403WebShell

403Webshell

Server IP : 54.233.248.239 / Your IP : 172.28.20.13
Web Server : Apache
System : Linux ip-172-28-29-189 6.5.0-1014-aws #14~22.04.1-Ubuntu SMP Thu Feb 15 15:27:06 UTC 2024 x86_64
User : www-data ( 33)
PHP Version : 7.2.34-43+ubuntu22.04.1+deb.sury.org+1
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /var/www/html/vinumday2_0/vendor/dingo/api/src/Auth/Provider/

Upload File :

[ Back ]

Current File : /var/www/html/vinumday2_0/vendor/dingo/api/src/Auth/Provider/OAuth2.php

<?php

namespace Dingo\Api\Auth\Provider;

use Exception;
use Illuminate\Http\Request;
use Dingo\Api\Routing\Route;
use League\OAuth2\Server\ResourceServer;
use League\OAuth2\Server\Entity\AccessTokenEntity;
use League\OAuth2\Server\Exception\OAuthException;
use League\OAuth2\Server\Exception\InvalidScopeException;
use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;

class OAuth2 extends Authorization
{
    /**
     * OAuth 2.0 resource server instance.
     *
     * @var \League\OAuth2\Server\Resource
     */
    protected $resource;

    /**
     * Indicates whether access token is limited to headers only.
     *
     * @var bool
     */
    protected $httpHeadersOnly = false;

    /**
     * User resolver.
     *
     * @var callable
     */
    protected $userResolver;

    /**
     * Client resolver.
     *
     * @var callable
     */
    protected $clientResolver;

    /**
     * Create a new OAuth 2.0 provider instance.
     *
     * @param \League\OAuth2\Server\ResourceServer $resource
     * @param bool                                 $httpHeadersOnly
     *
     * @return void
     */
    public function __construct(ResourceServer $resource, $httpHeadersOnly = false)
    {
        $this->resource = $resource;
        $this->httpHeadersOnly = $httpHeadersOnly;
    }

    /**
     * Authenticate request with the OAuth 2.0 resource server.
     *
     * @param \Illuminate\Http\Request $request
     * @param \Dingo\Api\Routing\Route $route
     *
     * @throws \Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException
     * @throws \Exception
     *
     * @return mixed
     */
    public function authenticate(Request $request, Route $route)
    {
        try {
            $this->validateAuthorizationHeader($request);
        } catch (Exception $exception) {
            if (! $request->query('access_token', false)) {
                throw $exception;
            }
        }

        try {
            $this->resource->isValidRequest($this->httpHeadersOnly);

            $token = $this->resource->getAccessToken();

            if ($route->scopeStrict()) {
                $this->validateAllRouteScopes($token, $route);
            } else {
                $this->validateAnyRouteScopes($token, $route);
            }

            return $this->resolveResourceOwner($token);
        } catch (OAuthException $exception) {
            throw new UnauthorizedHttpException('Bearer', $exception->getMessage(), $exception);
        }
    }

    /**
     * Resolve the resource owner.
     *
     * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token
     *
     * @return mixed
     */
    protected function resolveResourceOwner(AccessTokenEntity $token)
    {
        $session = $token->getSession();

        if ($session->getOwnerType() == 'client') {
            return call_user_func($this->clientResolver, $session->getOwnerId());
        }

        return call_user_func($this->userResolver, $session->getOwnerId());
    }

    /**
     * Validate a route has any scopes.
     *
     * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token
     * @param \Dingo\Api\Routing\Route                       $route
     *
     * @throws \League\OAuth2\Server\Exception\InvalidScopeException
     *
     * @return bool
     */
    protected function validateAnyRouteScopes(AccessTokenEntity $token, Route $route)
    {
        $scopes = $route->scopes();

        if (empty($scopes)) {
            return true;
        }

        foreach ($scopes as $scope) {
            if ($token->hasScope($scope)) {
                return true;
            }
        }

        throw new InvalidScopeException($scope);
    }

    /**
     * Validate a route has all scopes.
     *
     * @param \League\OAuth2\Server\Entity\AccessTokenEntity $token
     * @param \Dingo\Api\Routing\Route                       $route
     *
     * @throws \League\OAuth2\Server\Exception\InvalidScopeException
     *
     * @return bool
     */
    protected function validateAllRouteScopes(AccessTokenEntity $token, Route $route)
    {
        $scopes = $route->scopes();

        foreach ($scopes as $scope) {
            if (! $token->hasScope($scope)) {
                throw new InvalidScopeException($scope);
            }
        }

        return true;
    }

    /**
     * Set the resolver to fetch a user.
     *
     * @param callable $resolver
     *
     * @return \Dingo\Api\Contract\Auth\Provider
     */
    public function setUserResolver(callable $resolver)
    {
        $this->userResolver = $resolver;

        return $this;
    }

    /**
     * Set the resolver to fetch a client.
     *
     * @param callable $resolver
     *
     * @return \Dingo\Api\Contract\Auth\Provider
     */
    public function setClientResolver(callable $resolver)
    {
        $this->clientResolver = $resolver;

        return $this;
    }

    /**
     * Get the providers authorization method.
     *
     * @return string
     */
    public function getAuthorizationMethod()
    {
        return 'bearer';
    }
}

Youez - 2016 - github.com/yon3zu
LinuXploit