vendor/shopware/core/Framework/Api/Controller/AuthController.php line 54

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Api\Controller;
  5. use League\OAuth2\Server\AuthorizationServer;
  6. use Shopware\Core\Framework\Api\Controller\Exception\AuthThrottledException;
  7. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  8. use Shopware\Core\Framework\RateLimiter\RateLimiter;
  9. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  10. use Shopware\Core\Framework\Routing\Annotation\Since;
  11. use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
  12. use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
  13. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\Routing\Annotation\Route;
  18. /**
  19.  * @Route(defaults={"_routeScope"={"api"}})
  20.  */
  21. class AuthController extends AbstractController
  22. {
  23.     private AuthorizationServer $authorizationServer;
  25.     private PsrHttpFactory $psrHttpFactory;
  27.     private RateLimiter $rateLimiter;
  29.     /**
  30.      * @internal
  31.      */
  32.     public function __construct(
  33.         AuthorizationServer $authorizationServer,
  34.         PsrHttpFactory $psrHttpFactory,
  35.         RateLimiter $rateLimiter
  36.     ) {
  37.         $this->authorizationServer $authorizationServer;
  38.         $this->psrHttpFactory $psrHttpFactory;
  39.         $this->rateLimiter $rateLimiter;
  40.     }
  42.     /**
  43.      * @Since("6.0.0.0")
  44.      * @Route("/api/oauth/authorize", name="api.oauth.authorize", defaults={"auth_required"=false}, methods={"POST"})
  45.      */
  46.     public function authorize(Request $request): void
  47.     {
  48.     }
  50.     /**
  51.      * @Since("6.0.0.0")
  52.      * @Route("/api/oauth/token", name="api.oauth.token", defaults={"auth_required"=false}, methods={"POST"})
  53.      */
  54.     public function token(Request $request): Response
  55.     {
  56.         $response = new Response();
  58.         try {
  59.             $cacheKey $request->get('username') . '-' $request->getClientIp();
  61.             $this->rateLimiter->ensureAccepted(RateLimiter::OAUTH$cacheKey);
  62.         } catch (RateLimitExceededException $exception) {
  63.             throw new AuthThrottledException($exception->getWaitTime(), $exception);
  64.         }
  66.         $psr7Request $this->psrHttpFactory->createRequest($request);
  67.         $psr7Response $this->psrHttpFactory->createResponse($response);
  69.         $response $this->authorizationServer->respondToAccessTokenRequest($psr7Request$psr7Response);
  71.         $this->rateLimiter->reset(RateLimiter::OAUTH$cacheKey);
  73.         return (new HttpFoundationFactory())->createResponse($response);
  74.     }
  75. }