Ejemplo n.º 1
0
 /**
  * Execute the Api Resource operation.
  *
  * @return  mixed  RApi object with information on success, boolean false on failure.
  *
  * @since   1.2
  */
 public function apiResource()
 {
     $scopeToCheck = $this->options->get('scope', '');
     $scopes = array();
     if (is_array($scopeToCheck) && count($scopeToCheck) > 0) {
         $scopes = $scopeToCheck;
         $scopeToCheck = null;
     }
     // Handle a request for an OAuth2.0 Access Token and send the response to the client
     if (!$this->server->verifyResourceRequest(OAuth2\Request::createFromGlobals(), null, $scopeToCheck)) {
         $this->response = $this->server->getResponse();
         return $this;
     }
     $token = $this->server->getResourceController()->getToken();
     if (!empty($scopes)) {
         $requestValid = false;
         // Check all scopes
         foreach ($scopes as $scope) {
             if (!empty($scope) && !empty($token["scope"]) && $this->server->getScopeUtil()->checkScope($scope, $token['scope'])) {
                 $requestValid = true;
                 break;
             }
         }
         if (!$requestValid) {
             $this->response = $this->server->getResponse();
             $this->response->setError(403, 'insufficient_scope', JText::_('LIB_REDCORE_API_OAUTH2_SERVER_INSUFFICIENT_SCOPE'));
             $this->response->addHttpHeaders(array('WWW-Authenticate' => sprintf('%s realm="%s", scope="%s", error="%s", error_description="%s"', $this->server->getTokenType()->getTokenType(), $this->serverConfig['www_realm'], implode(', ', $scopes), $this->response->getParameter('error'), $this->response->getParameter('error_description'))));
             return $this;
         }
     }
     $this->response = json_encode(array('success' => true, 'user_id' => $token['user_id'], 'message' => JText::_('LIB_REDCORE_API_OAUTH2_SERVER_ACCESS_SUCCESS')));
     return $this;
 }