File code/core/Mage/Api2/Model/Auth.php

 1: <?php
 2: /**
 3:  * Magento
 4:  *
 5:  * NOTICE OF LICENSE
 6:  *
 7:  * This source file is subject to the Open Software License (OSL 3.0)
 8:  * that is bundled with this package in the file LICENSE.txt.
 9:  * It is also available through the world-wide-web at this URL:
10:  * http://opensource.org/licenses/osl-3.0.php
11:  * If you did not receive a copy of the license and are unable to
12:  * obtain it through the world-wide-web, please send an email
13:  * to license@magentocommerce.com so we can send you a copy immediately.
14:  *
15:  * DISCLAIMER
16:  *
17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
18:  * versions in the future. If you wish to customize Magento for your
19:  * needs please refer to http://www.magentocommerce.com for more information.
20:  *
21:  * @category    Mage
22:  * @package     Mage_Api2
23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
25:  */
26: 
27: /**
28:  * API User authentication model
29:  *
30:  * @category   Mage
31:  * @package    Mage_Api2
32:  * @author     Magento Core Team <core@magentocommerce.com>
33:  */
34: class Mage_Api2_Model_Auth
35: {
36:     /**
37:      * Use this type if no authentication adapter is applied
38:      */
39:     const DEFAULT_USER_TYPE = 'guest';
40: 
41:     /**
42:      * Figure out API user type and create user model instance
43:      *
44:      * @param Mage_Api2_Model_Request $request
45:      * @throws Exception
46:      * @return Mage_Api2_Model_Auth_User_Abstract
47:      */
48:     public function authenticate(Mage_Api2_Model_Request $request)
49:     {
50:         /** @var $helper Mage_Api2_Helper_Data */
51:         $helper    = Mage::helper('api2/data');
52:         $userTypes = $helper->getUserTypes();
53: 
54:         if (!$userTypes) {
55:             throw new Exception('No allowed user types found');
56:         }
57:         /** @var $authAdapter Mage_Api2_Model_Auth_Adapter */
58:         $authAdapter   = Mage::getModel('api2/auth_adapter');
59:         $userParamsObj = $authAdapter->getUserParams($request);
60: 
61:         if (!isset($userTypes[$userParamsObj->type])) {
62:             throw new Mage_Api2_Exception(
63:                 'Invalid user type or type is not allowed', Mage_Api2_Model_Server::HTTP_UNAUTHORIZED
64:             );
65:         }
66:         /** @var $userModel Mage_Api2_Model_Auth_User_Abstract */
67:         $userModel = Mage::getModel($userTypes[$userParamsObj->type]);
68: 
69:         if (!$userModel instanceof Mage_Api2_Model_Auth_User_Abstract) {
70:             throw new Exception('User model must to extend Mage_Api2_Model_Auth_User_Abstract');
71:         }
72:         // check user type consistency
73:         if ($userModel->getType() != $userParamsObj->type) {
74:             throw new Exception('User model type does not match appropriate type in config');
75:         }
76:         $userModel->setUserId($userParamsObj->id);
77: 
78:         return $userModel;
79:     }
80: }
81:
Packages

Classes

Interfaces

Exceptions
