PonyMirrors/Pony.fm
1
0
Fork 0
mirror of https://github.com/Poniverse/Pony.fm.git synced 2025-02-16 18:14:23 +01:00
Code Issues Projects Releases Packages Wiki Activity

Added support for authorising oauth2 endpoints with the bearer header

Browse source
This commit is contained in:
Adam Lavin 2016-01-01 21:11:28 +00:00
parent 6b026e8551
commit 3399f3e223
1 changed files with 17 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
app/Http/Middleware/AuthenticateOAuth.php
View file

@ -64,7 +64,7 @@ class AuthenticateOAuth
public function handle(Request $request, Closure $next, $requiredScope) public function handle(Request $request, Closure $next, $requiredScope)
{ {
// Ensure this is a valid OAuth client. // Ensure this is a valid OAuth client.
$accessToken = $request->get('access_token'); $accessToken = $this->determineAccessToken($request, false);
// check that access token is valid at Poniverse.net // check that access token is valid at Poniverse.net
$accessTokenInfo = $this->poniverse->getAccessTokenInfo($accessToken); $accessTokenInfo = $this->poniverse->getAccessTokenInfo($accessToken);
@ -88,4 +88,20 @@ class AuthenticateOAuth
return $next($request); return $next($request);
} }
private function determineAccessToken(Request $request, $headerOnly = true)
{
$header = $request->header('Authorization');
if ($header !== null && substr($header, 0, 7) === 'Bearer ') {
return trim(substr($header, 7));
}
if ($headerOnly) {
return null;
}
return $request->get('access_token');
}
} }