/** * {@inheritdoc} */ public function validateAuthorization(ServerRequestInterface $request) { if ($request->hasHeader('authorization') === false) { throw OAuthServerException::accessDenied('Missing "Authorization" header'); } $header = $request->getHeader('authorization'); $accessTokenId = trim($header[0]); try { $accessTokenEntity = $this->accessTokenRepository->findAccessToken($accessTokenId); // Check if token has been revoked if (is_null($accessTokenEntity)) { throw OAuthServerException::accessDenied('Access token has been revoked'); } // Ensure access token hasn't expired if ($accessTokenEntity->getExpiryDateTime()->lt(Carbon::now())) { throw OAuthServerException::accessDenied('Access token is invalid'); } // Return the request with additional attributes return $request->withAttribute('oauth_access_token_id', $accessTokenEntity->getIdentifier())->withAttribute('oauth_client_id', $accessTokenEntity->getClient()->getIdentifier())->withAttribute('oauth_user_id', $accessTokenEntity->getUserIdentifier())->withAttribute('oauth_scopes', $accessTokenEntity->getScopes()); } catch (\InvalidArgumentException $exception) { // JWT couldn't be parsed so return the request as is throw OAuthServerException::accessDenied($exception->getMessage()); } }
/** * get getAccessTokensForUser. * * @param $userId * * @return array|null */ public function getAccessTokensForUser($userId) { $accessTokenRepository = new AccessTokenRepository(); // instance of AccessTokenRepositoryInterface $user = new UserEntity(); // instance of AccessTokenRepositoryInterface $user->setIdentifier($userId); return $accessTokenRepository->findAccessTokensByUser($user); }