/** * @param AccessControlEvent $accessControlEvent */ public function __invoke(AccessControlEvent $accessControlEvent) { $routeMatch = $accessControlEvent->getMvcEvent()->getRouteMatch(); $resourceIdentifier = $routeMatch->getParam('resource'); $resource = call_user_func($this->getResourceLocatorService(), $resourceIdentifier); if ($resource instanceof Resource) { $accessControlEvent->setResource($resource); } }
/** * Determine if we have an authentication failure, and, if so, return a 401 response * * @param AccessControlEvent $accessControlEvent * @return \Parrot\API\Problem\Response\ProblemResponse|\Zend\Stdlib\ResponseInterface */ public function __invoke(AccessControlEvent $accessControlEvent) { $result = $accessControlEvent->getAuthenticationResult(); if ($result->isValid()) { return; } $mvcEvent = $accessControlEvent->getMvcEvent(); $response = $mvcEvent->getResponse(); if (!$response instanceof HttpResponse) { return $response; } return new ProblemResponse(new Problem(401, 'Unauthorized')); }
/** * Authorization authenticated Identity to access Resource * * @param AccessControlEvent $accessControlEvent * @return bool */ public function __invoke(AccessControlEvent $accessControlEvent) { // Have we Authenticated against OAuth? $identity = $accessControlEvent->getIdentity(); if ($identity instanceof OAuth2Authenticated) { // Did we locate a valid API Resource $resource = $accessControlEvent->getResource(); if ($resource instanceof Resource) { $accessToken = $identity->getAccessToken(); // Check if Resource identifier is in available scope if (isset($accessToken['scope']) && in_array($resource->getIdentifier(), explode(", ", $accessToken['scope']))) { $method = $accessControlEvent->getMvcEvent()->getRequest()->getMethod(); return $this->isAuthorized($identity, $resource, $method); } } } }