Class yii\filters\auth\HttpBearerAuth

Inheritanceyii\filters\auth\HttpBearerAuth » yii\filters\auth\HttpHeaderAuth » yii\filters\auth\AuthMethod » yii\base\ActionFilter » yii\base\Behavior » yii\base\BaseObject
Implementsyii\base\Configurable, yii\filters\auth\AuthInterface
Available since version2.0
Source Code https://github.com/yiisoft/yii2/blob/master/framework/filters/auth/HttpBearerAuth.php

HttpBearerAuth is an action filter that supports the authentication method based on HTTP Bearer token.

You may use HttpBearerAuth by attaching it as a behavior to a controller or module, like the following:

public function behaviors()
{
    return [
        'bearerAuth' => [
            'class' => \yii\filters\auth\HttpBearerAuth::className(),
        ],
    ];
}

Public Properties

Hide inherited properties

PropertyTypeDescriptionDefined By
$except array List of action IDs that this filter should not apply to. yii\base\ActionFilter
$header string The HTTP header name yii\filters\auth\HttpBearerAuth
$only array List of action IDs that this filter should apply to. yii\base\ActionFilter
$optional array List of action IDs that this filter will be applied to, but auth failure will not lead to error. yii\filters\auth\AuthMethod
$owner yii\base\Component|null The owner of this behavior yii\base\Behavior
$pattern string A pattern to use to extract the HTTP authentication value yii\filters\auth\HttpBearerAuth
$realm string The HTTP authentication realm yii\filters\auth\HttpBearerAuth
$request yii\web\Request The current request. yii\filters\auth\AuthMethod
$response yii\web\Response The response to be sent. yii\filters\auth\AuthMethod
$user yii\web\User The user object representing the user authentication status. yii\filters\auth\AuthMethod

Public Methods

Hide inherited methods

MethodDescriptionDefined By
__call() Calls the named method which is not a class method. yii\base\BaseObject
__construct() Constructor. yii\base\BaseObject
__get() Returns the value of an object property. yii\base\BaseObject
__isset() Checks if a property is set, i.e. defined and not null. yii\base\BaseObject
__set() Sets value of an object property. yii\base\BaseObject
__unset() Sets an object property to null. yii\base\BaseObject
afterAction() This method is invoked right after an action is executed. yii\base\ActionFilter
afterFilter() yii\base\ActionFilter
attach() Attaches the behavior object to the component. yii\base\ActionFilter
authenticate() Authenticates the current user. yii\filters\auth\HttpHeaderAuth
beforeAction() This method is invoked right before an action is to be executed (after all possible filters.) You may override this method to do last-minute preparation for the action. yii\base\ActionFilter
beforeFilter() yii\base\ActionFilter
canGetProperty() Returns a value indicating whether a property can be read. yii\base\BaseObject
canSetProperty() Returns a value indicating whether a property can be set. yii\base\BaseObject
challenge() Generates challenges upon authentication failure. yii\filters\auth\HttpBearerAuth
className() Returns the fully qualified name of this class. yii\base\BaseObject
detach() Detaches the behavior object from the component. yii\base\ActionFilter
events() Declares event handlers for the $owner's events. yii\base\Behavior
handleFailure() Handles authentication failure. yii\filters\auth\AuthMethod
hasMethod() Returns a value indicating whether a method is defined. yii\base\BaseObject
hasProperty() Returns a value indicating whether a property is defined. yii\base\BaseObject
init() Initializes the object. yii\base\BaseObject

Protected Methods

Hide inherited methods

MethodDescriptionDefined By
getActionId() Returns an action ID by converting yii\base\Action::$uniqueId into an ID relative to the module. yii\base\ActionFilter
isActive() Returns a value indicating whether the filter is active for the given action. yii\base\ActionFilter
isOptional() Checks, whether authentication is optional for the given action. yii\filters\auth\AuthMethod

Property Details

$header public property

The HTTP header name

public string $header 'Authorization'
$pattern public property

A pattern to use to extract the HTTP authentication value

public string $pattern '/^Bearer\s+(.*?)$/'
$realm public property

The HTTP authentication realm

public string $realm 'api'

Method Details

challenge() public method

Generates challenges upon authentication failure.

For example, some appropriate HTTP headers may be generated.

public void challenge ( $response )
$response yii\web\Response