headers->get($this->tokenParam); if (is_string($accessToken)) { $identity = $user->loginByAccessToken($accessToken, get_class($this)); if ($identity !== null) { return $identity; } } if ($accessToken !== null && $this->forceAuth) { $this->handleFailure($response); } return null; } /** * @param $action * @return bool * @throws UnauthorizedHttpException * @author nodelog */ public function beforeAction($action) { $response = $this->response ? : Yii::$app->getResponse(); try { $identity = $this->authenticate( $this->user ? : Yii::$app->getUser(), $this->request ? : Yii::$app->getRequest(), $response ); } catch (UnauthorizedHttpException $e) { if ($this->isOptional($action) || !$this->forceAuth) { return true; } throw $e; } if ($identity !== null || $this->isOptional($action) || !$this->forceAuth) { return true; } else { $this->challenge($response); $this->handleFailure($response); return false; } } }