Class TokenAuthenticator
Token Authenticator
Authenticates an identity based on a token in a query param or the header.
Property Summary
-
$_config protected
array<string, mixed>Runtime config
-
$_configInitialized protected
boolWhether the config property has already been configured with defaults
-
$_defaultConfig protected
array<string, mixed>Default config for this object.
fieldsThe fields to use to identify a user by.
-
$_identifier protected
?IdentifierInterfaceIdentifier instance.
Method Summary
-
__construct() public
Constructor
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
authenticate() public
Authenticates the identity by token contained in a request. Token could be passed as query using
config.queryParamor as header param usingconfig.header. Token prefix will be stripped ifconfig.tokenPrefixis set. Will return false if no token is provided or if the scope conditions have not been met. -
configShallow() public
Merge provided config with existing config. Unlike
config()which does a recursive merge for nested keys, this method does a simple merge. -
deleteConfig() public
Deletes a config key.
-
getConfig() public
Returns the config.
-
getConfigOrFail() public
Returns the config for this specific key.
-
getIdentifier() public
Gets the identifier, loading a default Token identifier if none configured.
-
getToken() protected
Checks if the token is in the headers or a request parameter
-
getTokenFromHeader() protected
Gets the token from the request headers
-
getTokenFromQuery() protected
Gets the token from the request query
-
setConfig() public
Sets the config.
-
setIdentifier() public
Sets the identifier.
-
stripTokenPrefix() protected
Strips a prefix from a token
-
unauthorizedChallenge() public
No-op method.
Method Detail
__construct() ¶ public
__construct(Authentication\Identifier\IdentifierInterface|null $identifier = null, array<string, mixed> $config = [])Constructor
Parameters
-
Authentication\Identifier\IdentifierInterface|null$identifier optional Identifier instance.
-
array<string, mixed>$config optional Configuration settings.
_configDelete() ¶ protected
_configDelete(string $key): voidDeletes a single config key.
Parameters
-
string$key Key to delete.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): $key is null ? array : mixedReads a config key.
Parameters
-
string|null$key Key to read.
Returns
$key is null ? array : mixed_configWrite() ¶ protected
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): voidWrites a config key.
Parameters
-
array<string, mixed>|string$key Key to write to.
-
mixed$value Value to write.
-
string|bool$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
authenticate() ¶ public
authenticate(Psr\Http\Message\ServerRequestInterface $request): Authentication\Authenticator\ResultInterfaceAuthenticates the identity by token contained in a request.
Token could be passed as query using config.queryParam or as header param using config.header. Token
prefix will be stripped if config.tokenPrefix is set. Will return false if no token is provided or if the
scope conditions have not been met.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request that contains login information.
Returns
Authentication\Authenticator\ResultInterfaceconfigShallow() ¶ public
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $thisMerge provided config with existing config. Unlike config() which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);Setting a nested value:
$this->configShallow('some.nested.key', $value);Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
Returns
$thisdeleteConfig() ¶ public
deleteConfig(string $key): $thisDeletes a config key.
Parameters
-
string$key Key to delete. It can be a dot separated string to delete nested keys.
Returns
$thisgetConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): $key is null ? array : mixedReturns the config.
Usage
Reading the whole config:
$this->getConfig();Reading a specific value:
$this->getConfig('key');Reading a nested value:
$this->getConfig('some.nested.key');Reading with default value:
$this->getConfig('some-key', 'default-value');Parameters
-
string|null$key optional The key to get or null for the whole config.
-
mixed$default optional The return value when the key does not exist.
Returns
$key is null ? array : mixedConfiguration data at the named key or null if the key does not exist.
getConfigOrFail() ¶ public
getConfigOrFail(string $key): mixedReturns the config for this specific key.
The config value for this key must exist, it can never be null.
Parameters
-
string$key The key to get.
Returns
mixedConfiguration data at the named key
Throws
InvalidArgumentExceptiongetIdentifier() ¶ public
getIdentifier(): Authentication\Identifier\IdentifierInterfaceGets the identifier, loading a default Token identifier if none configured.
This is done lazily to allow configuration to be fully set before creating the identifier.
Returns
Authentication\Identifier\IdentifierInterfacegetToken() ¶ protected
getToken(Psr\Http\Message\ServerRequestInterface $request): string|nullChecks if the token is in the headers or a request parameter
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request that contains login information.
Returns
string|nullgetTokenFromHeader() ¶ protected
getTokenFromHeader(Psr\Http\Message\ServerRequestInterface $request, string|null $headerLine): string|nullGets the token from the request headers
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request that contains login information.
-
string|null$headerLine Header name
Returns
string|nullgetTokenFromQuery() ¶ protected
getTokenFromQuery(Psr\Http\Message\ServerRequestInterface $request, string|null $queryParam): string|nullGets the token from the request query
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request that contains login information.
-
string|null$queryParam Request query parameter name
Returns
string|nullsetConfig() ¶ public
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $thisSets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);Setting a nested value:
$this->setConfig('some.nested.key', $value);Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
-
bool$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$thisThrows
Cake\Core\Exception\CakeExceptionWhen trying to set a key that is invalid.
setIdentifier() ¶ public
setIdentifier(Authentication\Identifier\IdentifierInterface $identifier): $thisSets the identifier.
Parameters
-
Authentication\Identifier\IdentifierInterface$identifier IdentifierInterface instance.
Returns
$thisstripTokenPrefix() ¶ protected
stripTokenPrefix(string $token, string $prefix): stringStrips a prefix from a token
Parameters
-
string$token Token string
-
string$prefix Prefix to strip
Returns
stringunauthorizedChallenge() ¶ public
unauthorizedChallenge(Psr\Http\Message\ServerRequestInterface $request): voidNo-op method.
Create an exception with the appropriate headers and response body to challenge a request that has missing or invalid credentials.
This is primarily used by authentication methods that use the WWW-Authorization header.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request A request object.
Returns
void