/** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @param string $requiredScope * @return mixed * @throws \OAuth2\Exception */ public function handle(Request $request, Closure $next, $requiredScope) { // Ensure this is a valid OAuth client. $accessToken = $this->determineAccessToken($request, false); // check that access token is valid at Poniverse.net $accessTokenInfo = $this->poniverse->getAccessTokenInfo($accessToken); if (!$accessTokenInfo->getIsActive()) { throw new AccessDeniedHttpException('This access token is expired or invalid!'); } if (!in_array($requiredScope, $accessTokenInfo->getScopes())) { throw new AccessDeniedHttpException("This access token lacks the '{$requiredScope}' scope!"); } // Log in as the given user, creating the account if necessary. $this->poniverse->setAccessToken($accessToken); $this->session->put('api_client_id', $accessTokenInfo->getClientId()); $poniverseUser = $this->poniverse->getUser(); $user = User::findOrCreate($poniverseUser['username'], $poniverseUser['display_name'], $poniverseUser['email']); $this->auth->onceUsingId($user); return $next($request); }
/** * Log the given user ID into the application without sessions or cookies. * * @param mixed $id * @return bool * @static */ public static function onceUsingId($id) { return \Illuminate\Auth\Guard::onceUsingId($id); }