vendor/shopware/core/Framework/Api/Controller/AuthController.php line 66

Open in your IDE?
  1. <?php declare(strict_types=1);
  2. namespace Shopware\Core\Framework\Api\Controller;
  3. use League\OAuth2\Server\AuthorizationServer;
  4. use Shopware\Core\Framework\Api\Controller\Exception\AuthThrottledException;
  5. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  6. use Shopware\Core\Framework\RateLimiter\RateLimiter;
  7. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  8. use Shopware\Core\Framework\Routing\Annotation\Since;
  9. use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
  10. use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
  11. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Routing\Annotation\Route;
  15. /**
  16.  * @Route(defaults={"_routeScope"={"api"}})
  17.  */
  18. class AuthController extends AbstractController
  19. {
  20.     private AuthorizationServer $authorizationServer;
  21.     private PsrHttpFactory $psrHttpFactory;
  22.     private RateLimiter $rateLimiter;
  23.     /**
  24.      * @internal
  25.      */
  26.     public function __construct(
  27.         AuthorizationServer $authorizationServer,
  28.         PsrHttpFactory $psrHttpFactory,
  29.         RateLimiter $rateLimiter
  30.     ) {
  31.         $this->authorizationServer $authorizationServer;
  32.         $this->psrHttpFactory $psrHttpFactory;
  33.         $this->rateLimiter $rateLimiter;
  34.     }
  35.     /**
  36.      * @Since("6.0.0.0")
  37.      * @Route("/api/oauth/authorize", name="api.oauth.authorize", defaults={"auth_required"=false}, methods={"POST"})
  38.      */
  39.     public function authorize(Request $request): void
  40.     {
  41.     }
  42.     /**
  43.      * @Since("6.0.0.0")
  44.      * @Route("/api/oauth/token", name="api.oauth.token", defaults={"auth_required"=false}, methods={"POST"})
  45.      */
  46.     public function token(Request $request): Response
  47.     {
  48.         $response = new Response();
  49.         try {
  50.             $cacheKey $request->get('username') . '-' $request->getClientIp();
  51.             $this->rateLimiter->ensureAccepted(RateLimiter::OAUTH$cacheKey);
  52.         } catch (RateLimitExceededException $exception) {
  53.             throw new AuthThrottledException($exception->getWaitTime(), $exception);
  54.         }
  55.         $psr7Request $this->psrHttpFactory->createRequest($request);
  56.         $psr7Response $this->psrHttpFactory->createResponse($response);
  57.         $response $this->authorizationServer->respondToAccessTokenRequest($psr7Request$psr7Response);
  58.         $this->rateLimiter->reset(RateLimiter::OAUTH$cacheKey);
  59.         return (new HttpFoundationFactory())->createResponse($response);
  60.     }
  61. }