You are here

Home » API reference » Simple OAuth (OAuth2) & OpenID Connect 5.x » DisallowSimpleOauthRequests.php » DisallowSimpleOauthRequests

public function DisallowSimpleOauthRequests::isOauth2Request in Simple OAuth (OAuth2) & OpenID Connect 5.x

Same name and namespace in other branches
  1. 8.4 src/PageCache/DisallowSimpleOauthRequests.php \Drupal\simple_oauth\PageCache\DisallowSimpleOauthRequests::isOauth2Request()
  2. 8.3 src/PageCache/DisallowSimpleOauthRequests.php \Drupal\simple_oauth\PageCache\DisallowSimpleOauthRequests::isOauth2Request()

Returns a state whether the request has an OAuth2 access token.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The incoming request object.

Return value

bool A state whether the request has an OAuth2 access token.

Overrides SimpleOauthRequestPolicyInterface::isOauth2Request

1 call to DisallowSimpleOauthRequests::isOauth2Request()
DisallowSimpleOauthRequests::check in src/PageCache/DisallowSimpleOauthRequests.php
Determines whether delivery of a cached page should be attempted.

File

src/PageCache/DisallowSimpleOauthRequests.php, line 17

Class

DisallowSimpleOauthRequests
Do not serve a page from cache if OAuth2 authentication is applicable.

Namespace

Drupal\simple_oauth\PageCache

Code

public function isOauth2Request(Request $request) {

  // Check the header. See: http://tools.ietf.org/html/rfc6750#section-2.1
  // We have to perform also an exact match, as if no token is provided then
  // the LWS might be stripped, but we still have to detect this as OAuth2
  // authentication. See: https://www.ietf.org/rfc/rfc2616.txt
  $auth_header = trim($request->headers
    ->get('Authorization', '', TRUE));
  return strpos($auth_header, 'Bearer ') !== FALSE || $auth_header === 'Bearer';
}