09v82xQS

1а это в контролллере 
2
3public function behaviors()
4    {
5       $behaviors = parent::behaviors();
6       $behaviors['authenticator'] = [
7            'class' => QueryParamAuth::className(),
8       ];
9
10        $behaviors['access'] = [
11            'class' => yii\filters\AccessControl::className(),
12            'denyCallback' => function ($rule, $action) {
13                throw new yii\web\UnauthorizedHttpException('Unauthorized');
14            },
15            'rules' => [
16                [
17                    'actions' => ['error', 'index', 'docs', 'domains', 'opip'],
18                    'allow' => true,
19                ],
20                [
21                    'actions' => ['faq', 'news', 'landings'],
22                    'allow' => true,
23                    'roles' => ['@'],
24                ],
25            ],
26        ];
27
28        $behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
29        return $behaviors;
30    }
31
32
33
34
35///////////////////////
36
37<?php
38
39namespace app\components;
40
41use common\models\User;
42use yii\helpers\ArrayHelper;
43
44class QueryParamAuth extends \yii\filters\auth\QueryParamAuth
45{
46    /**
47     * @var string the parameter name for passing the access token
48     */
49    public $tokenParam = 'access-token';
50
51    /**
52     * @var string
53     */
54    public $serviceId = 'service_id';
55
56    /**
57     * @var
58     */
59    const SERIOUS_AUTH = 'SERIOUS-AUTH';
60
61    /**
62     * @inheritdoc
63     */
64    public function authenticate($user, $request, $response)
65    {
66
67        throw new NotFoundHttpException('The requested page does not exist.');
68//var_dump(2);die;
69        $response->statusCode = 500;
70
71
72        var_dump(2);die;
73        //return $response;
74
75        $headers = getallheaders();
76        $authorization = ArrayHelper::getValue($headers, 'Authorization', []);
77        $authorizationArr = explode(' ', $authorization);
78
79        if (ArrayHelper::getValue($authorizationArr, 0) != self::SERIOUS_AUTH) {
80            return true;
81        }
82        $authorizationParamsArr = explode(':', ArrayHelper::getValue($authorizationArr, 1));
83
84        $serviceId = ArrayHelper::getValue($authorizationParamsArr, 0);
85        $timestamp = ArrayHelper::getValue($authorizationParamsArr, 1);
86        $signature = ArrayHelper::getValue($authorizationParamsArr, 2);
87
88        if (time() - $timestamp > 600) {
89            return true;
90        }
91
92        $params = $request->get();
93
94        $user_ = User::find()->where(['id' => $serviceId])->one();
95        if (is_null($user)) {
96            return true;
97        }
98        $accessToken = $user_->auth_key;
99
100        $signature2 = $this->generationSignature($serviceId, $timestamp, $params, $accessToken);
101
102        if ($signature != $signature2) {
103            return true;
104        }
105
106        //$accessToken = $request->get($this->tokenParam);
107        if (!empty($accessToken)) {
108            $identity = $user->loginByAccessToken($accessToken, get_class($this));
109            if ($identity !== null) {
110                return $identity;
111            }
112        }
113        return true;
114        /*if ($accessToken !== null) {
115            $this->handleFailure($response);
116        }*/
117    }
118
119    /**
120     * @param $serviceId
121     * @param $timestamp
122     * @param $params
123     * @param $secretKey
124     * @return string
125     */
126    private function generationSignature($serviceId, $timestamp, $params, $secretKey)
127    {
128        $data = $serviceId . $timestamp . http_build_query($params);
129        $signature = base64_encode(hash_hmac('sha256', $data, $secretKey, true));
130
131        return $signature;
132    }
133}