public function extractToken(Request $request)
{
$tokenHeader = $request->headers('Authorization', false);
$rawTokenHeader = $request->rawHeaders('Authorization', false);
if ($tokenHeader && preg_match('/Bearer\\s*([^\\s]+)/', $tokenHeader, $matches)) {
$tokenHeader = $matches[1];
} elseif ($rawTokenHeader && preg_match('/Bearer\\s*([^\\s]+)/', $rawTokenHeader, $matches)) {
$tokenHeader = $matches[1];
} else {
$tokenHeader = false;
}
$tokenRequest = $request->post('access_token', false);
$tokenQuery = $request->get('access_token', false);
// At least one (and only one) of client credentials method required.
if (!$tokenHeader && !$tokenRequest && !$tokenQuery) {
throw new Exception('The request is missing a required parameter.', Resource::STATUS_BAD_REQUEST);
} elseif ($tokenHeader && $tokenRequest || $tokenRequest && $tokenQuery || $tokenQuery && $tokenHeader) {
throw new Exception('The request includes multiple credentials.', Resource::STATUS_BAD_REQUEST);
}
$accessToken = $tokenHeader ?: $tokenRequest ?: $tokenQuery;
try {
$tokenDocument = $this->fetchToken($accessToken);
} catch (\Exception $e) {
throw new Exception('Access token invalid.');
}
return $tokenDocument;
}
public function extractToken(Request $request)
{
$headers = $request->headers();
$rawHeaders = $request->rawHeaders();
if (isset($rawHeaders['Authorization'])) {
$header = $rawHeaders['Authorization'];
} elseif (isset($headers['Authorization'])) {
$header = $headers['Authorization'];
} else {
throw new Exception('Authorization header required.');
}
if (preg_match('/Basic\\s+(.*)$/i', $header, $matches)) {
list($authUser, $authPass) = explode(':', base64_decode($matches[1]));
} else {
throw new Exception('Authorization header invalid.');
}
if (isset($authUser) && isset($authPass)) {
try {
$token = $this->fetchToken($authUser, $authPass);
} catch (\Exception $e) {
throw new Exception('Authorization header invalid.');
}
}
return $token;
}
