Class ApiAuthComponent

REST API auth component 'access_token' used for authentication is a JSON Web Token (JWT)

Object

ApiAuthComponent implements ApiAuthInterface

See: http://jwt.io
See: https://tools.ietf.org/html/rfc7519 (for full specs)
Located at controllers/components/api_auth.php

Methods summary

`public`	# `initialize( Controller $controller, array $settings = array() )` Initialize component callback Initialize component callback Parameters `$controller` the controller `$settings` component configuration
`public`	# `startup( Controller $controller, array $settings = array() )` Startup component callback Set up JWT 'iss' to public_url if it's not set Startup component callback Set up JWT 'iss' to public_url if it's not set Parameters `$controller` the controller `$settings` component configuration
`public array\|boolean`	# `identify( )` Identify and return an user starting from JWT If user was already identified return it immediately Return false if no token exists or no user found Identify and return an user starting from JWT If user was already identified return it immediately Return false if no token exists or no user found Returns array\|boolean Implementation of `ApiAuthInterface::identify()`
`public boolean`	# `authenticate( string $username, string $password, array $authGroupName = array() )` Authenticate user starting from username and password Authenticate user starting from username and password Parameters `$username` the username `$password` the user password `$authGroupName` an array of groups authorized to login Returns boolean Implementation of `ApiAuthInterface::authenticate()`
`public string\|null`	# `generateToken( )` Generate and return a new JWT. If user is not identified in return null. Generate and return a new JWT. If user is not identified in return null. The garbage collection of refresh_token is also applied. Returns string\|null Implementation of `ApiAuthInterface::generateToken()`
`public string\|boolean`	# `renewToken( string $refreshToken )` Renew a JWT using a refresh token If it fails to renew JWT then return false Renew a JWT using a refresh token If it fails to renew JWT then return false Parameters `$refreshToken` the refresh token Returns string\|boolean Implementation of `ApiAuthInterface::renewToken()`
`protected`	# `gc( )` Garbage collection for `refresh_token`. Delete from `hash_jobs` table the reference to expired `refresh_token` with some probability Garbage collection for `refresh_token`. Delete from `hash_jobs` table the reference to expired `refresh_token` with some probability
`public string\|boolean`	# `generateRefreshToken( )` Generate a refresh token to use for renew JWT The refresh token is saved in hash_jobs table If user is not identified then return false Generate a refresh token to use for renew JWT The refresh token is saved in hash_jobs table If user is not identified then return false Returns string\|boolean Implementation of `ApiAuthInterface::generateRefreshToken()`
`protected string`	# `getRefreshTokenExpireDate( )` Return the expire date for `refresh_token` Return the expire date for `refresh_token` Returns string Throws `BeditaInternalErrorException` When calculation of expired time for refresh_token fails.
`public boolean`	# `revokeRefreshToken( string $refreshToken )` Revoke a refresh token Revoke a refresh token Parameters `$refreshToken` the rfresh token to remove Returns boolean Throws `BeditaNotFoundException` When missing refresh token to revoke Implementation of `ApiAuthInterface::revokeRefreshToken()`
`public array`	# `getPayload( )` Return the payload used to generate JWT Return the payload used to generate JWT Returns array
`public string\|boolean`	# `getToken( )` Return the token reading from Authorization header or from query url If token is been already read return it Return false if no token is found Return the token reading from Authorization header or from query url If token is been already read return it Return false if no token is found Returns string\|boolean Implementation of `ApiAuthInterface::getToken()`
`public integer`	# `expiresIn( )` Return the updated time to token expiration (in seconds) Return the updated time to token expiration (in seconds) Returns integer Implementation of `ApiAuthInterface::expiresIn()`
`protected array\|boolean`	# `findUser( string $token, string $type = 'jwt' )` Find the user starting from a token and a token type: Find the user starting from a token and a token type: if $type is 'jwt' try to get user starting from JWT if $type is 'refresh' try to get user starting from refresh token saved in `hash_jobs` table. `hash_jobs` table is touched to update `expired` field. If no user was found return false Parameters `$token` the token `$type` the token type ('jwt' or 'refresh') Returns array\|boolean
`public string`	# `userid( )` Return the userid It replaces BeAuthComponent::userid() in API context Return the userid It replaces BeAuthComponent::userid() in API context Returns string Implementation of `ApiAuthInterface::userid()`
`public array`	# `getUserSession( )` Return the user data it replaces BeAuthComponent::getUserSession() in API context Return the user data it replaces BeAuthComponent::getUserSession() in API context Returns array Implementation of `ApiAuthInterface::getUserSession()`
`public array`	# `getUser( )` Get the current identified user It replaces BeAuthComponent::getUser() in API context Get the current identified user It replaces BeAuthComponent::getUser() in API context Returns array Implementation of `ApiAuthInterface::getUser()`

Properties summary

`protected Controller`	`$controller` The Controller The Controller	#
`protected array\|boolean`	`$user` The authenticate user It's false if user is not authenticated The authenticate user It's false if user is not authenticated	# `false`
`protected string`	`$token` The JWT generated or read from request The JWT generated or read from request	# `null`
`protected array`	`$payload` The payload used for token generation The payload used for token generation	# `array()`
`public array`	`$config` Configuration used to customize token generation. - `JWT` contains configurations to generate the `access_token` - `refreshTokenExpiresIn` is the `refresh_token` expires time from now. It can be configured with relative time from now. See `strtotime()`. Configuration used to customize token generation. - `JWT` contains configurations to generate the `access_token` - `refreshTokenExpiresIn` is the `refresh_token` expires time from now. It can be configured with relative time from now. See `strtotime()`.	# `array( 'JWT' => array( 'expiresIn' => 600, // in seconds (10 minutes) 'alg' => 'HS256', ), 'refreshTokenExpiresIn' => '1 month', )`

Classes

Interfaces

Exceptions

Class ApiAuthComponent

Methods summary

Parameters

Parameters

Returns

Implementation of

Parameters

Returns

Implementation of

Returns

Implementation of

Parameters

Returns

Implementation of

Returns

Implementation of

Returns

Throws

Parameters

Returns

Throws

Implementation of

Returns

Returns

Implementation of

Returns

Implementation of

Parameters

Returns

Returns

Implementation of

Returns

Implementation of

Returns

Implementation of

Properties summary