protected function getBearerTokenFromFormEncodedBody(Request $request, $removeFromRequest)
{
if (false === $request->server->has('CONTENT_TYPE')) {
return null;
}
$contentType = $request->server->get('CONTENT_TYPE');
if (!preg_match('/^application\\/x-www-form-urlencoded([\\s|;].*)?$/', $contentType)) {
return null;
}
if ('GET' === $request->getMethod()) {
return null;
}
// S2 request only decodes form encoded parameters for PUT, DELETE, PATCH. Because we are not so picky, we can't use Request::$request parameter bag...
$body = $request->getContent();
parse_str($body, $parameters);
if (false === is_array($parameters)) {
return null;
}
if (false === array_key_exists(self::TOKEN_PARAM_NAME, $parameters)) {
return null;
}
$token = $parameters[self::TOKEN_PARAM_NAME];
if ($removeFromRequest) {
// S2 request content is immutable, so we can't do nothing more than crippled implementation below...
if (true === $request->request->has(self::TOKEN_PARAM_NAME)) {
$request->request->remove(self::TOKEN_PARAM_NAME);
}
}
return $token;
}
