public function onBootstrap(MvcEvent $e) { // Short-circuit ZfcUser's inbuilt user session storage mechanism // as we're relying solely on zf-mvc-auth to handle that for us $storage = new \Zend\Authentication\Storage\NonPersistent(); $sm = $e->getApplication()->getServiceManager(); $sm->get('ZfcUser\\Authentication\\Storage\\Db')->setStorage($storage); $sm->get('ZfcUser\\Authentication\\Adapter\\Db')->setStorage($storage); // Inject authenticated user from zf-mvc-auth into ZfcUser so it's // built-in session and user checking still function properly $zfcUserService = $sm->get('zfcuser_user_service'); $em = $e->getApplication()->getEventManager(); $em->attach(MvcAuthEvent::EVENT_AUTHENTICATION_POST, function (MvcAuthEvent $e) use($zfcUserService, $storage) { $identity = $e->getIdentity(); if (!$identity instanceof AuthenticatedIdentity) { return; } $token = $identity->getAuthenticationIdentity(); $uid = $token['user_id']; $user = $zfcUserService->getUserMapper()->findById($uid); if (!$user instanceof ZfcUserEntity) { return; } $storage->write($user->getId()); }); }
public function onBootstrap(MvcEvent $event) { $eventManager = $event->getApplication()->getEventManager(); $oauth2Closure = $event->getApplication()->getServiceManager()->get(\ZF\OAuth2\Service\OAuth2Server::class); $logger = $event->getApplication()->getServiceManager()->get('logger'); $eventManager->attach(MvcAuthEvent::EVENT_AUTHENTICATION_POST, function (MvcAuthEvent $event) use($oauth2Closure) { // Manipulating Identity Data $identity = $event->getIdentity(); if (!!$identity) { if ($identity instanceof AuthenticatedIdentity) { $userData = $oauth2Closure()->getStorage('user_credentials')->getUser($identity->getName()); if (is_array($identity->getAuthenticationIdentity())) { $userData = array_merge($userData, $identity->getAuthenticationIdentity()); } $identity = new AuthenticatedIdentity($userData); $event->setIdentity($identity); } //MvcEvent did not understand when manipulated MvcAuthEvent identity $event->getMvcEvent()->setParam('ZF\\MvcAuth\\Identity', $identity); } return $event; }, 900); $moduleRouteListener = new ModuleRouteListener(); $moduleRouteListener->attach($eventManager); $event->getApplication()->getEventManager()->attach(MvcEvent::EVENT_DISPATCH_ERROR, function (MvcEvent $event) use($logger) { $problem = null; if ($event->isError()) { $exception = $event->getParam("exception"); // There are some other errors like that : // "error-controller-cannot-dispatch", // "error-controller-invalid", // "error-controller-not-found", // "error-router-no-match", if ($event->getError() === 'error-controller-not-found') { $problem = new ApiProblem(404, "Endpoint controller not found!"); } elseif ($event->getError() === 'error-router-no-match') { $problem = new ApiProblem(404, "Not found!"); } elseif ($exception instanceof \Exception) { $className = explode('\\', get_class($exception)); $problem = new ApiProblem($exception->getCode(), end($className) . ' error.'); $logger->err($exception->getMessage(), array('controller' => $event->getControllerClass())); } } else { $problem = new ApiProblem(500, "Unknown Error!"); } $response = new ApiProblemResponse($problem); $event->stopPropagation(); return $response; }, 9000); }