Refactoring authentication to make use of a manager.

Signed-off-by: Jason Lewis <[email protected]>

Author: jasonlewis

src/ApiServiceProvider.php

@@ -3,9 +3,7 @@
 use Closure;
 use Dingo\Api\Http\Response;
 use Dingo\Api\Routing\Router;
-use Dingo\Api\Auth\AuthManager;
-use Dingo\Api\Auth\BasicProvider;
-use Dingo\Api\Auth\OAuth2Provider;
+use Dingo\Api\Auth\ProviderManager;
 use Illuminate\Support\ServiceProvider;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
 
@@ -29,7 +27,7 @@ public function boot()
 
 		$this->app['Dingo\Api\Authentication'] = function($app)
 		{
-			return $app['dingo.api.authentication'];
+			return $app['dingo.api.auth'];
 		};
 
 		// Set the static formatters on the response class so that requested formats
@@ -40,7 +38,7 @@ public function boot()
 
 		$this->app['router']->filter('api', function($route, $request)
 		{
-			$this->app['dingo.api.authentication']->authenticate();
+			$this->app['dingo.api.auth']->authenticate();
 		});
 	}
 
@@ -104,7 +102,7 @@ protected function registerDispatcher()
 	{
 		$this->app['dingo.api.dispatcher'] = $this->app->share(function($app)
 		{
-			return new Dispatcher($app['request'], $app['url'], $app['router'], $app['dingo.api.authentication']);
+			return new Dispatcher($app['request'], $app['url'], $app['router'], $app['dingo.api.auth']);
 		});
 	}
 
@@ -128,14 +126,14 @@ protected function registerExceptionHandler()
 	 */
 	protected function registerAuthentication()
 	{
-		$this->app['dingo.api.authentication'] = $this->app->share(function($app)
+		$this->app['dingo.api.auth.manager'] = $this->app->share(function($app)
 		{
-			$providers = [];
+			return new ProviderManager($app);
+		});
 
-			$resolvers = [
-				'basic'  => function($app, $options) { return new BasicProvider($app['auth'], $options); },
-				'oauth2' => function($app, $options) { return new OAuth2Provider($app['dingo.oauth.resource'], $options); }
-			];
+		$this->app['dingo.api.auth'] = $this->app->share(function($app)
+		{
+			$providers = [];
 
 			foreach ($app['config']['api::auth'] as $key => $value)
 			{
@@ -151,7 +149,7 @@ protected function registerAuthentication()
 					$options = call_user_func($options, $app);
 				}
 
-				$providers[$provider] = $resolvers[$provider]($app, $options);
+				$providers[$provider] = $app['dingo.api.auth.manager']->driver($provider)->setOptions($options);
 			}
 
 			return new Authentication($app['router'], $app['auth'], $providers);

src/Auth/AuthorizationProvider.php

@@ -3,10 +3,10 @@
 use Exception;
 use Illuminate\Http\Request;
 
-abstract class AuthorizationProvider implements ProviderInterface {
+abstract class AuthorizationProvider extends Provider {
 
 	/**
-	 * Array of provider speicifc options.
+	 * Array of provider specific options.
 	 * 
 	 * @var array
 	 */
@@ -33,4 +33,4 @@ public function validateAuthorizationHeader(Request $request)
 	 */
 	abstract public function getAuthorizationMethod();
 
-}
+}

src/Auth/BasicProvider.php

@@ -1,6 +1,7 @@
 <?php namespace Dingo\Api\Auth;
 
 use Illuminate\Http\Request;
+use Illuminate\Routing\Route;
 use Illuminate\Auth\AuthManager;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
 
@@ -24,22 +25,21 @@ class BasicProvider extends AuthorizationProvider {
 	 * Create a new Dingo\Api\Auth\BasicProvider instance.
 	 * 
 	 * @param  \Illuminate\Auth\AuthManager  $auth
-	 * @param  array  $options
 	 * @return void
 	 */
-	public function __construct(AuthManager $auth, array $options)
+	public function __construct(AuthManager $auth)
 	{
 		$this->auth = $auth;
-		$this->options = array_merge($this->options, $options);
 	}
 
 	/**
 	 * Authenticate request with Basic.
 	 * 
 	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Illuminate\Routing\Route  $route
 	 * @return int
 	 */
-	public function authenticate(Request $request)
+	public function authenticate(Request $request, Route $route)
 	{
 		$this->validateAuthorizationHeader($request);
 
@@ -61,4 +61,4 @@ public function getAuthorizationMethod()
 		return 'basic';
 	}
 
-}
+}

src/Auth/OAuth2Provider.php

@@ -2,6 +2,7 @@
 
 use Exception;
 use Illuminate\Http\Request;
+use Illuminate\Routing\Route;
 use Dingo\OAuth2\Server\Resource;
 use Dingo\OAuth2\Exception\InvalidTokenException;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
@@ -15,33 +16,25 @@ class OAuth2Provider extends AuthorizationProvider {
 	 */
 	protected $resource;
 
-	/**
-	 * Array of request scopes.
-	 * 
-	 * @var array
-	 */
-	protected $scopes = [];
-
 	/**
 	 * Create a new Dingo\Api\Auth\OAuth2Provider instance.
 	 * 
 	 * @param  \Dingo\OAuth2\Server\Resource  $resource
-	 * @param  array  $options
 	 * @return void
 	 */
-	public function __construct(Resource $resource, array $options)
+	public function __construct(Resource $resource)
 	{
 		$this->resource = $resource;
-		$this->options = $options;
 	}
 
