ServicePrincipalAuthenticator
extends AbstractAuthenticator
in package
Authenticates API clients via API token.
Validates token format, looks up service principal, checks IP restrictions, and updates last used timestamps for security auditing.
Token format: Base64-encoded token (generated by ServicePrincipalToken::generateToken()) Transport:
- Authorization: Bearer {token}
- X-API-Key: {token}
- api_key query param
Table of Contents
Properties
- $_defaultConfig : array<string, mixed>
- Default configuration
- $authenticatedTokenId : int|null
Methods
- authenticate() : ResultInterface
- Authenticate an API request using Bearer token.
- getAuthenticatedTokenId() : int|null
- Get the authenticated token ID for audit logging.
- extractToken() : string|null
- Extract API token from request.
Properties
$_defaultConfig
Default configuration
protected
array<string, mixed>
$_defaultConfig
= ['header' => 'Authorization', 'tokenPrefix' => 'Bearer', 'apiKeyHeader' => 'X-API-Key', 'apiKeyQueryParam' => 'api_key']
$authenticatedTokenId
protected
int|null
$authenticatedTokenId
= null
Token ID for audit logging
Methods
authenticate()
Authenticate an API request using Bearer token.
public
authenticate(ServerRequestInterface $request) : ResultInterface
Parameters
- $request : ServerRequestInterface
-
Request
Return values
ResultInterfacegetAuthenticatedTokenId()
Get the authenticated token ID for audit logging.
public
getAuthenticatedTokenId() : int|null
Return values
int|nullextractToken()
Extract API token from request.
protected
extractToken(ServerRequestInterface $request) : string|null
Supports:
- Authorization: Bearer
- X-API-Key:
- ?api_key=
Parameters
- $request : ServerRequestInterface
-
Request
Return values
string|null —Token or null if not found