public function getBearerToken(Request $request = null, $removeFromRequest = false)
{
if ($request === null) {
$request = Request::createFromGlobals();
}
$tokens = array();
$token = $this->getBearerTokenFromHeaders($request, $removeFromRequest);
if ($token !== null) {
$tokens[] = $token;
}
$token = $this->getBearerTokenFromFormEncodedBody($request, $removeFromRequest);
if ($token !== null) {
$tokens[] = $token;
}
$token = $this->getBearerTokenFromQuery($request, $removeFromRequest);
if ($token !== null) {
$tokens[] = $token;
}
if (count($tokens) > 1) {
$realm = $this->getVariable(self::CONFIG_WWW_REALM);
$tokenType = $this->getVariable(self::CONFIG_TOKEN_TYPE);
throw new OAuth2AuthenticateException(self::HTTP_BAD_REQUEST, $tokenType, $realm, self::ERROR_INVALID_REQUEST, 'Only one method may be used to authenticate at a time (Auth header, GET or POST).');
}
if (count($tokens) < 1) {
// Don't throw exception here as we may want to allow non-authenticated
// requests.
return null;
}
return reset($tokens);
}