/** * @param \lcon\Http\RequestInterface $request * @param \League\OAuth2\Server\Entities\ClientEntityInterface $client * * @throws \League\OAuth2\Server\Exception\OAuthServerException * * @return \League\OAuth2\Server\Entities\UserEntityInterface **/ protected function validateUser(\Phalcon\Http\RequestInterface $request, ClientEntityInterface $client) { $username = $this->getRequestParameter('username', $request); if (is_null($username)) { throw OAuthServerException::invalidRequest('username', '`%s` parameter is missing'); } $password = $this->getRequestParameter('password', $request); if (is_null($password)) { throw OAuthServerException::invalidRequest('password', '`%s` parameter is missing'); } $user = $this->userRepository->getUserEntityByUserCredentials($username, $password, $this->getIdentifier(), $client); if (!$user instanceof UserEntityInterface) { $this->getEmitter()->emit(new RequestEvent('user.authentication.failed', $request)); throw OAuthServerException::invalidCredentials(); } return $user; }
/** * @param \Psr\Http\Message\ServerRequestInterface $request * @param \League\OAuth2\Server\Entities\ClientEntityInterface $client * * @throws \League\OAuth2\Server\Exception\OAuthServerException * * @return \League\OAuth2\Server\Entities\UserEntityInterface */ protected function validateUser(ServerRequestInterface $request, ClientEntityInterface $client) { $username = $this->getRequestParameter('username', $request); if (is_null($username)) { throw OAuthServerException::invalidRequest('username'); } $password = $this->getRequestParameter('password', $request); if (is_null($password)) { throw OAuthServerException::invalidRequest('password'); } $user = $this->userRepository->getUserEntityByUserCredentials($username, $password, $this->getIdentifier(), $client); if (!$user instanceof UserEntityInterface) { $this->getEmitter()->emit(new RequestEvent(RequestEvent::USER_AUTHENTICATION_FAILED, $request)); throw OAuthServerException::invalidCredentials(); } return $user; }
public function getUserEntityByUserCredentials($username, $password, $grantType, ClientEntityInterface $clientEntity) { $builder = (new Builder())->columns(['User.id', 'User.username', 'User.password'])->addFrom(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\User::class, 'User')->where('User.username = :username:'******'username'))->limit(1); if ($this->getConfig()->limit_users_to_clients === true) { $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\UserClient::class, 'UserClient.user_id = User.id', 'UserClient')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Client::class, 'Client.id = UserClient.client_id', 'Client')->andWhere('Client.id = :client_id:', ['client_id' => $clientEntity->getIdentifier()]); } if ($this->getConfig()->limit_users_to_grants === true) { $builder->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\UserGrant::class, 'UserGrant.user_id = User.id', 'UserGrant')->innerJoin(\Ivyhjk\OAuth2\Server\Adapter\Phalcon\Model\Grant::class, 'Grant.id = UserGrant.grant_id', 'Grant')->andWhere('Grant.id = :grantType:', compact('grantType')); } $query = $builder->getQuery(); $result = $query->getSingleResult(); if (!$result) { throw OAuthServerException::invalidCredentials(); } $security = new Security(); if ($security->checkHash($password, $result->password) !== true) { throw OAuthServerException::invalidCredentials(); } $user = new UserEntity(); $user->setIdentifier($result->id); return $user; }