Exemple #1
0
 /**
  * Return the Random Access Token.
  * The access method should be POST.
  * The POST body should include 'client_id', 'client_secret', 'grant_type', 'code' and 'redirect_uri' used before.
  * The 'grant_type' must be 'authorization_code';
  * The 'client_id' and 'client_secret' are registered in developer's center.
  * @return array AccessToken array if above parameters are valid, or error No. and message.
  */
 public function run()
 {
     GrantType::checkGrantType(Yii::$app->request->post('grant_type'), GrantType::GRANT_TYPE_AUTHORIZATION_CODE);
     Client::checkClientSecret(Client::checkClientId(Yii::$app->request->post('client_id')), Yii::$app->request->post('client_secret'));
     AuthorizationCode::checkAuthorizationCode(Yii::$app->request->post('code'), Yii::$app->request->post('redirect_uri'));
     return AccessToken::createAccessToken(Yii::$app->request->post('client_id'), Yii::$app->request->post('code'));
 }
 /**
  * Loads the number of allowed requests and the corresponding timestamp from a persistent storage.
  * @param \yii\web\Request $request the current request
  * @param \yii\base\Action $action the action to be executed
  * @return array an array of two elements. The first element is the number of allowed requests,
  * and the second element is the corresponding UNIX timestamp.
  */
 public function loadAllowance($request, $action)
 {
     AccessToken::checkAccessToken($request->post('access_token'));
     Client::checkClientId($request->post('client_id'));
     $access_token = \common\models\OauthAccessToken::findOne(['client_id' => $request->post('client_id'), 'access_token' => $request->post('access_token')]);
     if (!$access_token) {
         return [0, time()];
     }
     $endpoint = $action->controller->route;
     $api_ratelimiter = ApiRatelimiter::findOne(['client_id' => $request->post('client_id'), 'api_endpoint' => $endpoint, 'user_uuid' => $access_token->user_uuid]);
     if (!$api_ratelimiter) {
         $api_ratelimiter = new ApiRatelimiter(['client_id' => $request->post('client_id'), 'api_endpoint' => $endpoint, 'user_uuid' => $access_token->user_uuid, 'allowed_remaining' => $this->getRateLimit($request, $action)[0], 'last_timestamp' => time()]);
     }
     return [$api_ratelimiter->allowed_remaining, $api_ratelimiter->last_timestamp];
 }
 public static function checkAccessByClientIdAndAccessToken($client_id, $access_token)
 {
     Client::checkClientId($client_id);
     AccessToken::checkAccessToken($access_token);
 }