/**
* Authorization authenticated Identity to access Resource
*
* @param AccessControlEvent $accessControlEvent
* @return bool
*/
public function __invoke(AccessControlEvent $accessControlEvent)
{
// Have we Authenticated against OAuth?
$identity = $accessControlEvent->getIdentity();
if ($identity instanceof OAuth2Authenticated) {
// Did we locate a valid API Resource
$resource = $accessControlEvent->getResource();
if ($resource instanceof Resource) {
$accessToken = $identity->getAccessToken();
// Check if Resource identifier is in available scope
if (isset($accessToken['scope']) && in_array($resource->getIdentifier(), explode(", ", $accessToken['scope']))) {
$method = $accessControlEvent->getMvcEvent()->getRequest()->getMethod();
return $this->isAuthorized($identity, $resource, $method);
}
}
}
}
