public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application\\json' => Response::FORMAT_JSON]];
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className()];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // TODO: Change the autogenerated stub
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className(), 'tokenParam' => 'passkey'];
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator']['authMethods'] = !$this->authMethods ? [] : [QueryParamAuth::className()];
     $behaviors['authenticator']['user'] = Yii::createObject(['class' => 'api\\components\\auth\\AuthApi', 'identityClass' => 'api\\components\\auth\\CheckToken']);
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['verbs'] = ['class' => VerbFilter::className(), 'actions' => ['login' => ['POST', 'OPTIONS']]];
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'except' => ['login'], 'authMethods' => [QueryParamAuth::className()]];
     return $behaviors;
 }
 /**
  * @param Action $action
  * @return bool
  * @throws ForbiddenHttpException
  * @throws \yii\base\InvalidConfigException
  */
 public function beforeAction($action)
 {
     $action_name = $action->id;
     list($public_actions, $actions_scopes) = $this->analyzeAccessRules($action_name);
     if (in_array($action_name, $public_actions)) {
         //action is public
         return true;
     }
     // else, if not public, add additional auth filters
     if (Yii::$app->hasModule('oauth2')) {
         /** @var \filsh\yii2\oauth2server\Module $oauth_module */
         $oauth_module = Yii::$app->getModule('oauth2');
         $query_param_auth = ['class' => QueryParamAuth::className()];
         if (!empty($oauth_module->options['token_param_name'])) {
             $query_param_auth['tokenParam'] = $oauth_module->options['token_param_name'];
         }
         $auth_behavior = $this->owner->getBehavior('authenticator');
         $auth_behavior->authMethods = [$query_param_auth, ['class' => HttpBearerAuth::className()]];
         $scopes = isset($actions_scopes[$action_name]) ? $actions_scopes[$action_name] : '';
         if (is_array($scopes)) {
             $scopes = implode(' ', $scopes);
         }
         $oauthServer = $oauth_module->getServer();
         $oauthRequest = $oauth_module->getRequest();
         $oauthResponse = $oauth_module->getResponse();
         if (!$oauthServer->verifyResourceRequest($oauthRequest, $oauthResponse, $scopes)) {
             throw new ForbiddenHttpException(Yii::t('yii', 'You are not allowed to perform this action.'));
         }
     }
     return parent::beforeAction($action);
 }
Exemple #6
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator']['class'] = QueryParamAuth::className();
     $behaviors['authenticator']['tokenParam'] = 'access_token';
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     //$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON; //setting JSON as default reply
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
 /**
  * Some rules in this controller
  * @return Rules behaviors
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className(), 'tokenParam' => 'token'];
     unset($behaviors['rateLimiter']);
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     /*
     // test with basic auth which can be set in params
     $behaviors['authenticator'] = [
     'class' => HttpBasicAuth::className(),
     'auth'  => function ($username, $password) {
         if ($username==\Yii::$app->params['HttpBasicAuth']['username'] && $password==\Yii::$app->params['HttpBasicAuth']['password']) {
             return new User();
         } else {
             return null;
         }
     }];
     */
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBasicAuth::className(), QueryParamAuth::className()]];
     /*
     //set response header to application/json only
     $behaviors['contentNegotiator'] = [
             'class' => ContentNegotiator::className(),
             'formats' => [
                 'application/json' => Response::FORMAT_JSON,
     //            'application/xml' => Response::FORMAT_XML,
             ],
     ];
     */
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     // bootstrap the ContentNegotiatot behavior earlier to use detected format for authenticator
     /** @var ContentNegotiator $contentNegotiator */
     $contentNegotiator = Yii::createObject(['class' => ContentNegotiator::className(), 'formats' => ['text/html' => Response::FORMAT_HTML, 'application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML, 'text/csv' => Response::FORMAT_CSV, 'application/pdf' => Response::FORMAT_PDF, 'application/vnd.ms-excel' => Response::FORMAT_XLS]]);
     $contentNegotiator->negotiate();
     return array_merge(parent::behaviors(), ['contentNegotiator' => $contentNegotiator, 'authenticator' => ['class' => \yii\filters\auth\CompositeAuth::className(), 'authMethods' => !Yii::$app->user->getIsGuest() || Yii::$app->response->format === Response::FORMAT_HTML ? [] : [\yii\filters\auth\HttpBasicAuth::className(), \yii\filters\auth\QueryParamAuth::className()]], 'rateLimiter' => ['class' => \yii\filters\RateLimiter::className(), 'user' => Yii::$app->user->getIdentity()], 'access' => ['class' => AccessControl::className(), 'rules' => [['allow' => true, 'roles' => ['@']]]], 'menu' => ['class' => ActiveNavigation::className()]]);
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     // TODO: Change the autogenerated stub
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className(), 'tokenParam' => 'passkey'];
     $behaviors[] = ['class' => 'yii\\filters\\ContentNegotiator', 'formats' => ['application/json' => Response::FORMAT_JSON, 'text/html' => Response::FORMAT_HTML]];
     return $behaviors;
 }
 public function authenticate($user, $request, $response)
 {
     $apiKey = $request->get('api_key');
     if (!is_null($apiKey)) {
         $_GET[$this->tokenParam] = $apiKey;
     }
     return parent::authenticate($user, $request, $response);
 }
Exemple #13
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'];
     //unset($behaviors['contentNegotiator']['formats']);
     $behaviors['contentNegotiator']['formats']['application/xml'] = Response::FORMAT_JSON;
     $behaviors['rateLimiter']['enableRateLimitHeaders'] = false;
     return $behaviors;
 }
Exemple #14
0
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     if (!$this->isActionPublic()) {
