From 4bde8518689f9a27b69618d42a00e2df13f0bda4 Mon Sep 17 00:00:00 2001
From: Jason Lewis <jason.lewis1991@gmail.com>
Date: Mon, 28 Apr 2014 16:11:32 +1000
Subject: [PATCH] Refactoring auth and providing helper methods to access OAuth
 related details.

Signed-off-by: Jason Lewis <jason.lewis1991@gmail.com>
---
 src/Auth/DingoOAuth2Provider.php     | 13 ++++++-
 src/Auth/LeagueOAuth2Provider.php    | 13 ++++++-
 src/Auth/OAuth2ProviderInterface.php | 13 +++++++
 src/Auth/ProviderManager.php         | 40 ++++++++-------------
 src/Auth/Shield.php                  | 54 +++++++++++++++++++++++++++-
 src/Facades/API.php                  | 17 +++++----
 src/config/config.php                |  2 +-
 7 files changed, 113 insertions(+), 39 deletions(-)
 create mode 100644 src/Auth/OAuth2ProviderInterface.php

diff --git a/src/Auth/DingoOAuth2Provider.php b/src/Auth/DingoOAuth2Provider.php
index b1324043c..1b0905f71 100644
--- a/src/Auth/DingoOAuth2Provider.php
+++ b/src/Auth/DingoOAuth2Provider.php
@@ -7,7 +7,7 @@
 use Dingo\OAuth2\Exception\InvalidTokenException;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
 
-class DingoOAuth2Provider extends AuthorizationProvider {
+class DingoOAuth2Provider extends AuthorizationProvider implements OAuth2ProviderInterface {
 
 	/**
 	 * OAuth 2.0 resource server instance.
@@ -88,4 +88,15 @@ public function getAuthorizationMethod()
 		return 'bearer';
 	}
 
+	/**
+	 * Determine if the authenticated access token has a given scope.
+	 * 
+	 * @param  string  $scope
+	 * @return bool
+	 */
+	public function hasScope($scope)
+	{
+		return $this->resource->getToken()->hasScope($scope);
+	}
+
 }
diff --git a/src/Auth/LeagueOAuth2Provider.php b/src/Auth/LeagueOAuth2Provider.php
index ed6783d3b..455a069f2 100644
--- a/src/Auth/LeagueOAuth2Provider.php
+++ b/src/Auth/LeagueOAuth2Provider.php
@@ -7,7 +7,7 @@
 use League\OAuth2\Server\Exception\InvalidAccessTokenException;
 use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
 
-class LeagueOAuth2Provider extends AuthorizationProvider {
+class LeagueOAuth2Provider extends AuthorizationProvider implements OAuth2ProviderInterface {
 
 	/**
 	 * OAuth 2.0 resource server instance.
@@ -103,4 +103,15 @@ public function getAuthorizationMethod()
 		return 'bearer';
 	}
 
+	/**
+	 * Determine if the authenticated access token has a given scope.
+	 * 
+	 * @param  string  $scope
+	 * @return bool
+	 */
+	public function hasScope($scope)
+	{
+		return $this->resource->hasScope($scope);
+	}
+
 }
diff --git a/src/Auth/OAuth2ProviderInterface.php b/src/Auth/OAuth2ProviderInterface.php
new file mode 100644
index 000000000..3796ff02e
--- /dev/null
+++ b/src/Auth/OAuth2ProviderInterface.php
@@ -0,0 +1,13 @@
+<?php namespace Dingo\Api\Auth;
+
+interface OAuth2ProviderInterface {
+
+	/**
+	 * Determine if the authenticated access token has a given scope.
+	 * 
+	 * @param  string  $scope
+	 * @return bool
+	 */
+	public function hasScope($scope);
+
+}
diff --git a/src/Auth/ProviderManager.php b/src/Auth/ProviderManager.php
index e6a1a41e9..e0fea0025 100644
--- a/src/Auth/ProviderManager.php
+++ b/src/Auth/ProviderManager.php
@@ -1,29 +1,29 @@
 <?php namespace Dingo\Api\Auth;
 
+use RuntimeException;
 use Illuminate\Support\Manager;
 
 class ProviderManager extends Manager {
 
 	/**
-	 * Create Dingo's OAuth 2.0 authentication driver.
-	 * 
-	 * @return \Dingo\Api\Auth\DingoOAuth2Provider
-	 */
-	public function createDingoOAuth2Driver()
-	{
-		return new DingoOAuth2Provider($this->app['dingo.oauth.resource']);
-	}
-
-	/**
-	 * Create League's OAuth 2.0 authentication driver.
+	 * Create OAuth 2.0 authentication driver.
 	 * 
 	 * @return \Dingo\Api\Auth\LeagueOAuth2Provider
 	 */
-	public function createLeagueOAuth2Driver()
+	public function createOAuth2Driver()
 	{
-		$httpHeadersOnly = $this->app['config']->get('lucadegasperi/oauth2-server-laravel::oauth2.http_headers_only');
+		if ($this->app->bound('oauth2.resource-server'))
+		{
+			$httpHeadersOnly = $this->app['config']->get('lucadegasperi/oauth2-server-laravel::oauth2.http_headers_only');
 		
