You are here

Home » API reference » Simple OAuth (OAuth2) & OpenID Connect 5.x » SimpleOauthAuthenticationProvider.php » SimpleOauthAuthenticationProvider

public function SimpleOauthAuthenticationProvider::authenticate in Simple OAuth (OAuth2) & OpenID Connect 5.x

Same name and namespace in other branches
  1. 8.4 src/Authentication/Provider/SimpleOauthAuthenticationProvider.php \Drupal\simple_oauth\Authentication\Provider\SimpleOauthAuthenticationProvider::authenticate()
  2. 8 src/Authentication/Provider/SimpleOauthAuthenticationProvider.php \Drupal\simple_oauth\Authentication\Provider\SimpleOauthAuthenticationProvider::authenticate()
  3. 8.2 src/Authentication/Provider/SimpleOauthAuthenticationProvider.php \Drupal\simple_oauth\Authentication\Provider\SimpleOauthAuthenticationProvider::authenticate()
  4. 8.3 src/Authentication/Provider/SimpleOauthAuthenticationProvider.php \Drupal\simple_oauth\Authentication\Provider\SimpleOauthAuthenticationProvider::authenticate()

Throws

\Drupal\Component\Plugin\Exception\InvalidPluginDefinitionException

\Drupal\Component\Plugin\Exception\PluginNotFoundException

\Drupal\Core\Entity\EntityStorageException

\League\OAuth2\Server\Exception\OAuthServerException

Overrides AuthenticationProviderInterface::authenticate

File

src/Authentication/Provider/SimpleOauthAuthenticationProvider.php, line 72

Class

SimpleOauthAuthenticationProvider
@internal

Namespace

Drupal\simple_oauth\Authentication\Provider

Code

public function authenticate(Request $request) {

  // Update the request with the OAuth information.
  try {
    $auth_request = $this->resourceServer
      ->validateAuthenticatedRequest($request);
  } catch (OAuthServerException $exception) {

    // Procedural code here is hard to avoid.
    watchdog_exception('simple_oauth', $exception);
    throw new HttpException($exception
      ->getHttpStatusCode(), $exception
      ->getHint(), $exception);
  }
  $tokens = $this->entityTypeManager
    ->getStorage('oauth2_token')
    ->loadByProperties([
    'value' => $auth_request
      ->get('oauth_access_token_id'),
  ]);
  $token = reset($tokens);
  $account = new TokenAuthUser($token);

  // Revoke the access token for the blocked user.
  if ($account
    ->isBlocked() && $account
    ->isAuthenticated()) {
    $token
      ->revoke();
    $token
      ->save();
    $exception = OAuthServerException::accessDenied(t('%name is blocked or has not been activated yet.', [
      '%name' => $account
        ->getAccountName(),
    ]));
    watchdog_exception('simple_oauth', $exception);
    throw new HttpException($exception
      ->getHttpStatusCode(), $exception
      ->getHint(), $exception);
  }

  // Inherit uploaded files for the current request.

  /* @link https://www.drupal.org/project/drupal/issues/2934486 */
  $request->files
    ->add($auth_request->files
    ->all());

  // Set consumer ID header on successful authentication, so negotiators
  // will trigger correctly.
  $request->headers
    ->set('X-Consumer-ID', $account
    ->getConsumer()
    ->uuid());
  return $account;
}