/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @param string $requiredScope
* @return mixed
* @throws \OAuth2\Exception
*/
public function handle(Request $request, Closure $next, $requiredScope)
{
// Ensure this is a valid OAuth client.
$accessToken = $this->determineAccessToken($request, false);
// check that access token is valid at Poniverse.net
$accessTokenInfo = $this->poniverse->getAccessTokenInfo($accessToken);
if (!$accessTokenInfo->getIsActive()) {
throw new AccessDeniedHttpException('This access token is expired or invalid!');
}
if (!in_array($requiredScope, $accessTokenInfo->getScopes())) {
throw new AccessDeniedHttpException("This access token lacks the '{$requiredScope}' scope!");
}
// Log in as the given user, creating the account if necessary.
$this->poniverse->setAccessToken($accessToken);
$this->session->put('api_client_id', $accessTokenInfo->getClientId());
$poniverseUser = $this->poniverse->getUser();
$user = User::findOrCreate($poniverseUser['username'], $poniverseUser['display_name'], $poniverseUser['email']);
$this->auth->onceUsingId($user);
return $next($request);
}
/**
* Log the given user ID into the application without sessions or cookies.
*
* @param mixed $id
* @return bool
* @static
*/
public static function onceUsingId($id)
{
return \Illuminate\Auth\Guard::onceUsingId($id);
}
