/** * Execute the Api Resource operation. * * @return mixed RApi object with information on success, boolean false on failure. * * @since 1.2 */ public function apiResource() { $scopeToCheck = $this->options->get('scope', ''); $scopes = array(); if (is_array($scopeToCheck) && count($scopeToCheck) > 0) { $scopes = $scopeToCheck; $scopeToCheck = null; } // Handle a request for an OAuth2.0 Access Token and send the response to the client if (!$this->server->verifyResourceRequest(OAuth2\Request::createFromGlobals(), null, $scopeToCheck)) { $this->response = $this->server->getResponse(); return $this; } $token = $this->server->getResourceController()->getToken(); if (!empty($scopes)) { $requestValid = false; // Check all scopes foreach ($scopes as $scope) { if (!empty($scope) && !empty($token["scope"]) && $this->server->getScopeUtil()->checkScope($scope, $token['scope'])) { $requestValid = true; break; } } if (!$requestValid) { $this->response = $this->server->getResponse(); $this->response->setError(403, 'insufficient_scope', JText::_('LIB_REDCORE_API_OAUTH2_SERVER_INSUFFICIENT_SCOPE')); $this->response->addHttpHeaders(array('WWW-Authenticate' => sprintf('%s realm="%s", scope="%s", error="%s", error_description="%s"', $this->server->getTokenType()->getTokenType(), $this->serverConfig['www_realm'], implode(', ', $scopes), $this->response->getParameter('error'), $this->response->getParameter('error_description')))); return $this; } } $this->response = json_encode(array('success' => true, 'user_id' => $token['user_id'], 'message' => JText::_('LIB_REDCORE_API_OAUTH2_SERVER_ACCESS_SUCCESS'))); return $this; }