2018-09-28 22:08:01 +02:00
|
|
|
<?php
|
2019-10-05 17:26:10 +02:00
|
|
|
|
2018-09-28 22:08:01 +02:00
|
|
|
declare(strict_types=1);
|
|
|
|
|
|
|
|
|
|
namespace Shlinkio\Shlink\Rest\Authentication\Plugin;
|
|
|
|
|
|
|
|
|
|
use Psr\Http\Message\ResponseInterface;
|
|
|
|
|
use Psr\Http\Message\ServerRequestInterface;
|
|
|
|
|
use Shlinkio\Shlink\Rest\Exception\VerifyAuthenticationException;
|
2018-09-29 08:34:47 +02:00
|
|
|
use Shlinkio\Shlink\Rest\Service\ApiKeyServiceInterface;
|
|
|
|
|
use Shlinkio\Shlink\Rest\Util\RestUtils;
|
2018-09-28 22:08:01 +02:00
|
|
|
|
|
|
|
|
class ApiKeyHeaderPlugin implements AuthenticationPluginInterface
|
|
|
|
|
{
|
|
|
|
|
public const HEADER_NAME = 'X-Api-Key';
|
|
|
|
|
|
2018-11-20 19:30:27 +01:00
|
|
|
/** @var ApiKeyServiceInterface */
|
2018-09-29 08:34:47 +02:00
|
|
|
private $apiKeyService;
|
|
|
|
|
|
2018-11-18 16:28:04 +01:00
|
|
|
public function __construct(ApiKeyServiceInterface $apiKeyService)
|
2018-09-29 08:34:47 +02:00
|
|
|
{
|
|
|
|
|
$this->apiKeyService = $apiKeyService;
|
|
|
|
|
}
|
|
|
|
|
|
2018-09-28 22:08:01 +02:00
|
|
|
/**
|
|
|
|
|
* @throws VerifyAuthenticationException
|
|
|
|
|
*/
|
|
|
|
|
public function verify(ServerRequestInterface $request): void
|
|
|
|
|
{
|
2018-09-29 08:34:47 +02:00
|
|
|
$apiKey = $request->getHeaderLine(self::HEADER_NAME);
|
|
|
|
|
if ($this->apiKeyService->check($apiKey)) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
throw VerifyAuthenticationException::withError(
|
|
|
|
|
RestUtils::INVALID_API_KEY_ERROR,
|
2018-11-18 16:28:04 +01:00
|
|
|
'Provided API key does not exist or is invalid.'
|
2018-09-29 08:34:47 +02:00
|
|
|
);
|
2018-09-28 22:08:01 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function update(ServerRequestInterface $request, ResponseInterface $response): ResponseInterface
|
|
|
|
|
{
|
|
|
|
|
return $response;
|
|
|
|
|
}
|
|
|
|
|
}
|
