I am using this OAuth2 implementation. When I validate queries in a resource controller, I check via
if (!$server->verifyResourceRequest(OAuth2\Request::createFromGlobals())) {
$server->getResponse()->send();
die;
}
if the access_token provided was correct.
Currently this snippet of code is in all of my various resource.php files that are accessed via ajax, since I need the die to stop the code from going further when the token was not valid.
How can I export all this functionality into an external function/file validateToken() and use it in all my resource.php files, without losing that what die does? Is it sufficient to wrap all my resource.php in an if statement that has validateToken() as condition?
Solution depends on what exactly you have in your resources. For instance, your resources are controllers, which are inherited from some BasicController class, and there you have own onDispatch implementation. There you can check requests, and access tokens. The pros of this example, that you do not need to add access token verification inside every controller. I'd implement own OAuth service(it's dependable from your project architecture), where wrapped methods will locate. In BaseController, you can use this service for access token verification, and all OAuth logic will be placed in one place(in service I mean).
P.S.: avoid die usage. Implement some simple error messaging...