public function behaviors()
 {
     $behaviors = parent::behaviors();
     //$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON; //setting JSON as default reply
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     /*
     // test with basic auth which can be set in params
     $behaviors['authenticator'] = [
     'class' => HttpBasicAuth::className(),
     'auth'  => function ($username, $password) {
         if ($username==\Yii::$app->params['HttpBasicAuth']['username'] && $password==\Yii::$app->params['HttpBasicAuth']['password']) {
             return new User();
         } else {
             return null;
         }
     }];
     */
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), QueryParamAuth::className()]];
     /*
     //set response header to application/json only
     $behaviors['contentNegotiator'] = [
             'class' => ContentNegotiator::className(),
             'formats' => [
                 'application/json' => Response::FORMAT_JSON,
     //            'application/xml' => Response::FORMAT_XML,
             ],
     ];
     */
     return $behaviors;
 }
Example #3
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login', 'error'], 'authMethods' => [HttpBearerAuth::className()]];
     unset($behaviors['rateLimiter']);
     return $behaviors;
 }
Example #4
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['login' => ['POST', 'OPTIONS']]];
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login'], 'authMethods' => [QueryParamAuth::className()]];
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function beforeAction($action)
 {
     $oauthServer = Yii::$app->getModule('oauth2')->getServer();
     $oauthRequest = Yii::$app->getModule('oauth2')->getRequest();
     $oauthServer->verifyResourceRequest($oauthRequest);
     return parent::beforeAction($action);
 }
Example #6
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     // bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator
     /** @var ContentNegotiator $contentNegotiator */
     $contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]);
     $contentNegotiator->negotiate();
     return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]);
 }
Example #7
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     if (!$this->isActionPublic()) {
         $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'authByPassword']]]];
     }
     Yii::$app->response->format = Response::FORMAT_JSON;
     return $behaviors;
 }
 public function authenticate($user, $request, $response)
 {
     $oauthsServer = Yii::$app->getModule('oauth2')->getServer();
     $oauthRequest = Yii::$app->getModule('oauth2')->getRequest();
     if ($oauthsServer->verifyResourceRequest($oauthRequest)) {
         return parent::authenticate($user, $request, $response);
     }
     return null;
 }
Example #9
0
 /**
  * @return array
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         $user = User::findByLogin($username);
         return $user->validatePassword($password) ? $user : null;
     }], HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
Example #10
0
 public function behaviors()
 {
     /**
      * the CompositeAuth::authenticate() assumes that it is only executed once per the controller's instance
      * i believe this is okay as long as we specify in the documentation that if we want to use the authenticate
      * method again(this might even be also true to other behaviors that attaches to the beforeAction event),
      * that we will have to forward/run into the other action in a way that it will create a new controller instance
      */
     return ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [TestAuth::className()]]];
 }
Example #11
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['verbs'] = ['class' => \yii\filters\VerbFilter::className(), 'actions' => ['myCustomAction' => ['get', 'head']]];
     $behaviors['authenticator'] = ['except' => ['myCustomAction'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className()], ['class' => QueryParamAuth::className()]]];
     return $behaviors;
     /*$behaviors['authenticator'] = [
       'except' => 'myCustomAction',
           'class' => HttpBasicAuth::className(),
       ];*/
     //return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className()]];
     // $behaviors['authenticator']['only'] = ['delete'];
     $behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['index'], 'matchCallback' => function ($rule, $action) {
         if (User::findOne(Yii::$app->user->id)) {
             return User::findOne(Yii::$app->user->id)->username === 'root';
         }
     }], ['allow' => true, 'actions' => ['view'], 'roles' => ['@']]]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['except' => ['access-token-by-user'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         $out = null;
         $user = \common\models\User::findByUsername($username);
         if ($user != null) {
             if ($user->validatePassword($password)) {
                 $out = $user;
             }
         }
         return $out;
     }], ['class' => QueryParamAuth::className()]]];
     return $behaviors;
 }
Example #14
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $hasAuth = (bool) Yii::$app->request->headers->get('Authorization');