 	/**
-	 * Authenticate request with OAuth2.
+	 * Authenticate request with the OAuth 2.0 resource server.
 	 * 
 	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Illuminate\Routing\Route  $route
 	 * @return int
 	 */
-	public function authenticate(Request $request)
+	public function authenticate(Request $request, Route $route)
 	{
 		try
 		{
@@ -58,9 +51,11 @@ public function authenticate(Request $request)
 			}
 		}
 
+		$scopes = $this->getRouteScopes($route);
+
 		try
 		{
-			$token = $this->resource->validateRequest($this->scopes);
+			$token = $this->resource->validateRequest($scopes);
 
 			return $token->getUserId();
 		}
@@ -70,6 +65,19 @@ public function authenticate(Request $request)
 		}
 	}
 
+	/**
+	 * Get the routes scopes.
+	 * 
+	 * @param  \Illuminate\Routing\Route  $route
+	 * @return array
+	 */
+	protected function getRouteScopes(Route $route)
+	{
+		$action = $route->getAction();
+
+		return isset($action['scopes']) ? (array) $action['scopes'] : [];
+	}
+
 	/**
 	 * Get the providers authorization method.
 	 * 

src/Auth/Provider.php

@@ -0,0 +1,37 @@
+<?php namespace Dingo\Api\Auth;
+
+use Illuminate\Http\Request;
+use Illuminate\Routing\Route;
+
+abstract class Provider {
+
+	/**
+	 * Array of provider specific options.
+	 * 
+	 * @var array
+	 */
+	protected $options = [];
+
+	/**
+	 * Set the provider specific options.
+	 * 
+	 * @param  array  $options
+	 * @return \Dingo\Api\Auth\Provider
+	 */
+	public function setOptions(array $options)
+	{
+		$this->options = array_merge($this->options, $options);
+
+		return $this;
+	}
+
+	/**
+	 * Authenticate the request and return the authenticated users ID.
+	 * 
+	 * @param  \Illuminate\Http\Request  $request
+	 * @param  \Illuminate\Routing\Route  $route
+	 * @return int
+	 */
+	abstract public function authenticate(Request $request, Route $route);
+
+}

src/Auth/ProviderInterface.php

@@ -0,0 +1,27 @@
+<?php namespace Dingo\Api\Auth;
+
+use Illuminate\Support\Manager;
+
+class ProviderManager extends Manager {
+
+	/**
+	 * Create OAuth 2.0 provider.
+	 * 
+	 * @return \Dingo\Api\Auth\BasicProvider
+	 */
+	public function createOAuth2Driver()
+	{
+		return new OAuth2Provider($this->app['dingo.oauth.resource']);
+	}
+
+	/**
+	 * Create basic provider.
+	 * 
+	 * @return \Dingo\Api\Auth\BasicProvider
+	 */
+	public function createBasicDriver()
+	{
+		return new BasicProvider($this->app['auth']);
+	}
+
+}

src/Auth/ProviderManager.php

@@ -6,8 +6,6 @@
 use Illuminate\Routing\Route;
 use Illuminate\Auth\AuthManager;
 use Dingo\Api\Http\InternalRequest;
-use Dingo\Api\Auth\ProviderInterface;
-use Dingo\Api\Auth\AuthorizationProvider;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
 
 class Authentication {
@@ -83,15 +81,14 @@ public function authenticate()
 
 		$exceptionStack = [];
 
-		$this->registerOAuth2Scopes($route);
-
 		// Spin through each of the registered authentication providers and attempt to
-		// authenticate through one of them.
+		// authenticate through one of them. This allows a developer to implement
+		// and allow a number of different authentication mechanisms.
 		foreach ($this->providers as $provider)
 		{
 			try
 			{
-				return $this->userId = $provider->authenticate($request);
+				return $this->userId = $provider->authenticate($request, $route);
 			}
 			catch (UnauthorizedHttpException $exception)
 			{
@@ -115,27 +112,6 @@ public function authenticate()
 		throw $exception;
 	}
 
-	/**
-	 * Register the OAuth 2.0 scopes on the "oauth2" provider.
-	 * 
-	 * @param  \Illuminate\Routing\Route  $route
-	 * @return void
-	 */
-	protected function registerOAuth2Scopes(Route $route)
-	{
-		// If authenticating via OAuth2 a route can be protected by defining its scopes.
-		// We'll grab the scopes for this route and pass them through to the
-		// authentication providers.
-		if (isset($this->providers['oauth2']))
-		{
-			$action = $route->getAction();
-
-			$scopes = isset($action['scopes']) ? (array) $action['scopes'] : [];
-
-			$this->providers['oauth2']->setScopes($scopes);
-		}
-	}
-
 	/**
 	 * Determine if a route is protected.
 	 * 
@@ -192,18 +168,4 @@ public function setUser($user)
 		return $this;
 	}
 
-	/**
-	 * Extend the authentication layer by registering a custom provider.
-	 * 
-	 * @param  string  $key
-	 * @param  \Dingo\Api\Auth\ProviderInterface  $provider
-	 * @return \Dingo\Api\Authentication
-	 */
-	public function extend($key, ProviderInterface $provider)
-	{
-		$this->providers[$key] = $provider;
-
-		return $this;
-	}
-
 }

src/Authentication.php

@@ -55,7 +55,7 @@ public static function issueToken(array $payload)
 	 */
 	public static function user()
 	{
-		return static::$app['dingo.api.authentication']->getUser();
+		return static::$app['dingo.api.auth']->getUser();
 	}
 
 	/**
@@ -68,4 +68,4 @@ public static function internal()
 		return static::$app['router']->getCurrentRequest() instanceof InternalRequest;
 	}
 
-}
+}