         $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'authByPassword']]]];
     }
     Yii::$app->response->format = Response::FORMAT_JSON;
     return $behaviors;
 }
Exemple #15
0
 /**
  * @return array
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         $user = User::findByLogin($username);
         return $user->validatePassword($password) ? $user : null;
     }], HttpBearerAuth::className(), QueryParamAuth::className()]];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['verbs'] = ['class' => \yii\filters\VerbFilter::className(), 'actions' => ['myCustomAction' => ['get', 'head']]];
     $behaviors['authenticator'] = ['except' => ['myCustomAction'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className()], ['class' => QueryParamAuth::className()]]];
     return $behaviors;
     /*$behaviors['authenticator'] = [
       'except' => 'myCustomAction',
           'class' => HttpBasicAuth::className(),
       ];*/
     //return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['except' => ['access-token-by-user'], 'class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBasicAuth::className(), 'auth' => function ($username, $password) {
         $out = null;
         $user = \common\models\User::findByUsername($username);
         if ($user != null) {
             if ($user->validatePassword($password)) {
                 $out = $user;
             }
         }
         return $out;
     }], ['class' => QueryParamAuth::className()]]];
     return $behaviors;
 }
Exemple #18
0
 public function behaviors()
 {
     // get the parent behaviors to overwrite
     $behaviors = parent::behaviors();
     if (!$this->getUserAuthClass()) {
         unset($behaviors['authenticator']);
         unset($behaviors['rateLimiter']);
     } else {
         // change to admin user auth class
         $behaviors['authenticator'] = ['class' => \yii\filters\auth\CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [\yii\filters\auth\QueryParamAuth::className(), \yii\filters\auth\HttpBearerAuth::className()]];
         // change to admin rate limiter
         $behaviors['rateLimiter'] = ['class' => \yii\filters\RateLimiter::className(), 'user' => $this->getUserAuthClass()];
     }
     $behaviors['contentNegotiator'] = ['class' => \yii\filters\ContentNegotiator::className(), 'formats' => ['application/json' => \yii\web\Response::FORMAT_JSON, 'application/xml' => \yii\web\Response::FORMAT_XML]];
     return $behaviors;
 }
 /**
  * Remove not used behaviors from parent behaviors.
  *
  * @return array The list of behvaiors.
  */
 public function behaviors()
 {
     // get the parent behaviors to overwrite
     $behaviors = parent::behaviors();
     if (!$this->getUserAuthClass()) {
         unset($behaviors['authenticator']);
     } else {
         // change to admin user auth class
         $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'user' => $this->getUserAuthClass(), 'authMethods' => [QueryParamAuth::className(), HttpBearerAuth::className()]];
     }
     $behaviors['contentNegotiator'] = ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'application/xml' => Response::FORMAT_XML]];
     // by default rate limiter behavior is removed as its not implememented.
     if (isset($behaviors['rateLimiter'])) {
         unset($behaviors['rateLimiter']);
     }
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), QueryParamAuth::className()], 'except' => ['index', 'view']];
     return $behaviors;
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [HttpBearerAuth::className(), ['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token'], ['class' => HttpBasicAuth::className(), 'auth' => [$this, 'auth']]]];
     return $behaviors;
 }
Exemple #22
0
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'access-token']]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]]]);
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [QueryParamAuth::className()]];
     return $behaviors;
 }
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     return ['contentNegotiator' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON]], 'verbFilter' => ['class' => VerbFilter::className(), 'actions' => $this->verbs()], 'authenticator' => ['class' => CompositeAuth::className(), 'except' => ['index', 'view', 'options'], 'authMethods' => [HttpBasicAuth::className(), HttpBearerAuth::className(), QueryParamAuth::className()]], 'access' => ['class' => AccessControl::className(), 'only' => ['create', 'update', 'delete'], 'rules' => [['actions' => ['create', 'update', 'delete'], 'allow' => true, 'roles' => ['@']]]], 'rateLimiter' => ['class' => RateLimiter::className()]];
 }
Exemple #25
0
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]], 'exceptionFilter' => ['class' => ErrorToExceptionFilter::className()]]);
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'only' => ['create', 'update'], 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className(), 'tokenParam' => 'accessToken']]]]);
 }
Exemple #27
0
 /**
  * @inheritdoc
  */
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()], ['class' => QueryParamAuth::className(), 'only' => $this->authOnly(), 'except' => $this->authExcept()]]];
     return $behaviors;
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => QueryParamAuth::className(), 'tokenParam' => 'access_token']]]]);
 }
 public function behaviors()
 {
     return ArrayHelper::merge(parent::behaviors(), ['authenticator' => ['class' => CompositeAuth::className(), 'authMethods' => [['class' => HttpBearerAuth::className()], ['class' => QueryParamAuth::className()]]], 'bootstrap' => ['class' => ContentNegotiator::className(), 'formats' => ['application/json' => Response::FORMAT_JSON, 'charset' => 'UTF-8'], 'languages' => ['en', 'de']], 'corsFilter' => ['class' => \yii\filters\Cors::className(), 'cors' => ['Origin' => ['http://lukisongroup.com', 'http://lukisongroup.int'], 'Access-Control-Request-Method' => ['POST', 'PUT', 'GET'], 'Access-Control-Request-Headers' => ['X-Wsse'], 'Access-Control-Allow-Credentials' => true, 'Access-Control-Max-Age' => 3600, 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page']]]]);
 }
 public function behaviors()
 {
     $behaviors = parent::behaviors();
     $behaviors['authenticator'] = ['class' => QueryParamAuth::className()];
     return $behaviors;
 }