From 8591fc7686c9752b22479cd5ccf6c99d75038fd1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Juli=C3=A1n=20Guti=C3=A9rrez?= Date: Sun, 17 Jan 2016 18:40:26 +0100 Subject: [PATCH] moved to authentication middleware --- examples/public/middleware_authentication.php | 61 +++++++++++++++++++ examples/public/password.php | 2 +- .../AuthenticationServerMiddleware.php | 51 ++++++++++++++++ src/Middleware/ResourceServerMiddleware.php | 1 - src/Server.php | 20 ------ 5 files changed, 113 insertions(+), 22 deletions(-) create mode 100644 examples/public/middleware_authentication.php create mode 100644 src/Middleware/AuthenticationServerMiddleware.php diff --git a/examples/public/middleware_authentication.php b/examples/public/middleware_authentication.php new file mode 100644 index 00000000..f9b525dc --- /dev/null +++ b/examples/public/middleware_authentication.php @@ -0,0 +1,61 @@ + [ + 'displayErrorDetails' => true, + ], + Server::class => function () { + + // Init our repositories + $clientRepository = new ClientRepository(); + $accessTokenRepository = new AccessTokenRepository(); + $scopeRepository = new ScopeRepository(); + $userRepository = new UserRepository(); + $refreshTokenRepository = new RefreshTokenRepository(); + + $privateKeyPath = 'file://' . __DIR__ . '/../private.key'; + $publicKeyPath = 'file://' . __DIR__ . '/../public.key'; + + // Setup the authorization server + $server = new Server( + $clientRepository, + $accessTokenRepository, + $scopeRepository, + $privateKeyPath, + $publicKeyPath + ); + + // Enable the grants + $server->enableGrantType( + new PasswordGrant($userRepository, $refreshTokenRepository), + new \DateInterval('PT1H') + ); + $server->enableGrantType( + new RefreshTokenGrant($refreshTokenRepository), + new \DateInterval('PT1H') + ); + + return $server; + } +]); + +$app->post('/access_token', function () { +})->add(new AuthenticationServerMiddleware($app->getContainer()->get(Server::class))); + +$app->run(); diff --git a/examples/public/password.php b/examples/public/password.php index 1be26880..036d1b4f 100644 --- a/examples/public/password.php +++ b/examples/public/password.php @@ -39,7 +39,7 @@ $app = new App([ $publicKeyPath ); - // Enable the client credentials grant on the server with a token TTL of 1 hour + // Enable the password grant on the server with a token TTL of 1 hour $server->enableGrantType( new PasswordGrant($userRepository, $refreshTokenRepository), new \DateInterval('PT1H') diff --git a/src/Middleware/AuthenticationServerMiddleware.php b/src/Middleware/AuthenticationServerMiddleware.php new file mode 100644 index 00000000..28bd39cb --- /dev/null +++ b/src/Middleware/AuthenticationServerMiddleware.php @@ -0,0 +1,51 @@ +server = $server; + } + + /** + * @param \Psr\Http\Message\ServerRequestInterface $request + * @param \Psr\Http\Message\ResponseInterface $response + * @param callable $next + * + * @return \Psr\Http\Message\ResponseInterface + */ + public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) + { + try { + $response = $server->respondToRequest($request, $response); + } catch (OAuthServerException $exception) { + return $exception->generateHttpResponse($response); + } catch (\Exception $exception) { + return $response->withStatus(500)->write($exception->getMessage()); + } + + if (in_array($response->getStatusCode(), [400, 401, 500])) { + return $response; + } + + // Pass the request and response on to the next responder in the chain + return $next($request, $response); + } +} diff --git a/src/Middleware/ResourceServerMiddleware.php b/src/Middleware/ResourceServerMiddleware.php index fda7861d..874a14c6 100644 --- a/src/Middleware/ResourceServerMiddleware.php +++ b/src/Middleware/ResourceServerMiddleware.php @@ -14,7 +14,6 @@ class ResourceServerMiddleware */ private $server; - /** * ResourceServerMiddleware constructor. * diff --git a/src/Server.php b/src/Server.php index 034173cc..a62e8b32 100644 --- a/src/Server.php +++ b/src/Server.php @@ -172,24 +172,4 @@ class Server implements EmitterAwareInterface return $tokenResponse->generateHttpResponse($response); } - - /** - * PSR7 middleware callable - * - * @param \Psr\Http\Message\ServerRequestInterface $request - * @param \Psr\Http\Message\ResponseInterface $response - * @param callable $next - * - * @return \Psr\Http\Message\ResponseInterface - */ - public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) - { - $response = $this->respondToRequest($request, $response); - - if (in_array($response->getStatusCode(), [400, 401, 500])) { - return $response; - } - - return $next($request, $response); - } }