/** * Authorization authenticated Identity to access Resource * * @param AccessControlEvent $accessControlEvent * @return bool */ public function __invoke(AccessControlEvent $accessControlEvent) { // Have we Authenticated against OAuth? $identity = $accessControlEvent->getIdentity(); if ($identity instanceof OAuth2Authenticated) { // Did we locate a valid API Resource $resource = $accessControlEvent->getResource(); if ($resource instanceof Resource) { $accessToken = $identity->getAccessToken(); // Check if Resource identifier is in available scope if (isset($accessToken['scope']) && in_array($resource->getIdentifier(), explode(", ", $accessToken['scope']))) { $method = $accessControlEvent->getMvcEvent()->getRequest()->getMethod(); return $this->isAuthorized($identity, $resource, $method); } } } }