2016-08-04 03:37:21 +05:30
|
|
|
|
<?php
|
|
|
|
|
|
namespace api\components\ApiUser;
|
|
|
|
|
|
|
2016-11-30 14:49:10 +05:30
|
|
|
|
use api\components\OAuth2\Entities\AccessTokenEntity;
|
2016-08-04 03:37:21 +05:30
|
|
|
|
use common\models\Account;
|
|
|
|
|
|
use common\models\OauthClient;
|
|
|
|
|
|
use common\models\OauthSession;
|
2016-11-30 14:49:10 +05:30
|
|
|
|
use Yii;
|
2016-08-04 03:37:21 +05:30
|
|
|
|
use yii\base\NotSupportedException;
|
|
|
|
|
|
use yii\web\IdentityInterface;
|
|
|
|
|
|
use yii\web\UnauthorizedHttpException;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2016-11-30 14:49:10 +05:30
|
|
|
|
* @property Account $account
|
|
|
|
|
|
* @property OauthClient $client
|
|
|
|
|
|
* @property OauthSession $session
|
|
|
|
|
|
* @property AccessTokenEntity $accessToken
|
2016-08-04 03:37:21 +05:30
|
|
|
|
*/
|
|
|
|
|
|
class Identity implements IdentityInterface {
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2016-11-30 14:49:10 +05:30
|
|
|
|
* @var AccessTokenEntity
|
2016-08-04 03:37:21 +05:30
|
|
|
|
*/
|
|
|
|
|
|
private $_accessToken;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
|
*/
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public static function findIdentityByAccessToken($token, $type = null): self {
|
|
|
|
|
|
/** @var AccessTokenEntity|null $model */
|
2016-11-30 14:49:10 +05:30
|
|
|
|
$model = Yii::$app->oauth->getAuthServer()->getAccessTokenStorage()->get($token);
|
2016-08-04 03:37:21 +05:30
|
|
|
|
if ($model === null) {
|
|
|
|
|
|
throw new UnauthorizedHttpException('Incorrect token');
|
|
|
|
|
|
} elseif ($model->isExpired()) {
|
|
|
|
|
|
throw new UnauthorizedHttpException('Token expired');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return new static($model);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-11-30 14:49:10 +05:30
|
|
|
|
private function __construct(AccessTokenEntity $accessToken) {
|
2016-08-04 03:37:21 +05:30
|
|
|
|
$this->_accessToken = $accessToken;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public function getAccount(): Account {
|
2016-08-04 03:37:21 +05:30
|
|
|
|
return $this->getSession()->account;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public function getClient(): OauthClient {
|
2016-08-04 03:37:21 +05:30
|
|
|
|
return $this->getSession()->client;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public function getSession(): OauthSession {
|
2016-11-30 14:49:10 +05:30
|
|
|
|
return OauthSession::findOne($this->_accessToken->getSessionId());
|
2016-08-04 03:37:21 +05:30
|
|
|
|
}
|
|
|
|
|
|
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public function getAccessToken(): AccessTokenEntity {
|
2016-08-04 03:37:21 +05:30
|
|
|
|
return $this->_accessToken;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2016-11-30 14:49:10 +05:30
|
|
|
|
* Этот метод используется для получения токена, к которому привязаны права.
|
2016-08-04 03:37:21 +05:30
|
|
|
|
* У нас права привязываются к токенам, так что возвращаем именно его id.
|
|
|
|
|
|
* @inheritdoc
|
|
|
|
|
|
*/
|
2016-12-18 04:50:53 +05:30
|
|
|
|
public function getId(): string {
|
2016-11-30 14:49:10 +05:30
|
|
|
|
return $this->_accessToken->getId();
|
2016-08-04 03:37:21 +05:30
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function getAuthKey() {
|
|
|
|
|
|
throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public function validateAuthKey($authKey) {
|
|
|
|
|
|
throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
public static function findIdentity($id) {
|
|
|
|
|
|
throw new NotSupportedException('This method used for cookie auth, except we using Bearer auth');
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
