/** * Execute this middleware. * * @param ServerRequestInterface $request The PSR7 request. * @param ResponseInterface $response The PSR7 response. * @param callable $next The Next middleware. * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $oauth2Request = RequestBridge::toOAuth2($request); foreach ($this->scopes as $scope) { if ($this->server->verifyResourceRequest($oauth2Request, null, $scope)) { $this->container['token'] = $this->server->getResourceController()->getToken(); return $next($request, $response); } } return ResponseBridge::fromOAuth2($this->server->getResponse()); }
/** * Verify request contains valid access token. * * @param array $scopes Scopes required for authorization. $scopes can be given as an array of arrays. OR logic will * use with each grouping. Example: Given ['superUser', ['basicUser', 'aPermission']], the * request will be verified if the request token has 'superUser' scope OR 'basicUser' and * 'aPermission' as its scope * * @return void */ public function call(array $scopes = [null]) { if (!$this->verify($scopes)) { MessageBridge::mapResponse($this->server->getResponse(), $this->app->response()); $this->app->stop(); } //@codeCoverageIgnore since stop() throws $this->app->token = $this->server->getResourceController()->getToken(); if ($this->next !== null) { $this->next->call(); } }
public function testUsingJustJwtAccessTokenStorageWithResourceControllerIsOkay() { $pubkey = $this->getMock('OAuth2\\Storage\\PublicKeyInterface'); $server = new Server(array($pubkey), array('use_jwt_access_tokens' => true)); $this->assertNotNull($server->getResourceController()); $this->assertInstanceOf('OAuth2\\Storage\\PublicKeyInterface', $server->getStorage('public_key')); }
public function testGetResourceControllerWithAccessTokenStorage() { $server = new Server(); $server->addStorage($this->getMock('OAuth2\\Storage\\AccessTokenInterface')); $server->getResourceController(); }