vendor/shopware/core/Framework/Api/Controller/AuthController.php line 56

Open in your IDE?
  1. <?php declare(strict_types=1);
  2. namespace Shopware\Core\Framework\Api\Controller;
  3. use League\OAuth2\Server\AuthorizationServer;
  4. use Shopware\Core\Framework\Api\Controller\Exception\AuthThrottledException;
  5. use Shopware\Core\Framework\Log\Package;
  6. use Shopware\Core\Framework\RateLimiter\Exception\RateLimitExceededException;
  7. use Shopware\Core\Framework\RateLimiter\RateLimiter;
  8. use Shopware\Core\Framework\Routing\Annotation\RouteScope;
  9. use Shopware\Core\Framework\Routing\Annotation\Since;
  10. use Symfony\Bridge\PsrHttpMessage\Factory\HttpFoundationFactory;
  11. use Symfony\Bridge\PsrHttpMessage\Factory\PsrHttpFactory;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\Routing\Annotation\Route;
  16. /**
  17.  * @Route(defaults={"_routeScope"={"api"}})
  18.  */
  19. #[Package('system-settings')]
  20. class AuthController extends AbstractController
  21. {
  22.     private AuthorizationServer $authorizationServer;
  23.     private PsrHttpFactory $psrHttpFactory;
  24.     private RateLimiter $rateLimiter;
  25.     /**
  26.      * @internal
  27.      */
  28.     public function __construct(
  29.         AuthorizationServer $authorizationServer,
  30.         PsrHttpFactory $psrHttpFactory,
  31.         RateLimiter $rateLimiter
  32.     ) {
  33.         $this->authorizationServer $authorizationServer;
  34.         $this->psrHttpFactory $psrHttpFactory;
  35.         $this->rateLimiter $rateLimiter;
  36.     }
  37.     /**
  38.      * @Since("6.0.0.0")
  39.      * @Route("/api/oauth/authorize", name="api.oauth.authorize", defaults={"auth_required"=false}, methods={"POST"})
  40.      */
  41.     public function authorize(Request $request): void
  42.     {
  43.     }
  44.     /**
  45.      * @Since("6.0.0.0")
  46.      * @Route("/api/oauth/token", name="api.oauth.token", defaults={"auth_required"=false}, methods={"POST"})
  47.      */
  48.     public function token(Request $request): Response
  49.     {
  50.         $response = new Response();
  51.         try {
  52.             $cacheKey $request->get('username') . '-' $request->getClientIp();
  53.             $this->rateLimiter->ensureAccepted(RateLimiter::OAUTH$cacheKey);
  54.         } catch (RateLimitExceededException $exception) {
  55.             throw new AuthThrottledException($exception->getWaitTime(), $exception);
  56.         }
  57.         $psr7Request $this->psrHttpFactory->createRequest($request);
  58.         $psr7Response $this->psrHttpFactory->createResponse($response);
  59.         $response $this->authorizationServer->respondToAccessTokenRequest($psr7Request$psr7Response);
  60.         $this->rateLimiter->reset(RateLimiter::OAUTH$cacheKey);
  61.         return (new HttpFoundationFactory())->createResponse($response);
  62.     }
  63. }