-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathAuthenticationMethodManager.php
More file actions
126 lines (106 loc) · 3.63 KB
/
AuthenticationMethodManager.php
File metadata and controls
126 lines (106 loc) · 3.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<?php
declare(strict_types=1);
/*
* The MIT License (MIT)
*
* Copyright (c) 2014-2019 Spomky-Labs
*
* This software may be modified and distributed under the terms
* of the MIT license. See the LICENSE file for details.
*/
namespace OAuth2Framework\Component\ResourceServerAuthentication;
use function Safe\sprintf;
use OAuth2Framework\Component\Core\Message\OAuth2Error;
use OAuth2Framework\Component\Core\ResourceServer\ResourceServer;
use OAuth2Framework\Component\Core\ResourceServer\ResourceServerId;
use Psr\Http\Message\ServerRequestInterface;
class AuthenticationMethodManager
{
/**
* @var AuthenticationMethod[]
*/
private array $methods = [];
/**
* @var string[]
*/
private array $names = [];
public function add(AuthenticationMethod $method): void
{
$class = \get_class($method);
$this->methods[$class] = $method;
foreach ($method->getSupportedMethods() as $name) {
$this->names[$name] = $class;
}
}
/**
* @return string[]
*/
public function list(): array
{
return array_keys($this->names);
}
public function has(string $name): bool
{
return \array_key_exists($name, $this->names);
}
public function get(string $name): AuthenticationMethod
{
if (!$this->has($name)) {
throw new \InvalidArgumentException(sprintf('The resource server authentication method "%s" is not supported. Please use one of the following values: %s', $name, implode(', ', $this->list())));
}
$class = $this->names[$name];
return $this->methods[$class];
}
/**
* @return AuthenticationMethod[]
*/
public function all(): array
{
return array_values($this->methods);
}
/**
* @param mixed $resourceServerCredentials The resource server credentials found in the request
*/
public function findResourceServerIdAndCredentials(ServerRequestInterface $request, AuthenticationMethod &$authenticationMethod = null, &$resourceServerCredentials = null): ?ResourceServerId
{
$resourceServerId = null;
$resourceServerCredentials = null;
foreach ($this->methods as $method) {
$tempResourceServerId = $method->findResourceServerIdAndCredentials($request, $resourceServerCredentials);
if (null === $tempResourceServerId) {
continue;
}
if (null === $resourceServerId) {
$resourceServerId = $tempResourceServerId;
$authenticationMethod = $method;
continue;
}
throw OAuth2Error::invalidRequest('Only one authentication method may be used to authenticate the resource server.');
}
return $resourceServerId;
}
/**
* @param mixed $resourceServerCredentials
*/
public function isResourceServerAuthenticated(ServerRequestInterface $request, ResourceServer $resourceServer, AuthenticationMethod $authenticationMethod, $resourceServerCredentials): bool
{
if (\in_array($resourceServer->getAuthenticationMethod(), $authenticationMethod->getSupportedMethods(), true)) {
return $authenticationMethod->isResourceServerAuthenticated($resourceServer, $resourceServerCredentials, $request);
}
return false;
}
/**
* @return string[]
*/
public function getSchemesParameters(): array
{
$schemes = [];
foreach ($this->all() as $method) {
$schemes = array_merge(
$schemes,
$method->getSchemesParameters()
);
}
return $schemes;
}
}