/** * Auth Action: GET, 主认证方法. * * @return mixed. */ public function actionMain() { $auth = function () { header('WWW-Authenticate: Basic realm="LYAPI"'); header('HTTP/1.0 401 Unauthorized'); exit; }; if (!isset($_SERVER['PHP_AUTH_USER'])) { $auth(); exit; } else { $aUser = trim($_SERVER['PHP_AUTH_USER']); $aPass = trim($_SERVER['PHP_AUTH_PW']); $curIp = $_SERVER['REMOTE_ADDR']; $curUserAgent = $_SERVER['HTTP_USER_AGENT']; if (!$aUser) { $auth(); exit; } $OauthRpc = RpcClient_STD_Oauth::Instance(); $OauthClient = $OauthRpc->getClient($aUser); if (!$OauthClient || !isset($OauthClient['data']['secret_key']) || $OauthClient['data']['secret_key'] !== $aPass) { $auth(); exit; } $created = time(); $secretKey = $OauthClient['data']['secret_key']; $accessToken = $this->buildToken(array($curIp, $curUserAgent, $secretKey, $created)); $refreshToken = $this->buildToken(array($curIp, $curUserAgent, $secretKey, $created), 'refresh'); $OauthRpc->setAccessToken($OauthClient['data']['oauth_clients_id'], $accessToken, $refreshToken, $curIp, $created); $this->render(array('access_token' => $accessToken), 200, 'ok'); } }
/** * Token 验证. * * @param string $token Token认证字符串. * * @return $this->response. */ public function Authentication($token) { if ($token) { $OauthRpc = RpcClient_STD_Oauth::Instance(); $accessData = $OauthRpc->getAccessToken($token); if (!$accessData) { return $this->response; } $accessData = $accessData['data']; // 检测过期与否 if ($accessData['created'] + $accessData['expires_in'] < time()) { $this->response['status'] = 403; $this->response['mesg'] = '已过期'; return $this->response; } $this->response['status'] = 200; $this->response['mesg'] = ''; } return $this->response; }