OAuth2\OAuth2::getBearerToken PHP Method

OAuth2 Class Documentation Usage Examples Of OAuth2\OAuth2::getBearerToken Show file Open project: friendsofsymfony/oauth2-php

getBearerToken() public method

As per the Bearer spec (draft 8, section 2) - there are three ways for a client to specify the bearer token, in order of preference: Authorization Header, POST and GET. NB: Resource servers MUST accept tokens via the Authorization scheme (http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08#section-2).

See also: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08#section-2.1

See also: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08#section-2.2

See also: http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-08#section-2.3

public getBearerToken ( Request $request = null, boolean $removeFromRequest = false ) : string \| null
$request	Symfony\Component\HttpFoundation\Request
$removeFromRequest	boolean
return	string \| null

    public function getBearerToken(Request $request = null, $removeFromRequest = false)
    {
        if ($request === null) {
            $request = Request::createFromGlobals();
        }
        $tokens = array();
        $token = $this->getBearerTokenFromHeaders($request, $removeFromRequest);
        if ($token !== null) {
            $tokens[] = $token;
        }
        $token = $this->getBearerTokenFromFormEncodedBody($request, $removeFromRequest);
        if ($token !== null) {
            $tokens[] = $token;
        }
        $token = $this->getBearerTokenFromQuery($request, $removeFromRequest);
        if ($token !== null) {
            $tokens[] = $token;
        }
        if (count($tokens) > 1) {
            $realm = $this->getVariable(self::CONFIG_WWW_REALM);
            $tokenType = $this->getVariable(self::CONFIG_TOKEN_TYPE);
            throw new OAuth2AuthenticateException(self::HTTP_BAD_REQUEST, $tokenType, $realm, self::ERROR_INVALID_REQUEST, 'Only one method may be used to authenticate at a time (Auth header, GET or POST).');
        }
        if (count($tokens) < 1) {
            // Don't throw exception here as we may want to allow non-authenticated
            // requests.
            return null;
        }
        return reset($tokens);
    }

Usage Example

Example #1

Show file

File: ClarolineApiListener.php Project: ngydat/CoreBundle

 /**
  * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event The event.
  */
 public function handle(GetResponseEvent $event)
 {
     $request = $event->getRequest();
     if (null === ($oauthToken = $this->serverService->getBearerToken($event->getRequest(), true))) {
         //if it's null, then we try to regular authentication...
         $token = $this->handleCookie($event);
         if ($token) {
             $this->securityContext->setToken($token);
             return;
         }
     }
     $token = new OAuthToken();
     $token->setToken($oauthToken);
     $returnValue = $this->authenticationManager->authenticate($token);
     try {
         $returnValue = $this->authenticationManager->authenticate($token);
         if ($returnValue instanceof TokenInterface) {
             return $this->securityContext->setToken($returnValue);
         }
         if ($returnValue instanceof Response) {
             return $event->setResponse($returnValue);
         }
     } catch (AuthenticationException $e) {
         if (null !== ($p = $e->getPrevious())) {
             $event->setResponse($p->getHttpResponse());
         }
     }
 }

All Usage Examples Of OAuth2\OAuth2::getBearerToken

OAuth2

__construct

buildUri

checkScope

createAccessToken

createAuthCode

createRedirectUriCallbackResponse

finishClientAuthorization

genAccessToken

genAuthCode

getAuthorizationHeader