/**
* {@inheritdoc}
*/
public function check(OAuth2Token $token, OAuth2 $configuration)
{
if (null === $configuration->getScope()) {
return;
}
// If the scope of the access token are not sufficient, then returns an authentication error
$tokenScope = $this->getScopeManager()->convertToScope($token->getAccessToken()->getScope());
$requiredScope = $this->getScopeManager()->convertToScope($configuration->getScope());
if (!$this->getScopeManager()->checkScopes($requiredScope, $tokenScope)) {
return 'Insufficient scope';
}
}
/**
* {@inheritdoc}
*/
public function check(OAuth2Token $token, OAuth2 $configuration)
{
if (null === $configuration->getScope()) {
return;
}
$language = $this->getExpressionLanguage();
$result = $language->evaluate($configuration->getScope(), ['scope' => $token->getAccessToken()->getScope()]);
// If the scope of the access token does not fulfill the scope rule, then returns an authentication error
if (false === $result) {
return sprintf('Insufficient scope. The scope rule is: %s', $configuration->getScope());
}
}
