public function behaviors()
{
$behaviors = parent::behaviors();
// enabled HttpBearerAuth
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login', 'error'], 'authMethods' => [HttpBearerAuth::className()]];
unset($behaviors['rateLimiter']);
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
$behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['create', 'index', 'update', 'delete'], 'rules' => [['allow' => true, 'actions' => ['create', 'index', 'update', 'delete'], 'roles' => ['ADMIN']]]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
//$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON; //setting JSON as default reply
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
return $behaviors;
}
/**
* @param Action $action
* @return bool
* @throws ForbiddenHttpException
* @throws \yii\base\InvalidConfigException
*/
public function beforeAction($action)
{
$action_name = $action->id;
list($public_actions, $actions_scopes) = $this->analyzeAccessRules($action_name);
if (in_array($action_name, $public_actions)) {
//action is public
return true;
}
// else, if not public, add additional auth filters
if (Yii::$app->hasModule('oauth2')) {
/** @var \filsh\yii2\oauth2server\Module $oauth_module */
$oauth_module = Yii::$app->getModule('oauth2');
$query_param_auth = ['class' => QueryParamAuth::className()];
if (!empty($oauth_module->options['token_param_name'])) {
$query_param_auth['tokenParam'] = $oauth_module->options['token_param_name'];
}
$auth_behavior = $this->owner->getBehavior('authenticator');
$auth_behavior->authMethods = [$query_param_auth, ['class' => HttpBearerAuth::className()]];
$scopes = isset($actions_scopes[$action_name]) ? $actions_scopes[$action_name] : '';
if (is_array($scopes)) {
$scopes = implode(' ', $scopes);
}
$oauthServer = $oauth_module->getServer();
$oauthRequest = $oauth_module->getRequest();
$oauthResponse = $oauth_module->getResponse();
if (!$oauthServer->verifyResourceRequest($oauthRequest, $oauthResponse, $scopes)) {
throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
}
}
return parent::beforeAction($action);
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'except' => ['options']];
$behaviors['corsFilter'] = ['class' => Cors::className()];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']];
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]];
$behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['dashboard'], 'rules' => [['actions' => ['dashboard'], 'allow' => true, 'roles' => ['@']]]];
return $behaviors;
}
/**
* @return array
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
$user = User::findByLogin($username);
return $user->validatePassword($password) ? $user : null;
}], HttpBearerAuth::className(), QueryParamAuth::className()]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
// SEE https://github.com/yiisoft/yii2/pull/8626
//$behaviors['corsFilter'] = [
$behaviors[0] = ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['*'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Expose-Headers' => ['Link', 'X-Pagination-Current-Page', 'X-Pagination-Page-Count', 'X-Pagination-Per-Page', 'X-Pagination-Total-Count']]];
//$behaviors['authenticator'] = [
$behaviors[1] = ['class' => \yii\filters\auth\HttpBearerAuth::className(), 'except' => ['options']];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className()]];
// $behaviors['authenticator']['only'] = ['delete'];
$behaviors['access'] = ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'actions' => ['index'], 'matchCallback' => function ($rule, $action) {
if (User::findOne(Yii::$app->user->id)) {
return User::findOne(Yii::$app->user->id)->username === 'root';
}
}], ['allow' => true, 'actions' => ['view'], 'roles' => ['@']]]];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$hasAuth = (bool) Yii::$app->request->headers->get('Authorization');
$isPublic = $this->public || in_array(Yii::$app->controller->action->id, $this->publicActions);
$auth = $hasAuth || !$isPublic;
if ($auth) {
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className()]];
}
$behaviors['contentNegotiator']['formats'] = ['application/json' => Response::FORMAT_JSON, 'application/javascript' => Response::FORMAT_JSONP];
if ($this->rateLimiter) {
$behaviors['rateLimiter'] = ['class' => \ethercreative\ratelimiter\RateLimiter::className(), 'rateLimit' => Yii::$app->params['rateLimiter']['limit'], 'timePeriod' => Yii::$app->params['rateLimiter']['period'], 'separateRates' => Yii::$app->params['rateLimiter']['separate'], 'enableRateLimitHeaders' => YII_ENV_DEV];
}
return $behaviors;
}
public function behaviors()
{
// get the parent behaviors to overwrite
$behaviors = parent::behaviors();
if (!$this->getUserAuthClass()) {
unset($behaviors['authenticator']);
unset($behaviors['rateLimiter']);
} else {
// change to admin user auth class
$behaviors['authenticator'] = ['class' => \yii\filters\auth\CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [\yii\filters\auth\QueryParamAuth::className(), \yii\filters\auth\HttpBearerAuth::className()]];
// change to admin rate limiter
$behaviors['rateLimiter'] = ['class' => \yii\filters\RateLimiter::className(), 'user' => $this->getUserAuthClass()];
}
$behaviors['contentNegotiator'] = ['class' => \yii\filters\ContentNegotiator::className(), 'formats' => ['application/json' => \yii\web\Response::FORMAT_JSON, 'application/xml' => \yii\web\Response::FORMAT_XML]];
return $behaviors;
}
/**
* Remove not used behaviors from parent behaviors.
