diff options
Diffstat (limited to 'infrastructure/Auth')
| -rw-r--r-- | infrastructure/Auth/AuthServiceProvider.php | 41 | ||||
| -rw-r--r-- | infrastructure/Auth/Controllers/LoginController.php | 38 | ||||
| -rw-r--r-- | infrastructure/Auth/Exceptions/InvalidCredentialsException.php | 13 | ||||
| -rw-r--r-- | infrastructure/Auth/LoginProxy.php | 129 | ||||
| -rw-r--r-- | infrastructure/Auth/Middleware/AccessTokenChecker.php | 37 | ||||
| -rw-r--r-- | infrastructure/Auth/Requests/LoginRequest.php | 21 | ||||
| -rw-r--r-- | infrastructure/Auth/routes_protected.php | 3 | ||||
| -rw-r--r-- | infrastructure/Auth/routes_public.php | 4 |
8 files changed, 0 insertions, 286 deletions
diff --git a/infrastructure/Auth/AuthServiceProvider.php b/infrastructure/Auth/AuthServiceProvider.php deleted file mode 100644 index 7f09b7d..0000000 --- a/infrastructure/Auth/AuthServiceProvider.php +++ /dev/null @@ -1,41 +0,0 @@ -<?php - -namespace Infrastructure\Auth; - -use Carbon\Carbon; -use Laravel\Passport\Passport; -use Illuminate\Support\Facades\Gate; -use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider; - -class AuthServiceProvider extends ServiceProvider -{ - /** - * The policy mappings for the application. - * - * @var array - */ - protected $policies = [ - 'App\Model' => 'App\Policies\ModelPolicy', - ]; - - /** - * Register any authentication / authorization services. - * - * @return void - */ - public function boot() - { - $this->registerPolicies(); - - Passport::routes(function ($router) { - $router->forAccessTokens(); - // Uncomment for allowing personal access tokens - // $router->forPersonalAccessTokens(); - $router->forTransientTokens(); - }); - - Passport::tokensExpireIn(Carbon::now()->addYears(10)); - - Passport::refreshTokensExpireIn(Carbon::now()->addDays(365)); - } -}
\ No newline at end of file diff --git a/infrastructure/Auth/Controllers/LoginController.php b/infrastructure/Auth/Controllers/LoginController.php deleted file mode 100644 index a72f8a0..0000000 --- a/infrastructure/Auth/Controllers/LoginController.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php - -namespace Infrastructure\Auth\Controllers; - -use Illuminate\Http\Request; -use Infrastructure\Auth\LoginProxy; -use Infrastructure\Auth\Requests\LoginRequest; -use Infrastructure\Http\Controller; - -class LoginController extends Controller -{ - private $loginProxy; - - public function __construct(LoginProxy $loginProxy) - { - $this->loginProxy = $loginProxy; - } - - public function login(LoginRequest $request) - { - $email = $request->get('email'); - $password = $request->get('password'); - - return $this->response($this->loginProxy->attemptLogin($email, $password)); - } - - public function refresh(Request $request) - { - return $this->response($this->loginProxy->attemptRefresh()); - } - - public function logout() - { - $this->loginProxy->logout(); - - return $this->response(null, 204); - } -}
\ No newline at end of file diff --git a/infrastructure/Auth/Exceptions/InvalidCredentialsException.php b/infrastructure/Auth/Exceptions/InvalidCredentialsException.php deleted file mode 100644 index 45a8b6e..0000000 --- a/infrastructure/Auth/Exceptions/InvalidCredentialsException.php +++ /dev/null @@ -1,13 +0,0 @@ -<?php - -namespace Infrastructure\Auth\Exceptions; - -use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; - -class InvalidCredentialsException extends UnauthorizedHttpException -{ - public function __construct($message = null, \Exception $previous = null, $code = 0) - { - parent::__construct('', $message, $previous, $code); - } -}
\ No newline at end of file diff --git a/infrastructure/Auth/LoginProxy.php b/infrastructure/Auth/LoginProxy.php deleted file mode 100644 index c245e52..0000000 --- a/infrastructure/Auth/LoginProxy.php +++ /dev/null @@ -1,129 +0,0 @@ -<?php - -namespace Infrastructure\Auth; - -use Illuminate\Foundation\Application; -use Infrastructure\Auth\Exceptions\InvalidCredentialsException; -use Api\Users\Repositories\UserRepository; - -class LoginProxy -{ - const REFRESH_TOKEN = 'refreshToken'; - - private $apiConsumer; - - private $auth; - - private $cookie; - - private $db; - - private $request; - - private $userRepository; - - public function __construct(Application $app, UserRepository $userRepository) - { - $this->userRepository = $userRepository; - - $this->apiConsumer = $app->make('apiconsumer'); - $this->auth = $app->make('auth'); - $this->cookie = $app->make('cookie'); - $this->db = $app->make('db'); - $this->request = $app->make('request'); - } - - /** - * Attempt to create an access token using user credentials - * - * @param string $email - * @param string $password - */ - public function attemptLogin($email, $password) - { - $user = $this->userRepository->getWhere('email', $email)->first(); - - if (!is_null($user)) { - $TokenObject = $this->proxy('password', [ - 'username' => $email, - 'password' => $password - ]); - return array_merge($TokenObject, ['user_id' => $user->id]); - } - - - throw new InvalidCredentialsException(); - } - - /** - * Attempt to refresh the access token used a refresh token that - * has been saved in a cookie - */ - public function attemptRefresh() - { - $refreshToken = $this->request->cookie(self::REFRESH_TOKEN); - - return $this->proxy('refresh_token', [ - 'refresh_token' => $refreshToken - ]); - } - - /** - * Proxy a request to the OAuth server. - * - * @param string $grantType what type of grant type should be proxied - * @param array $data the data to send to the server - */ - public function proxy($grantType, array $data = []) - { - $data = array_merge($data, [ - 'client_id' => env('PASSWORD_CLIENT_ID'), - 'client_secret' => env('PASSWORD_CLIENT_SECRET'), - 'grant_type' => $grantType - ]); - - $response = $this->apiConsumer->post('/oauth/token', $data); - - if (!$response->isSuccessful()) { - throw new InvalidCredentialsException(); - } - - $data = json_decode($response->getContent()); - - // Create a refresh token cookie - $this->cookie->queue( - self::REFRESH_TOKEN, - $data->refresh_token, - 864000, // 10 days - null, - null, - false, - true // HttpOnly - ); - - return [ - 'access_token' => $data->access_token, - 'expires_in' => $data->expires_in - ]; - } - - /** - * Logs out the user. We revoke access token and refresh token. - * Also instruct the client to forget the refresh cookie. - */ - public function logout() - { - $accessToken = $this->auth->user()->token(); - - $refreshToken = $this->db - ->table('oauth_refresh_tokens') - ->where('access_token_id', $accessToken->id) - ->update([ - 'revoked' => true - ]); - - $accessToken->revoke(); - - $this->cookie->queue($this->cookie->forget(self::REFRESH_TOKEN)); - } -} diff --git a/infrastructure/Auth/Middleware/AccessTokenChecker.php b/infrastructure/Auth/Middleware/AccessTokenChecker.php deleted file mode 100644 index f79f5cb..0000000 --- a/infrastructure/Auth/Middleware/AccessTokenChecker.php +++ /dev/null @@ -1,37 +0,0 @@ -<?php - -namespace Infrastructure\Auth\Middleware; - -use Closure; -use Illuminate\Foundation\Application; -use Illuminate\Auth\Middleware\Authenticate; -use Illuminate\Auth\AuthenticationException; -use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException; - -class AccessTokenChecker -{ - private $app; - - private $oAuthMiddleware; - - public function __construct( - Application $app, - Authenticate $authenticate - ) { - $this->app = $app; - $this->authenticate = $authenticate; - } - - public function handle($request, Closure $next, $scopesString = null) - { - if ($this->app->environment() !== 'testing') { - try { - return $this->authenticate->handle($request, $next, 'api'); - } catch (AuthenticationException $e) { - throw new UnauthorizedHttpException('Challenge'); - } - } - - return $next($request); - } -} diff --git a/infrastructure/Auth/Requests/LoginRequest.php b/infrastructure/Auth/Requests/LoginRequest.php deleted file mode 100644 index 5c5a3bb..0000000 --- a/infrastructure/Auth/Requests/LoginRequest.php +++ /dev/null @@ -1,21 +0,0 @@ -<?php - -namespace Infrastructure\Auth\Requests; - -use Infrastructure\Http\ApiRequest; - -class LoginRequest extends ApiRequest -{ - public function authorize() - { - return true; - } - - public function rules() - { - return [ - 'email' => 'required|email', - 'password' => 'required' - ]; - } -} diff --git a/infrastructure/Auth/routes_protected.php b/infrastructure/Auth/routes_protected.php deleted file mode 100644 index 0fe814f..0000000 --- a/infrastructure/Auth/routes_protected.php +++ /dev/null @@ -1,3 +0,0 @@ -<?php - -$router->post('/logout', 'LoginController@logout');
\ No newline at end of file diff --git a/infrastructure/Auth/routes_public.php b/infrastructure/Auth/routes_public.php deleted file mode 100644 index 79f5b51..0000000 --- a/infrastructure/Auth/routes_public.php +++ /dev/null @@ -1,4 +0,0 @@ -<?php - -$router->post('/login', 'LoginController@login'); -$router->post('/login/refresh', 'LoginController@refresh');
\ No newline at end of file |