These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace AdvancedLearning\Oauth2Server\Middleware; |
||
4 | |||
5 | use AdvancedLearning\Oauth2Server\Repositories\AccessTokenRepository; |
||
6 | use GuzzleHttp\Psr7\Response; |
||
7 | use League\OAuth2\Server\Exception\OAuthServerException; |
||
8 | use League\OAuth2\Server\ResourceServer; |
||
9 | use Robbie\Psr7\HttpRequestAdapter; |
||
10 | use Robbie\Psr7\HttpResponseAdapter; |
||
11 | use SilverStripe\Control\HTTPRequest; |
||
12 | use SilverStripe\Control\HTTPResponse; |
||
13 | use SilverStripe\Control\HTTPResponse_Exception; |
||
14 | use SilverStripe\Control\Middleware\HTTPMiddleware; |
||
15 | use SilverStripe\Core\Application; |
||
16 | use SilverStripe\Core\Environment; |
||
17 | |||
18 | /** |
||
19 | * Class ResourceServerMiddleware. |
||
20 | * |
||
21 | * Replacement for @see \League\OAuth2\Server\Middleware\ResourceServerMiddleware |
||
22 | * to make it compatible with SilverStripe. |
||
23 | * |
||
24 | * @package AdvancedLearning\Oauth2Server\Middleware |
||
25 | */ |
||
26 | class ResourceServerMiddleware implements HTTPMiddleware |
||
27 | { |
||
28 | /** |
||
29 | * @var Application |
||
30 | */ |
||
31 | protected $application = null; |
||
32 | |||
33 | /** |
||
34 | * @var ResourceServer |
||
35 | */ |
||
36 | protected $server; |
||
37 | |||
38 | /** |
||
39 | * Build error control chain for an application |
||
40 | * |
||
41 | * @param Application $application The SilverStripe Application. |
||
42 | * @param ResourceServer $server Optional ResourceServer to be used in replace of the default. |
||
43 | */ |
||
44 | public function __construct(Application $application, ResourceServer $server = null) |
||
45 | { |
||
46 | $this->application = $application; |
||
47 | $this->server = $server; |
||
48 | } |
||
49 | |||
50 | /** |
||
51 | * Process the middleware. |
||
52 | * |
||
53 | * @param HTTPRequest $request The incoming request. |
||
54 | * @param callable $next The next middleware. |
||
55 | * |
||
56 | * @return HTTPResponse |
||
57 | */ |
||
58 | public function process(HTTPRequest $request, callable $next) |
||
59 | { |
||
60 | $requestAdapter = new HttpRequestAdapter(); |
||
61 | $responseAdapter = new HttpResponseAdapter(); |
||
62 | |||
63 | $server = $this->getServer(); |
||
64 | $psrRequest = $requestAdapter->toPsr7($request); |
||
65 | $psrResponse = new Response(); |
||
66 | |||
67 | try { |
||
68 | $psrRequest = $server->validateAuthenticatedRequest($psrRequest); |
||
69 | } catch (OAuthServerException $exception) { |
||
70 | return $responseAdapter->fromPsr7($exception->generateHttpResponse($psrResponse)); |
||
0 ignored issues
–
show
Bug
Compatibility
introduced
by
Loading history...
|
|||
71 | // @codeCoverageIgnoreStart |
||
72 | } catch (\Exception $exception) { |
||
73 | return $responseAdapter->fromPsr7((new OAuthServerException($exception->getMessage(), 0, 'unknown_error', 500)) |
||
0 ignored issues
–
show
The expression
$responseAdapter->fromPs...esponse($psrResponse)); of type SilverStripe\Control\HTT...pe\Control\HTTPResponse adds the type SilverStripe\Control\HTTPRequest to the return on line 73 which is incompatible with the return type declared by the interface SilverStripe\Control\Mid...HTTPMiddleware::process of type SilverStripe\Control\HTTPResponse .
Loading history...
|
|||
74 | ->generateHttpResponse($psrResponse)); |
||
75 | // @codeCoverageIgnoreEnd |
||
76 | } |
||
77 | |||
78 | // Pass the request on to the next responder in the chain |
||
79 | return $next($requestAdapter->fromPsr7($psrRequest)); |
||
80 | } |
||
81 | |||
82 | /** |
||
83 | * Get the Oauth2 server to handle authentication. |
||
84 | * |
||
85 | * @return \League\OAuth2\Server\ResourceServer |
||
86 | */ |
||
87 | protected function getServer() |
||
88 | { |
||
89 | if (!empty($this->server)) { |
||
90 | return $this->server; |
||
91 | } |
||
92 | |||
93 | // Init our repositories |
||
94 | $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface |
||
95 | |||
96 | // Path to authorization server's public key |
||
97 | $publicKeyPath = Environment::getEnv('OAUTH_PUBLIC_KEY_PATH'); |
||
98 | |||
99 | // Setup the authorization server |
||
100 | $server = new \League\OAuth2\Server\ResourceServer( |
||
101 | $accessTokenRepository, |
||
102 | $publicKeyPath |
||
103 | ); |
||
104 | |||
105 | return $this->server = $server; |
||
106 | } |
||
107 | } |
||
108 |