/** * Return the Random Access Token. * The access method should be POST. * The POST body should include 'client_id', 'client_secret', 'grant_type', 'code' and 'redirect_uri' used before. * The 'grant_type' must be 'authorization_code'; * The 'client_id' and 'client_secret' are registered in developer's center. * @return array AccessToken array if above parameters are valid, or error No. and message. */ public function run() { GrantType::checkGrantType(Yii::$app->request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE); Client::checkClientSecret(Client::checkClientId(Yii::$app->request->post('client_id')), Yii::$app->request->post('client_secret')); AuthorizationCode::checkAuthorizationCode(Yii::$app->request->post('code'), Yii::$app->request->post('redirect_uri')); return AccessToken::createAccessToken(Yii::$app->request->post('client_id'), Yii::$app->request->post('code')); }
/** * Loads the number of allowed requests and the corresponding timestamp from a persistent storage. * @param \yii\web\Request $request the current request * @param \yii\base\Action $action the action to be executed * @return array an array of two elements. The first element is the number of allowed requests, * and the second element is the corresponding UNIX timestamp. */ public function loadAllowance($request, $action) { AccessToken::checkAccessToken($request->post('access_token')); Client::checkClientId($request->post('client_id')); $access_token = \common\models\OauthAccessToken::findOne(['client_id' => $request->post('client_id'), 'access_token' => $request->post('access_token')]); if (!$access_token) { return [0, time()]; } $endpoint = $action->controller->route; $api_ratelimiter = ApiRatelimiter::findOne(['client_id' => $request->post('client_id'), 'api_endpoint' => $endpoint, 'user_uuid' => $access_token->user_uuid]); if (!$api_ratelimiter) { $api_ratelimiter = new ApiRatelimiter(['client_id' => $request->post('client_id'), 'api_endpoint' => $endpoint, 'user_uuid' => $access_token->user_uuid, 'allowed_remaining' => $this->getRateLimit($request, $action)[0], 'last_timestamp' => time()]); } return [$api_ratelimiter->allowed_remaining, $api_ratelimiter->last_timestamp]; }
public static function checkAccessByClientIdAndAccessToken($client_id, $access_token) { Client::checkClientId($client_id); AccessToken::checkAccessToken($access_token); }
/** * Loads the number of allowed requests and the corresponding timestamp from a persistent storage. * @param Request $request the current request * @param Action $action the action to be executed * @return array an array of two elements. The first element is the number of allowed requests, * and the second element is the corresponding UNIX timestamp. */ public function loadAllowance($request, $action) { GrantType::check($request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE); Client::checkSecret(Client::checkId($request->post('client_id')), $request->post('client_secret')); AuthorizationCode::check($request->post('code'), $request->post('redirect_uri')); }