You are here

Home » API reference » RESTful 7.2 » OAuth2ServerAuthentication.php

class OAuth2ServerAuthentication in RESTful 7.2

Authentication support for oauth2_server.

Plugin annotation


@Authentication(
  id = "oauth2",
  label = "OAuth2 authentication",
  description = "Authenticate requests based on oauth2_server auth.",
)

Hierarchy

Expanded class hierarchy of OAuth2ServerAuthentication

File

src/Plugin/authentication/OAuth2ServerAuthentication.php, line 20

Namespace

Drupal\restful\Plugin\authentication
View source 
class OAuth2ServerAuthentication extends Authentication {

  /**
   * The resource manager.
   *
   * @var \Drupal\restful\Resource\ResourceManagerInterface
   */
  protected $resourceManager;
  public function __construct(array $configuration, $plugin_id, $plugin_definition) {
    parent::__construct($configuration, $plugin_id, $plugin_definition);
    $this->resourceManager = restful()
      ->getResourceManager();
  }

  /**
   * {@inheritdoc}
   */
  public function applies(RequestInterface $request) {
    return module_exists('oauth2_server') && $this
      ->getOAuth2Info($request);
  }

  /**
   * {@inheritdoc}
   */
  public function authenticate(RequestInterface $request) {
    $oauth2_info = $this
      ->getOAuth2Info($request);
    if (!$oauth2_info) {
      throw new ServerConfigurationException('The resource uses OAuth2 authentication but does not specify the OAuth2 server.');
    }
    $result = oauth2_server_check_access($oauth2_info['server'], $oauth2_info['scope']);
    if ($result instanceof \OAuth2\Response) {
      throw new UnauthorizedException($result
        ->getResponseBody(), $result
        ->getStatusCode());
    }
    elseif (empty($result['user_id'])) {
      return NULL;
    }
    return user_load($result['user_id']);
  }

  /**
   * Get OAuth2 information from the request.
   *
   * @param \Drupal\restful\Http\RequestInterface $request
   *   The request.
   *
   * @return array|null
   *   Simple associative array with the following keys:
   *   - server: The OAuth2 server to authenticate against.
   *   - scope: The scope required for the resource.
   */
  protected function getOAuth2Info(RequestInterface $request) {
    $plugin_id = $this
      ->getResourcePluginIdFromRequest();
    if (!$plugin_id) {

      // If the plugin can't be determined, it is probably not a request to the
      // resource but something else that is just loading all the plugins.
      return NULL;
    }
    $plugin_definition = ResourcePluginManager::create('cache', $request)
      ->getDefinition($plugin_id);
    if (empty($plugin_definition['oauth2Server'])) {
      return NULL;
    }
    $server = $plugin_definition['oauth2Server'];
    $scope = !empty($plugin_definition['oauth2Scope']) ? $plugin_definition['oauth2Scope'] : '';
    return [
      'server' => $server,
      'scope' => $scope,
    ];
  }

  /**
   * Get the resource plugin id requested.
   *
   * @return null|string
   *   The plugin id of the resource that was requested.
   */
  protected function getResourcePluginIdFromRequest() {
    $resource_name = $this->resourceManager
      ->getResourceIdFromRequest();
    $version = $this->resourceManager
      ->getVersionFromRequest();
    if (!$resource_name || !$version) {
      return NULL;
    }
    return $resource_name . PluginBase::DERIVATIVE_SEPARATOR . $version[0] . '.' . $version[1];
  }

}

Members

Namesort descending Modifiers Type Description Overrides
Authentication::$settings protected property Settings from the plugin definition.
Authentication::getName public function Get the name of the authentication plugin. Overrides AuthenticationInterface::getName
Authentication::TOKEN_VALUE constant Token value for token generation functions.
ConfigurablePluginTrait::$instanceConfiguration protected property Plugin instance configuration.
ConfigurablePluginTrait::calculateDependencies public function
ConfigurablePluginTrait::defaultConfiguration public function 1
ConfigurablePluginTrait::getConfiguration public function
ConfigurablePluginTrait::setConfiguration public function
OAuth2ServerAuthentication::$resourceManager protected property The resource manager.
OAuth2ServerAuthentication::applies public function Determines if the request can be checked for authentication. For example, when authenticating with HTTP header, return FALSE if the header values do not exist. Overrides Authentication::applies
OAuth2ServerAuthentication::authenticate public function Authenticate the request by trying to match a user. Overrides AuthenticationInterface::authenticate
OAuth2ServerAuthentication::getOAuth2Info protected function Get OAuth2 information from the request.
OAuth2ServerAuthentication::getResourcePluginIdFromRequest protected function Get the resource plugin id requested.
OAuth2ServerAuthentication::__construct public function