paul121 · January 14, 2020 18:28
diff --git a/restws_oauth2_server.module b/restws_oauth2_server.module
 /**
 * Implements hook_init().
 *
 * Performs a user login from the User ID of the Authentication Token.
 */
 function restws_oauth2_server_init() {

  // Load the OAuth2 Server and Scope that are to be authenticated against.
  $server_name = variable_get('restws_oauth2_server_name', FALSE);
  $scope_name = variable_get('restws_oauth2_server_scope', FALSE);

  // If the server name is not set, bail.
  if (empty($server_name) || empty($scope_name)) {
    return NULL;
  }

  // Only check for tokens if the user is not authenticated.
  if (user_is_anonymous()) {
    $request_path = request_path();
    $request_vars = explode(".", $request_path);
    $entity = $request_vars[0];

    if (!array_key_exists(1, $request_vars)) {
      return NULL;
      watchdog('OAUTH_DEBUG', 'Not a valid API endpoint for OAuth.');
    }
    $format = $request_vars[1];

    $scope = $entity . '_access';

    watchdog('OAUTH_DEBUG', 'Requires scope: ' . $scope);

    $result = oauth2_server_check_access($server_name, $scope);

    // Check if a Token was returned, or an error Response.
    if ($result === null) {
      return NULL;
    }
    if ($result instanceof \OAuth2\Response) {
      $status_code = $result->getStatusCode();
      watchdog('restws_oauth2_server', t('OAuth2 token authentication failed. Error code: @code', array('@code' => $status_code)));
    }
    elseif (is_array($result) && !empty($result['user_id'])) {

      watchdog('DEBUG_RESTWS_OAUTH', print_r(restws_get_resource_info(), TRUE));

      // Reset the global user.
      global $user;
      $user = user_load($result['user_id']);

      // Finish "logging" in the User connected with the Token.
      $login_array = array('name' => $user->name);
      // user_login_finalize($login_array);
      // user_external_login_register($user->name, "oauth2");
      $user->login = REQUEST_TIME;
      db_update('users')
        ->fields(array('login' => $user->login))
        ->condition('uid', $user->uid)
        ->execute();

      watchdog('restws_oauth2_server', t('@user logged in via OAuth2 Token.', array('@user' => $user->name)));

      // Reset the page so the user if fully authenticated.
      if (!user_is_anonymous()) {
        drupal_static_reset();

        // Always make sure to disable the page cache after we authenticated the
        // user so that a response never gets into the page cache.
        drupal_page_is_cacheable(FALSE);

        // Redetermine the page callback for restws calls like node/1.json
        // and user/1.json.
        _restws_determine_router_item();
      }

      // Or, clear the login form error and remove the login failure message.
      else {
        $form = &drupal_static('form_set_error', array());
        $form = array();
        drupal_get_messages();
      }
    }
  }
 }
	/**
	* Implements hook_init().
	*
	* Performs a user login from the User ID of the Authentication Token.
	*/
	function restws_oauth2_server_init() {

	// Load the OAuth2 Server and Scope that are to be authenticated against.
	$server_name = variable_get('restws_oauth2_server_name', FALSE);
	$scope_name = variable_get('restws_oauth2_server_scope', FALSE);

	// If the server name is not set, bail.
	if (empty($server_name) \|\| empty($scope_name)) {
	return NULL;
	}

	// Only check for tokens if the user is not authenticated.
	if (user_is_anonymous()) {
	$request_path = request_path();
	$request_vars = explode(".", $request_path);
	$entity = $request_vars[0];

	if (!array_key_exists(1, $request_vars)) {
	return NULL;
	watchdog('OAUTH_DEBUG', 'Not a valid API endpoint for OAuth.');
	}
	$format = $request_vars[1];

	$scope = $entity . '_access';

	watchdog('OAUTH_DEBUG', 'Requires scope: ' . $scope);

	$result = oauth2_server_check_access($server_name, $scope);

	// Check if a Token was returned, or an error Response.
	if ($result === null) {
	return NULL;
	}
	if ($result instanceof \OAuth2\Response) {
	$status_code = $result->getStatusCode();
	watchdog('restws_oauth2_server', t('OAuth2 token authentication failed. Error code: @code', array('@code' => $status_code)));
	}
	elseif (is_array($result) && !empty($result['user_id'])) {

	watchdog('DEBUG_RESTWS_OAUTH', print_r(restws_get_resource_info(), TRUE));

	// Reset the global user.
	global $user;
	$user = user_load($result['user_id']);

	// Finish "logging" in the User connected with the Token.
	$login_array = array('name' => $user->name);
	// user_login_finalize($login_array);
	// user_external_login_register($user->name, "oauth2");
	$user->login = REQUEST_TIME;
	db_update('users')
	->fields(array('login' => $user->login))
	->condition('uid', $user->uid)
	->execute();

	watchdog('restws_oauth2_server', t('@user logged in via OAuth2 Token.', array('@user' => $user->name)));

	// Reset the page so the user if fully authenticated.
	if (!user_is_anonymous()) {
	drupal_static_reset();

	// Always make sure to disable the page cache after we authenticated the
	// user so that a response never gets into the page cache.
	drupal_page_is_cacheable(FALSE);

	// Redetermine the page callback for restws calls like node/1.json
	// and user/1.json.
	_restws_determine_router_item();
	}

	// Or, clear the login form error and remove the login failure message.
	else {
	$form = &drupal_static('form_set_error', array());
	$form = array();
	drupal_get_messages();
	}
	}
	}
	}