Nexus API Reference

AuthorizationMiddleware
in package
implements MiddlewareInterface

FinalYes
Tags
psalm-api

Reads the handler class set by RouterMiddleware on the '_resolvedHandlerClass' request attribute. Reflects on it once (cached by class name) for #[RequiresAuth] / #[RequiresScope] / #[RequiresRole] / #[Authorize] attributes.

Decisions:

  • no attributes on the class -> pass through
  • any attribute + no Principal -> 401 + WWW-Authenticate
  • Principal lacks required scope/role -> 403 with missing list
  • Authorize policy returns false -> 403 with empty missing

Register globally AFTER AuthenticationMiddleware:

$app->middleware(new AuthenticationMiddleware($authenticator)) ->middleware(new AuthorizationMiddleware());

Table of Contents

Interfaces

MiddlewareInterface

Methods

__construct()  : mixed
process()  : ResponseInterface

Methods

__construct()

public __construct([AuthChallenge $challenge = new AuthChallenge('Bearer', 'api') ][, LoggerInterface $logger = new NullLogger() ][, ResponseFactoryInterface|null $responseFactory = null ]) : mixed
Parameters
$challenge : AuthChallenge = new AuthChallenge('Bearer', 'api')
$logger : LoggerInterface = new NullLogger()
$responseFactory : ResponseFactoryInterface|null = null

process()

public process(ServerRequestInterface $request, RequestHandlerInterface $handler) : ResponseInterface
Parameters
$request : ServerRequestInterface
$handler : RequestHandlerInterface
Return values
ResponseInterface

        
On this page

Search results