public function BasicAuthSwap::handle in Simple OAuth (OAuth2) & OpenID Connect 5.x
Same name and namespace in other branches
- 8.4 src/HttpMiddleware/BasicAuthSwap.php \Drupal\simple_oauth\HttpMiddleware\BasicAuthSwap::handle()
- 8.2 src/HttpMiddleware/BasicAuthSwap.php \Drupal\simple_oauth\HttpMiddleware\BasicAuthSwap::handle()
- 8.3 src/HttpMiddleware/BasicAuthSwap.php \Drupal\simple_oauth\HttpMiddleware\BasicAuthSwap::handle()
Handles a Request to convert it to a Response.
If the request appears to be an OAuth2 token request with Basic Auth, swap the Basic Auth credentials into the request body and then remove the Basic Auth credentials from the request so that core authentication is not performed later.
Parameters
\Symfony\Component\HttpFoundation\Request $request: The input request.
int $type: The type of the request. One of HttpKernelInterface::MASTER_REQUEST or HttpKernelInterface::SUB_REQUEST.
bool $catch: Whether to catch exceptions or not.
Return value
\Symfony\Component\HttpFoundation\Response A Response instance
Throws
\Exception When an Exception occurs during processing.
File
- src/
HttpMiddleware/ BasicAuthSwap.php, line 52
Class
- BasicAuthSwap
- Uses the basic auth information to provide the client credentials for OAuth2.
Namespace
Drupal\simple_oauth\HttpMiddlewareCode
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) {
if (strpos($request
->getPathInfo(), '/oauth/token') !== FALSE && $request->headers
->has('PHP_AUTH_USER') && $request->headers
->has('PHP_AUTH_PW')) {
// Swap the Basic Auth credentials into the request data.
$request->request
->set('client_id', $request->headers
->get('PHP_AUTH_USER'));
$request->request
->set('client_secret', $request->headers
->get('PHP_AUTH_PW'));
// Remove the Basic Auth credentials to prevent later authentication.
$request->headers
->remove('PHP_AUTH_USER');
$request->headers
->remove('PHP_AUTH_PW');
}
return $this->httpKernel
->handle($request, $type, $catch);
}