In This Article

Authenticated user

Once the user is authenticated, zend-expressive-authentication-oauth2 stores the user's authorization details in a PSR-7 attribute under the name Zend\Expressive\Authentication\UserInterface, using an object implementing the interface of the same name.

This object contains all information discovered and/or generated by thephpleage/oauth2-server, including the following data:

[
    'oauth_user_id'         => /* user's identifier (string) */,
    'oauth_client_id'       => /* the client id (string) */,
    'oauth_access_token_id' => /* the access token id (string) */,
    'oauth_scopes'          => /* the scopes (mixed, usually an array) */
]

You may retrieve all of these values using the getDetails() method, or individually using the getDetail($name) method, of the user instance. As an example:

$user->getDetails(); // returns all the values, as array

// Retrieves only the oauth_user_id value, using a default of boolean false:
$userId = $user->getDetail('oauth_user_id', false);
if (false !== $userId) {
    printf("The user ID is %s", $userId);
}

If you want to retrieve the identity of the user (or the client), you can also use the getIdentity() method. This method returns the user's ID if it is not null; otherwise it returns the client's ID.

The getRoles() method of the user instance always returns an empty array.

Customize the user instance

If you wish to provide a custom Zend\Expressive\Authentication\UserInterface implementation, you will need to provide:

  • a custom implementation of the the interface.
  • a factory capable of generating instances of that implementation.
  • a DI factory for generating the previous factory.
  • configuration wiring the UserInterface service to your factory.

The factory noted in the second step should be a callable with the following signature:

function (
    string $identity,
    array $roles = [],
    array $details = []
) : Zend\Expressive\Authentication\UserInterface

As an example of the factory in the third point, you will create a standard DI factory to return it. It could, for instance, compose a database adapter to pull information and create your custom user implementation:

use Psr\Container\ContainerInterface;
use Zend\Db\Adapter\AdapterInterface as DbAdapter;
use Zend\Expressive\Authentication\UserInterface;

class CustomUserFactory
{
    public function __invoke(ContainerInterface $container) : callable
    {
        $db = $container->get(DbAdapter::class);
        return function (string $identity, array $roles = [], array $details = []) use ($db) : UserInterface {
            // get some data from $db
            // return a new instance
            return new MyCustomUserType(/* ... */);
        });
    }
}

You will then need to wire this factory to the UserInterface service, per the following example:

// config/autoload/custom-user.local.php
return [
    'dependencies' => [
        'factories' => [
            UserInterface::class => CustomUserFactory::class,
        ],
    ],
];

Found a mistake or want to contribute to the documentation? Edit this page on GitHub!