vendor/shopware/core/Framework/Api/Controller/AuthController.php line 56

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Api\Controller;
  5. use League\OAuth2\Server\AuthorizationServer;
  6. use Shopware\Core\Framework\Api\Controller\Exception\AuthThrottledException;
  7. use Shopware\Core\Framework\Log\Package;
  8. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  9. use Shopware\Core\Framework\RateLimiter\RateLimiter;
  10. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  11. use Shopware\Core\Framework\Routing\Annotation\Since;
  12. use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
  13. use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
  14. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\Routing\Annotation\Route;
  19. /**
  20.  * @Route(defaults={"_routeScope"={"api"}})
  21.  */
  22. #[Package('system-settings')]
  23. class AuthController extends AbstractController
  24. {
  25.     private AuthorizationServer $authorizationServer;
  27.     private PsrHttpFactory $psrHttpFactory;
  29.     private RateLimiter $rateLimiter;
  31.     /**
  32.      * @internal
  33.      */
  34.     public function __construct(
  35.         AuthorizationServer $authorizationServer,
  36.         PsrHttpFactory $psrHttpFactory,
  37.         RateLimiter $rateLimiter
  38.     ) {
  39.         $this->authorizationServer $authorizationServer;
  40.         $this->psrHttpFactory $psrHttpFactory;
  41.         $this->rateLimiter $rateLimiter;
  42.     }
  44.     /**
  45.      * @Since("6.0.0.0")
  46.      * @Route("/api/oauth/authorize", name="api.oauth.authorize", defaults={"auth_required"=false}, methods={"POST"})
  47.      */
  48.     public function authorize(Request $request): void
  49.     {
  50.     }
  52.     /**
  53.      * @Since("6.0.0.0")
  54.      * @Route("/api/oauth/token", name="api.oauth.token", defaults={"auth_required"=false}, methods={"POST"})
  55.      */
  56.     public function token(Request $request): Response
  57.     {
  58.         $response = new Response();
  60.         try {
  61.             $cacheKey $request->get('username') . '-' $request->getClientIp();
  63.             $this->rateLimiter->ensureAccepted(RateLimiter::OAUTH$cacheKey);
  64.         } catch (RateLimitExceededException $exception) {
  65.             throw new AuthThrottledException($exception->getWaitTime(), $exception);
  66.         }
  68.         $psr7Request $this->psrHttpFactory->createRequest($request);
  69.         $psr7Response $this->psrHttpFactory->createResponse($response);
  71.         $response $this->authorizationServer->respondToAccessTokenRequest($psr7Request$psr7Response);
  73.         $this->rateLimiter->reset(RateLimiter::OAUTH$cacheKey);
  75.         return (new HttpFoundationFactory())->createResponse($response);
  76.     }
  77. }