     $isPublic = $this->public || in_array(Yii::$app->controller->action->id, $this->publicActions);
     $auth = $hasAuth || !$isPublic;
     if ($auth) {
         $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className()]];
     }
     $behaviors['contentNegotiator']['formats'] = ['application/json' => Response::FORMAT_JSON, 'application/javascript' => Response::FORMAT_JSONP];
     if ($this->rateLimiter) {
         $behaviors['rateLimiter'] = ['class' => \ethercreative\ratelimiter\RateLimiter::className(), 'rateLimit' => Yii::$app->params['rateLimiter']['limit'], 'timePeriod' => Yii::$app->params['rateLimiter']['period'], 'separateRates' => Yii::$app->params['rateLimiter']['separate'], 'enableRateLimitHeaders' => YII_ENV_DEV];
     }
     return $behaviors;
 }
Example #15
0
 public function behaviors()
 {
     // get the parent behaviors to overwrite
     $behaviors = parent::behaviors();
     if (!$this->getUserAuthClass()) {
         unset($behaviors['authenticator']);
         unset($behaviors['rateLimiter']);
     } else {
         // change to admin user auth class
         $behaviors['authenticator'] = ['class' => \yii\filters\auth\CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [\yii\filters\auth\QueryParamAuth::className(), \yii\filters\auth\HttpBearerAuth::className()]];
         // change to admin rate limiter
         $behaviors['rateLimiter'] = ['class' => \yii\filters\RateLimiter::className(), 'user' => $this->getUserAuthClass()];
     }
     $behaviors['contentNegotiator'] = ['class' => \yii\filters\ContentNegotiator::className(), 'formats' => ['application/json' => \yii\web\Response::FORMAT_JSON, 'application/xml' => \yii\web\Response::FORMAT_XML]];
     return $behaviors;
 }
Example #16
0
 /**
  * Remove not used behaviors from parent behaviors.
  *
  * @return array The list of behvaiors.
  */
 public function behaviors()
 {
     // get the parent behaviors to overwrite
     $behaviors = parent::behaviors();
     if (!$this->getUserAuthClass()) {
         unset($behaviors['authenticator']);
     } else {
         // change to admin user auth class
         $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [QueryParamAuth::className(), HttpBearerAuth::className()]];
     }
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]];
     // by default rate limiter behavior is removed as its not implememented.
     if (isset($behaviors['rateLimiter'])) {
         unset($behaviors['rateLimiter']);
     }
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function beforeAction($action)
 {
     /* @var $module \filsh\yii2\oauth2server\Module */
     /* @var $server \filsh\yii2\oauth2server\Server */
     /* @var $response \OAuth2\Response */
     /* @var $request \OAuth2\Request */
     $module = Yii::$app->getModule('oauth2');
     $server = $module->getServer();
     $request = $module->getRequest();
     if (!$server->verifyResourceRequest()) {
         $response = $server->getResponse();
         throw new HttpException($response);
     }
     if (in_array(Yii::$app->request->method, ['POST', 'PUT', 'DELETE']) && $request->content !== null) {
         Yii::$app->request->setRawBody($request->content);
     }
     return parent::beforeAction($action);
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), QueryParamAuth::className()], 'except' => ['index', 'view']];
     return $behaviors;
 }
Example #19
0
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'access-token']]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]]]);
 }
Example #20
0
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => []]]);
 }
Example #21
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'only' => ['create', 'update'], 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]]]);
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formatParam' => 'format', 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => 'common\\filters\\auth\\HttpBasicAuth', 'realm' => REALM], ['class' => 'common\\filters\\auth\\HttpDigestAuth', 'realm' => REALM]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
 }
Example #24
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()], ['class' => QueryParamAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()]]];
     return $behaviors;
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => 'jsonrpc']], 'authenticator' => ['class' => CompositeAuth::className(), 'optional' => ['index'], 'authMethods' => [UserAuth::className(), QueryParamAuth::className(), HttpBearerAuth::className()]], 'corsFilter' => ['class' => Cors::className()]]);
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token']]]]);
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className()]]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'charset' => 'UTF-8'], 'languages' => ['en', 'de']], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://lukisongroup.com', 'http://lukisongroup.int'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [QueryParamAuth::className()]];
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className()], 'rateLimiter' => ['class' => RateLimiter::className()]];
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'rateLimiter' => ['class' => RateLimiter::className()]];
 }