You are here

class ApiKeyAuth in Services API Key Authentication 8

Same name and namespace in other branches
  1. 8.2 src/Authentication/Provider/ApiKeyAuth.php \Drupal\services_api_key_auth\Authentication\Provider\ApiKeyAuth
  2. 3.0.x src/Authentication/Provider/ApiKeyAuth.php \Drupal\services_api_key_auth\Authentication\Provider\ApiKeyAuth
  3. 2.0.x src/Authentication/Provider/ApiKeyAuth.php \Drupal\services_api_key_auth\Authentication\Provider\ApiKeyAuth

HTTP Basic authentication provider.

Hierarchy

Expanded class hierarchy of ApiKeyAuth

1 string reference to 'ApiKeyAuth'
services_api_key_auth.services.yml in ./services_api_key_auth.services.yml
services_api_key_auth.services.yml
1 service uses ApiKeyAuth
authentication.services_api_key_auth in ./services_api_key_auth.services.yml
Drupal\services_api_key_auth\Authentication\Provider\ApiKeyAuth

File

src/Authentication/Provider/ApiKeyAuth.php, line 16

Namespace

Drupal\services_api_key_auth\Authentication\Provider
View source
class ApiKeyAuth implements AuthenticationProviderInterface {

  /**
   * The config factory.
   *
   * @var \Drupal\Core\Config\ConfigFactoryInterface
   */
  protected $configFactory;

  /**
   * The user auth service.
   *
   * @var \Drupal\user\UserAuthInterface
   */
  protected $userAuth;

  /**
   * The entity type manager.
   *
   * @var \Drupal\Core\Entity\EntityTypeManagerInterface
   */
  protected $entityTypeManager;

  /**
   * Constructs a HTTP basic authentication provider object.
   *
   * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
   *   The config factory.
   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
   *   The entity manager service.
   */
  public function __construct(ConfigFactoryInterface $config_factory, EntityTypeManagerInterface $entity_type_manager) {
    $this->configFactory = $config_factory;
    $this->entityTypeManager = $entity_type_manager;
  }

  /**
   * {@inheritdoc}
   */
  public function applies(Request $request) {

    // Only apply this validation if request has a valid accept value.
    return $this
      ->getKey($request) !== FALSE;
  }

  /**
   * {@inheritdoc}
   */
  public function authenticate(Request $request) {

    // Load config entity.
    $api_key_entities = \Drupal::entityTypeManager()
      ->getStorage('api_key')
      ->loadMultiple();
    foreach ($api_key_entities as $key_item) {
      if ($this
        ->getKey($request) == $key_item->key) {
        $accounts = $this->entityTypeManager
          ->getStorage('user')
          ->loadByProperties(array(
          'uuid' => $key_item->user_uuid,
        ));
        $account = reset($accounts);
        if (isset($account)) {
          return $account;
        }
        break;
      }
    }
    return [];
  }

  /**
   * {@inheritdoc}
   */
  public function cleanup(Request $request) {
  }

  /**
   * {@inheritdoc}
   */
  public function handleException(GetResponseForExceptionEvent $event) {
    $exception = $event
      ->getException();
    if ($exception instanceof AccessDeniedHttpException) {
      $event
        ->setException(new UnauthorizedHttpException('Invalid consumer origin.', $exception));
      return TRUE;
    }
    return FALSE;
  }

  /**
   * @param $request
   * @return bool
   */
  public function getKey(Request $request) {
    $form_api_key = $request
      ->get('api_key');
    if (!empty($form_api_key)) {
      return $form_api_key;
    }
    $query_api_key = $request->query
      ->get('api_key');
    if (!empty($form_api_key)) {
      return $query_api_key;
    }
    $header_api_key = $request->headers
      ->get('apikey');
    if (!empty($header_api_key)) {
      return $header_api_key;
    }
    return FALSE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ApiKeyAuth::$configFactory protected property The config factory.
ApiKeyAuth::$entityTypeManager protected property The entity type manager.
ApiKeyAuth::$userAuth protected property The user auth service.
ApiKeyAuth::applies public function Checks whether suitable authentication credentials are on the request. Overrides AuthenticationProviderInterface::applies
ApiKeyAuth::authenticate public function Authenticates the user. Overrides AuthenticationProviderInterface::authenticate
ApiKeyAuth::cleanup public function
ApiKeyAuth::getKey public function
ApiKeyAuth::handleException public function
ApiKeyAuth::__construct public function Constructs a HTTP basic authentication provider object.