/**
* Auth Action: GET, 主认证方法.
*
* @return mixed.
*/
public function actionMain()
{
$auth = function () {
header('WWW-Authenticate: Basic realm="LYAPI"');
header('HTTP/1.0 401 Unauthorized');
exit;
};
if (!isset($_SERVER['PHP_AUTH_USER'])) {
$auth();
exit;
} else {
$aUser = trim($_SERVER['PHP_AUTH_USER']);
$aPass = trim($_SERVER['PHP_AUTH_PW']);
$curIp = $_SERVER['REMOTE_ADDR'];
$curUserAgent = $_SERVER['HTTP_USER_AGENT'];
if (!$aUser) {
$auth();
exit;
}
$OauthRpc = RpcClient_STD_Oauth::Instance();
$OauthClient = $OauthRpc->getClient($aUser);
if (!$OauthClient || !isset($OauthClient['data']['secret_key']) || $OauthClient['data']['secret_key'] !== $aPass) {
$auth();
exit;
}
$created = time();
$secretKey = $OauthClient['data']['secret_key'];
$accessToken = $this->buildToken(array($curIp, $curUserAgent, $secretKey, $created));
$refreshToken = $this->buildToken(array($curIp, $curUserAgent, $secretKey, $created), 'refresh');
$OauthRpc->setAccessToken($OauthClient['data']['oauth_clients_id'], $accessToken, $refreshToken, $curIp, $created);
$this->render(array('access_token' => $accessToken), 200, 'ok');
}
}
/**
* Token 验证.
*
* @param string $token Token认证字符串.
*
* @return $this->response.
*/
public function Authentication($token)
{
if ($token) {
$OauthRpc = RpcClient_STD_Oauth::Instance();
$accessData = $OauthRpc->getAccessToken($token);
if (!$accessData) {
return $this->response;
}
$accessData = $accessData['data'];
// 检测过期与否
if ($accessData['created'] + $accessData['expires_in'] < time()) {
$this->response['status'] = 403;
$this->response['mesg'] = '已过期';
return $this->response;
}
$this->response['status'] = 200;
$this->response['mesg'] = '';
}
return $this->response;
}
