
return $this->server = $server; |
106
|
|
|
} |
107
|
|
|
} |
108
|
|
|
|