← Back to branch summary

~xibo-maintainers/xibo/tempel

« back to all changes in this revision

Viewing changes to lib/Middleware/ApiAuthenticationOAuth.php

  • Committer: Dan Garner
  • Date: 2016-02-18 16:07:16 UTC
  • mfrom: (454.4.137)
  • Revision ID: git-v1:8867f12675bc9e0e67e7e622c80da7471b9f294a
Merge pull request #139 from dasgarner/feature/nested-display-groups

Feature/nested display groups

Show diffs side-by-side

added added

removed removed

Lines of Context:
lib/Middleware/ApiAuthenticationOAuth.php
24
24
 
25
25
use League\OAuth2\Server\ResourceServer;
26
26
use Slim\Middleware;
 
27
use Xibo\Factory\UserFactory;
27
28
 
28
29
class ApiAuthenticationOAuth extends Middleware
29
30
{
31
32
    {
32
33
        $app = $this->app;
33
34
 
34
 
        // oAuth Resource
35
 
        $sessionStorage = new \Xibo\Storage\ApiSessionStorage($app->store);
36
 
        $accessTokenStorage = new \Xibo\Storage\ApiAccessTokenStorage($app->store);
37
 
        $clientStorage = new \Xibo\Storage\ApiClientStorage($app->store);
38
 
        $scopeStorage = new \Xibo\Storage\ApiScopeStorage($app->store);
39
 
 
40
 
        $server = new \League\OAuth2\Server\ResourceServer(
41
 
            $sessionStorage,
42
 
            $accessTokenStorage,
43
 
            $clientStorage,
44
 
            $scopeStorage
45
 
        );
46
 
 
47
 
        // DI in the server
48
 
        $app->server = $server;
49
 
 
50
35
        $isAuthorised = function() use ($app) {
51
36
            // Validate we are a valid auth
52
37
            /* @var ResourceServer $server */
53
38
            $server = $this->app->server;
54
39
 
55
 
            $server->isValidRequest(false);
56
 
 
57
 
            /* @var \Xibo\Entity\User $user */
58
 
            $user = null;
 
40
            $app->server->isValidRequest(false);
59
41
 
60
42
            // What type of access has been requested?
61
43
            if ($server->getAccessToken()->getSession()->getOwnerType() == 'user')
62
 
                $user = $app->userFactory->getById($server->getAccessToken()->getSession()->getOwnerId());
 
44
                $this->app->user = UserFactory::loadById($server->getAccessToken()->getSession()->getOwnerId());
63
45
            else
64
 
                $user = $app->userFactory->loadByClientId($server->getAccessToken()->getSession()->getOwnerId());
65
 
 
66
 
            $user->setChildAclDependencies($app->userGroupFactory, $app->pageFactory);
67
 
 
68
 
            $user->load();
69
 
 
70
 
            $this->app->user = $user;
 
46
                $this->app->user = UserFactory::loadByClientId($server->getAccessToken()->getSession()->getOwnerId());
71
47
 
72
48
            // Get the current route pattern
73
49
            $resource = $app->router->getCurrentRoute()->getPattern();
74
50
 
75
51
            // Do they have permission?
76
 
            $this->app->user->routeAuthentication($resource, $app->request()->getMethod(), $server->getAccessToken()->getScopes());
 
52
            $this->app->user->routeAuthentication($resource);
77
53
        };
78
54
 
79
55
        $app->hook('slim.before.dispatch', $isAuthorised);