-		return new LeagueOAuth2Provider($this->app['oauth2.resource-server'], $httpHeadersOnly);
+			return new LeagueOAuth2Provider($this->app['oauth2.resource-server'], $httpHeadersOnly);
+		}
+		elseif ($this->app->bound('dingo.oauth.resource'))
+		{
+			return new DingoOAuth2Provider($this->app['dingo.oauth.resource']);
+		}
+
+		throw new RuntimeException('Unable to resolve either OAuth 2.0 resource server binding.');
 	}
 
 	/**
@@ -36,16 +36,4 @@ public function createBasicDriver()
 		return new BasicProvider($this->app['auth']);
 	}
 
-	/**
-	 * Create a new driver instance.
-	 *
-	 * @param  string  $driver
-	 * @return mixed
-	 * @throws \InvalidArgumentException
-	 */
-	protected function createDriver($driver)
-	{
-		return parent::createDriver(str_replace('.', '', $driver));
-	}
-
 }
diff --git a/src/Auth/Shield.php b/src/Auth/Shield.php
index 1322f3c8e..592f54fa9 100644
--- a/src/Auth/Shield.php
+++ b/src/Auth/Shield.php
@@ -1,6 +1,7 @@
 <?php namespace Dingo\Api\Auth;
 
 use Exception;
+use BadMethodCallException;
 use Illuminate\Http\Request;
 use Dingo\Api\Http\Response;
 use Dingo\Api\Routing\Router;
@@ -25,6 +26,13 @@ class Shield {
 	 */
 	protected $providers;
 
+	/**
+	 * The provider used for authentication.
+	 * 
+	 * @var \Dingo\Api\Auth\Provider
+	 */
+	protected $provider;
+
 	/**
 	 * Authenticated user ID.
 	 * 
@@ -68,7 +76,11 @@ public function authenticate(Request $request, Route $route)
 		{
 			try
 			{
-				return $this->userId = $provider->authenticate($request, $route);
+				$id = $provider->authenticate($request, $route);
+
+				$this->provider = $provider;
+
+				return $this->userId = $id;
 			}
 			catch (UnauthorizedHttpException $exception)
 			{
@@ -144,4 +156,44 @@ public function check()
 		return ! is_null($this->user());
 	}
 
+	/**
+	 * Get the provider used for authentication.
+	 * 
+	 * @return \Dingo\Api\Auth\Provider
+	 */
+	public function getProvider()
+	{
+		return $this->provider;
+	}
+
+	/**
+	 * Determine if the provider used was an OAuth 2.0 provider.
+	 * 
+	 * @return bool
+	 */
+	public function usedOAuth()
+	{
+		return $this->getProvider() instanceof OAuth2ProviderInterface;
+	}
+
+	/**
+	 * Magically call methods on the authenticated provider used.
+	 * 
+	 * @param  string  $method
+	 * @param  array  $parameters
+	 * @return mixed
+	 * @throws \BadMethodCallException
+	 */
+	public function __call($method, $parameters)
+	{
+		$provider = $this->getProvider();
+
+		if (method_exists($provider, $method))
+		{
+			return call_user_func_array([$provider, $method], $parameters);
+		}
+
+		throw new BadMethodCallException('Method "'.$method.'" not found.');
+	}
+
 }
diff --git a/src/Facades/API.php b/src/Facades/API.php
index d8fa40075..44651ea1e 100644
--- a/src/Facades/API.php
+++ b/src/Facades/API.php
@@ -28,24 +28,23 @@ public static function error(Closure $callback)
 	}
 
 	/**
-	 * Get the authenticated access token.
+	 * Get the authentication provider.
 	 * 
-	 * @return \Dingo\OAuth2\Entity\Token
+	 * @return \Dingo\Api\Auth\Provider
 	 */
-	public static function token()
+	public static function auth()
 	{
-		return static::$app['dingo.oauth.resource']->getToken();
+		return static::$app['dingo.api.auth'];
 	}
 
 	/**
-	 * Issue an access token to the API.
+	 * Determine if authentication was done using OAuth 2.0.
 	 * 
-	 * @param  array  $payload
-	 * @return mixed
+	 * @return bool
 	 */
-	public static function issueToken(array $payload)
+	public static function usedOAuth()
 	{
-		return static::$app['dingo.oauth.authorization']->issueAccessToken($payload);
+		return static::$app['dingo.api.auth']->usedOAuth();
 	}
 
 	/**
diff --git a/src/config/config.php b/src/config/config.php
index 9712f7069..ffc873ea5 100644
--- a/src/config/config.php
+++ b/src/config/config.php
@@ -59,7 +59,7 @@
 	| The authentication providers that should be used when attempting to
 	| authenticate an incoming API request.
 	|
-	| Available: "basic", "dingo.oauth2", "league.oauth2"
+	| Available: "basic", "oauth2"
 	|
 	*/