/** * @param Request $request * @param $apiKey * @throws RequestAuthenticatorException */ protected function isValidApiKey(Request $request, $apiKey) { if ($apiKey->getStatus() == 'DISABLED') { throw new RequestAuthenticatorException('The API Key is not allowed to make this request.'); } if ($request->getScheme() == 'Bearer') { return true; } if ($apiKey === null || !!($request->getApiSecret() != $apiKey->getSecret())) { throw new RequestAuthenticatorException('The API Key is not valid for this request.'); } return true; }