/** * @param string $clientId * @param string $endpointName * * @dataProvider accessFailureProvider * * @expectedException \SlimBootstrap\Exception * @expectedExceptionCode 403 * @expectedExceptionMessage Access denied */ public function testAccessFailure($clientId, $endpointName) { $this->_acl->access($clientId, $endpointName); }
/** * This hook is run before the actual route is dispatched and enforces * the authentication and ACL if these are provided. * Furthermore it sets the Access-Control-Allow-Origin to * and sets * the cache duration to the value specified in the config. */ public function authentication() { try { // use authentication for api if (null !== $this->_authentication) { $currentRoute = $this->_app->router->getCurrentRoute(); $routeId = $this->_app->environment->offsetGet('REQUEST_METHOD') . $currentRoute->getPattern(); if (true === array_key_exists($routeId, $this->_endpointAuthentication) && false === $this->_endpointAuthentication[$routeId]) { return; } if (false === is_array($this->_aclConfig)) { throw new SlimBootstrap\Exception('acl config is empty or invalid', 500); } $this->_app->getLog()->info('using authentication'); $acl = new SlimBootstrap\Acl($this->_aclConfig); $accessToken = $this->_app->request->get('access_token'); if (null === $accessToken) { $accessToken = $this->_app->request->get('token'); if (null !== $accessToken) { $this->_app->getLog()->notice('please use "access_token" instead of "token" parameter, ' . 'because "token" parameter is deprecated'); } } $clientId = $this->_authentication->authenticate($accessToken); $this->_app->getLog()->info('authentication successfull'); /* * Inject the clientId into the parameters. * We have to get all parameters, change the array and set it * again because slim doesn't allow to set a new parameter * directly. */ $params = $currentRoute->getParams(); $params['clientId'] = $clientId; $currentRoute->setParams($params); $this->_app->getLog()->notice('set clientId to parameter: ' . $clientId); $this->_app->getLog()->debug(var_export($currentRoute->getParams(), true)); $acl->access($clientId, $currentRoute->getName()); $this->_app->getLog()->info('access granted'); } } catch (SlimBootstrap\Exception $exception) { $this->_handleError($exception); } }