2016-02-14 20:50:10 +03:00
|
|
|
<?php
|
2016-11-27 00:43:42 +03:00
|
|
|
namespace api\components\OAuth2\Storage;
|
2016-02-14 20:50:10 +03:00
|
|
|
|
2016-12-18 02:20:53 +03:00
|
|
|
use api\components\OAuth2\Entities\ClientEntity;
|
2016-11-27 00:43:42 +03:00
|
|
|
use api\components\OAuth2\Entities\ScopeEntity;
|
2016-02-14 20:50:10 +03:00
|
|
|
use common\models\OauthScope;
|
|
|
|
use League\OAuth2\Server\Storage\AbstractStorage;
|
|
|
|
use League\OAuth2\Server\Storage\ScopeInterface;
|
2016-12-18 02:20:53 +03:00
|
|
|
use yii\base\ErrorException;
|
2016-02-14 20:50:10 +03:00
|
|
|
|
|
|
|
class ScopeStorage extends AbstractStorage implements ScopeInterface {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritdoc
|
|
|
|
*/
|
|
|
|
public function get($scope, $grantType = null, $clientId = null) {
|
2016-12-18 02:20:53 +03:00
|
|
|
$query = OauthScope::find();
|
|
|
|
if ($grantType === 'authorization_code') {
|
|
|
|
$query->onlyPublic()->usersScopes();
|
|
|
|
} elseif ($grantType === 'client_credentials') {
|
|
|
|
$query->machineScopes();
|
|
|
|
$isTrusted = false;
|
|
|
|
if ($clientId !== null) {
|
|
|
|
$client = $this->server->getClientStorage()->get($clientId);
|
|
|
|
if (!$client instanceof ClientEntity) {
|
|
|
|
throw new ErrorException('client storage must return instance of ' . ClientEntity::class);
|
|
|
|
}
|
|
|
|
|
|
|
|
$isTrusted = $client->isTrusted();
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!$isTrusted) {
|
|
|
|
$query->onlyPublic();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
$scopes = $query->all();
|
2016-12-09 23:42:07 +03:00
|
|
|
if (!in_array($scope, $scopes, true)) {
|
2016-02-14 20:50:10 +03:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
|
|
|
|
$entity = new ScopeEntity($this->server);
|
2016-11-27 19:19:13 +03:00
|
|
|
$entity->setId($scope);
|
2016-02-14 20:50:10 +03:00
|
|
|
|
|
|
|
return $entity;
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|