*
* @return array The list of behvaiors.
*/
public function behaviors()
{
// get the parent behaviors to overwrite
$behaviors = parent::behaviors();
if (!$this->getUserAuthClass()) {
unset($behaviors['authenticator']);
} else {
// change to admin user auth class
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [QueryParamAuth::className(), HttpBearerAuth::className()]];
}
$behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]];
// by default rate limiter behavior is removed as its not implememented.
if (isset($behaviors['rateLimiter'])) {
unset($behaviors['rateLimiter']);
}
return $behaviors;
}
/**
* @Note: By default OPTIONS not need to be authorized, if any action not need authorization include inside array
* Header: Authorization , Value: Bearer <auth_key> (need space between Bearer and auth_key)
*/
public function behaviors()
{
$behaviors = parent::behaviors();
// $action = Yii::$app->requestedAction->id; // == actions: 'create', 'index'...
// //create should removed if we are not allowing to create
// if (!in_array($action, ['options', 'create', 'index'])) {
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className()];
// }
// //using: ContentNegotiator, Response.
// $behaviors['contentNegotiator'] = [
// 'class' => ContentNegotiator::className(),
// 'formats' => [
// 'application/json' => Response::FORMAT_JSON,
// ],
// ];
return $behaviors;
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), ['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'auth']]]];
return $behaviors;
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'access-token']]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]]]);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]], 'exceptionFilter' => ['class' => ErrorToExceptionFilter::className()]]);
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['logout', 'test']];
return \yii\helpers\ArrayHelper::merge([['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Allow-Origin' => ['*'], 'Access-Control-Request-Method' => $this->_verbs, 'Access-Control-Request-Headers' => ['*']]]], $behaviors);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return array_merge(parent::behaviors(), ['HttpBearerAuth' => ['class' => HttpBearerAuth::className()]]);
}
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), QueryParamAuth::className()], 'except' => ['index', 'view']];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['*'], 'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'], 'Access-Control-Request-Headers' => ['Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Authorization'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 86400, 'Access-Control-Expose-Headers' => []]], 'authenticator' => ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']]];
}
public function behaviors()
{
$b = parent::behaviors();
$b['authenticator'] = ['class' => HttpBearerAuth::className()];
return $b;
}
/**
* @inheritdoc
*/
public function init()
{
parent::init();
$this->user = Instance::ensure($this->user, User::className());
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => 'jsonrpc']], 'authenticator' => ['class' => CompositeAuth::className(), 'optional' => ['index'], 'authMethods' => [UserAuth::className(), QueryParamAuth::className(), HttpBearerAuth::className()]], 'corsFilter' => ['class' => Cors::className()]]);
}
/**
* @inheritdoc
*/
public function behaviors()
{
return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'rateLimiter' => ['class' => RateLimiter::className()]];
}
public function behaviors()
{
return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className()]]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'charset' => 'UTF-8'], 'languages' => ['en', 'de']], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://lukisongroup.com', 'http://lukisongroup.int'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()], ['class' => QueryParamAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()]]];
return $behaviors;
}
/**
* @inheritdoc
*/
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = ['class' => HttpBearerAuth::className(), 'only' => ['dashboard']];
$behaviors['access'] = ['class' => AccessControl::className(), 'only' => ['dashboard'], 'rules' => [['actions' => ['dashboard'], 'allow' => true, 'roles' => ['@']]]];
return $behaviors;
}