chore: create the scope middleware

2023-09-29 09:44:17 +08:00 · 2023-09-29 09:44:17 +08:00 · 386664042e
commit 386664042e
parent d01a0778b8
3 changed files with 71 additions and 0 deletions
--- a/migrations/2023_09_28_create_oauth_scopes_table.php
+++ b/migrations/2023_09_28_create_oauth_scopes_table.php
@ -11,6 +11,8 @@ return [
        $schema->create('oauth_scopes', function (Blueprint $table) {
            $table->increments('id');
            $table->string('scope', 80);
+            $table->string('resource_path', 500);
+            $table->string('method', 20);
            $table->boolean('is_default')->nullable();
        });
    },
--- a/src/Middlewares/ResourceScopeMiddleware.php
+++ b/src/Middlewares/ResourceScopeMiddleware.php
@ -0,0 +1,63 @@
+<?php
+
+namespace FoskyM\OAuthCenter\Middlewares;
+
+use Flarum\Foundation\ErrorHandling\ExceptionHandler\IlluminateValidationExceptionHandler;
+use Flarum\Foundation\ErrorHandling\JsonApiFormatter;
+use FoskyM\OAuthCenter\OAuth;
+use FoskyM\OAuthCenter\Storage;
+use Illuminate\Validation\ValidationException;
+use Psr\Http\Message\ResponseInterface as Response;
+use Psr\Http\Message\ServerRequestInterface as Request;
+use Psr\Http\Server\MiddlewareInterface;
+use Psr\Http\Server\RequestHandlerInterface;
+use Flarum\Http\RequestUtil;
+use Flarum\Api\JsonApiResponse;
+use Tobscure\JsonApi\Document;
+use Tobscure\JsonApi\Exception\Handler\ResponseBag;
+
+use FoskyM\OAuthCenter\Models\Scope;
+class ResourceScopeMiddleware implements MiddlewareInterface
+{
+    public function process(Request $request, RequestHandlerInterface $handler): Response
+    {
+        $path = $request->getUri()->getPath();
+        $token = Arr::get($request->getQueryParams(), 'access_token', '');
+        if ($token !== '' && $scope = Scope::get_path_scope($path)) {
+            if (strtolower($request->getMethod()) === strtolower($scope->method)) {
+                try {
+                    $oauth = new OAuth();
+                    $server = $oauth->server();
+                    $request = $oauth->request();
+                    if (!$server->verifyResourceRequest($request::createFromGlobals(), null, $scope->scope)) {
+                        $server->getResponse()->send('json');
+                        die;
+                    }
+                    /*$error = new ResponseBag('422', [
+                        [
+                            'status' => '422',
+                            'code' => 'validation_error',
+                            'source' => [
+                                'pointer' => $path,
+                            ],
+                            'detail' => 'Yikes! The access token don\'t has the scope.',
+                        ],
+                    ]);
+                    $document = new Document();
+                    $document->setErrors($error->getErrors());
+
+                    return new JsonApiResponse($document, $error->getStatus());*/
+                } catch (ValidationException $exception) {
+
+                    $handler = resolve(IlluminateValidationExceptionHandler::class);
+
+                    $error = $handler->handle($exception);
+
+                    return (new JsonApiFormatter())->format($error, $request);
+                }
+            }
+        }
+
+        return $handler->handle($request);
+    }
+}
--- a/src/Models/Scope.php
+++ b/src/Models/Scope.php
@ -7,4 +7,10 @@ use Flarum\Database\AbstractModel;
 class Scope extends AbstractModel
 {
    protected $table = 'oauth_scopes';
+
+    static public function get_path_scope($path = '')
+    {
+        return self::where('resource_path', 'like', $path . '%')->first();
+        // return $this->where('resource_path', $path)->first();
+    }
 }