/** * Validates a request and takes a scope value that could result * in a user id being put into the request if it's valid. The * passThrough flag will allow the request to continue when it * would otherwise fail with a 401 response. * * @param HttpFoundation\Request $request * @param string $scope * @param bool $passThrough * @return null|HttpFoundation\Response */ public function validateRequest(HttpFoundation\Request $request, $scope, $passThrough = false) { $this->log->addDebug(print_r($request, true), ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'type' => 'request', 'scope' => $scope]); $bridgeRequest = HttpFoundationBridge\Request::createFromRequest($request); if ($this->server->verifyResourceRequest($bridgeRequest, null, $scope)) { //Put the user into the request if we're validating at the user scope if ($scope === 'user') { $token = $this->server->getAccessTokenData($bridgeRequest); $request->request->set('user', $this->usersRepo->getById($token['user_id'])); } else { //Set the user to null which should make any //searches relying on this being valid to fail. $request->request->set('user', null); } return null; //If the request shouldn't hard fail. This should only have a few specific use cases. } elseif ($passThrough) { $this->log->addInfo('OAuth Pass Through', ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'type' => 'request', 'scope' => $scope, 'passThrough' => true]); return null; } $this->log->addInfo('Failed to validate request', ['namespace' => 'Alerts\\Controllers\\OAuth2', 'method' => 'validateRequest', 'scope' => $scope]); return new HttpFoundation\Response('Not Authorized', 401); }