Slim 3: Would a getBearerToken method be useful in the Slim\Http\Request class?

Created on 1 Mar 2018  路  4Comments  路  Source: slimphp/Slim

I've recently been using Slim to do some API and authorisation research and one of the issues I've come across is accessing authorisation attribute values from the header, for example when using JWTs.

Unless I've missed something I don't believe you can access authorisation attribute values like bearer tokens directly in Slim 3? You have to write some custom code in your own business logic. I assume that most Slim users would find direct access to authorisation attributes useful?

As such I've written some code to achieve this level of functionality, you can see the compare here...
https://github.com/slimphp/Slim/compare/3.x...RobDWaller:request-bearer-token-additions

Before I bother submitting a pull request though I'd like feedback on whether it's required, whether it's useful, and whether it's appropriate for the Slim framework as I'm acutely aware that I'm new to it and therefore may not fully grasp the underlying principles.

I'm aware that this isn't part of the PSR-7 standard, but it may be useful and other frameworks offer similar functionality. I've also attempted to align my code style with the Slim style, please let me know if you have any thoughts on this also.

Slim 3 question
Source
picture RobDWaller

Most helpful comment

Hi @RobDWaller! You could implement a middleware.

Edit: Here is an example (not tested):

$app->add(function (Request $request, Response $response, $next) {
    if ($request->hasHeader('authorization')) {
        $authHeader = $request->getHeaderLine('authorization');
        if (preg_match('/^Bearer\s(.*)$/', $authHeader, $match) !== false) {
            $request = $request->withAttribute('bearer_token', $match[1]);
        }
    }

    return $next($request, $response);
});
picture odan on 1 Mar 2018
👍2

All 4 comments

Hi @RobDWaller! You could implement a middleware.

Edit: Here is an example (not tested):

$app->add(function (Request $request, Response $response, $next) {
    if ($request->hasHeader('authorization')) {
        $authHeader = $request->getHeaderLine('authorization');
        if (preg_match('/^Bearer\s(.*)$/', $authHeader, $match) !== false) {
            $request = $request->withAttribute('bearer_token', $match[1]);
        }
    }

    return $next($request, $response);
});
odan picture odan on 1 Mar 2018
👍2

Yeah that is roughly what I was looking for, I think that will suffice, thank you. We can probably close this issue if you want to.

RobDWaller picture RobDWaller on 2 Mar 2018

You are welcome :-) Please close this issue.

odan picture odan on 2 Mar 2018

Closing issue as resolved

geggleto picture geggleto on 9 Mar 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jh97uk picture jh97uk  路  5Comments
lwiwala picture lwiwala  路  5Comments
arokettu picture arokettu  路  3Comments
jaklimoff picture jaklimoff  路  4Comments
enygma picture enygma  路  3Comments