Skip to content

Commit 2e77bf6

Browse files
author
ogorkun
committed
MC-32830: Do not store admin and customer tokens in DB
1 parent 8471ca5 commit 2e77bf6

File tree

1 file changed

+2
-8
lines changed

1 file changed

+2
-8
lines changed

app/code/Magento/Webapi/Model/Authorization/SoapUserContext.php

Lines changed: 2 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -94,44 +94,38 @@ public function getUserType() //phpcs:ignore CopyPaste
9494
*
9595
* @return void
9696
*/
97-
protected function processRequest() //phpcs:ignore CopyPaste
97+
private function processRequest() //phpcs:ignore CopyPaste
9898
{
9999
if ($this->isRequestProcessed) {
100100
return;
101101
}
102-
103102
$authorizationHeaderValue = $this->request->getHeader('Authorization');
104103
if (!$authorizationHeaderValue) {
105104
$this->isRequestProcessed = true;
106105
return;
107106
}
108-
109107
$headerPieces = explode(" ", $authorizationHeaderValue);
110108
if (count($headerPieces) !== 2) {
111109
$this->isRequestProcessed = true;
112110
return;
113111
}
114-
115112
$tokenType = strtolower($headerPieces[0]);
116113
if ($tokenType !== 'bearer') {
117114
$this->isRequestProcessed = true;
118115
return;
119116
}
120-
121117
$bearerToken = $headerPieces[1];
118+
122119
/** @var Token $token */
123120
$token = $this->tokenFactory->create()->load($bearerToken, 'token');
124-
125121
if (!$token->getId() || $token->getRevoked()) {
126122
$this->isRequestProcessed = true;
127-
128123
return;
129124
}
130125
if (((int) $token->getUserType()) === UserContextInterface::USER_TYPE_INTEGRATION) {
131126
$this->userId = $this->integrationService->findByConsumerId($token->getConsumerId())->getId();
132127
$this->userType = UserContextInterface::USER_TYPE_INTEGRATION;
133128
}
134-
135129
$this->isRequestProcessed = true;
136130
}
137131
}

0 commit comments

Comments
 (0)