Created
April 28, 2015 03:13
-
-
Save phindmarsh/11c80df8cd220c09b65c to your computer and use it in GitHub Desktop.
Masquerade grant type
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace MyApp\OAuth2\GrantType; | |
| use OAuth2\RequestInterface; | |
| use OAuth2\ResponseInterface; | |
| use OAuth2\Storage\ClientCredentialsInterface; | |
| use OAuth2\Storage\AccessTokenInterface; | |
| class MasqueradeGrant implements GrantTypeInterface { | |
| private $tokenStorage; | |
| public function __construct(AccessTokenInterface $tokenStorage) { | |
| $this->tokenStorage = $tokenStorage; | |
| } | |
| public function getQuerystringIdentifier() { | |
| return 'masquerade'; | |
| } | |
| public function validateRequest(RequestInterface $request, ResponseInterface $response) { | |
| if(!$this->clientAssertion->validateRequest($request, $response)) { | |
| return false; | |
| } | |
| if (!$request->request("token")) { | |
| $response->setError(400, 'invalid_request', 'An access token is required'); | |
| return null; | |
| } | |
| $access_token = $this->tokenStorage->getAccessToken($request->request('token')); | |
| if(!isset($access_token['expires']) || $access_token['expires'] < time()){ | |
| $response->setError(400, 'invalid_request', 'The access token has expired'); | |
| return null; | |
| } | |
| if(!isset($access_token['scope']) || !in_array('masquerade', explode(' ', $access_token['scope']))){ | |
| $response->setError(400, 'invalid_request', 'The access token does not have sufficient privilege'); | |
| return null; | |
| } | |
| $this->userInfo = User::loadById($request->request('user_id', $access_token['user_id'])); | |
| return true; | |
| } | |
| public function getClientId() | |
| { | |
| return null; | |
| } | |
| public function getUserId() | |
| { | |
| return $this->userInfo['user_id']; | |
| } | |
| public function getScope() | |
| { | |
| return isset($this->userInfo['scope']) ? $this->userInfo['scope'] : null; | |
| } | |
| public function createAccessToken(AccessTokenInterface $accessToken, $client_id, $user_id, $scope) | |
| { | |
| return $accessToken->createAccessToken($client_id, $user_id, $scope); | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| use MyApp\OAuth2\GrantType\MasqueradeGrant; | |
| $storage = new OAuth2\Server\Pdo(); | |
| $server = new OAuth2\Server($storage); | |
| $server->addGrantType(new MasqueradeGrant($app['sdk'], $storage, $app['oauth_jwt_token_storage']), 'console'); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I've removed a fair chunk from the
MasqueradeGrant.phpfile, so it probably won't work if you try to run it, but it should give you an idea.