Skip to content
docsv0.1.0

ContractInteractionAuthorizer

The `#[Action]`-style {@see InteractionAuthorizerInterface}: an interaction is allowed only if its component is registered, the envelope's component id/name agree with the request, the requested `action` is declared in that component's own contract, the state's owning principal (if any) matches the caller, and the caller holds the derived `milpa:component:{name}:{action}` scope (or its `:*` wildcard). This is the contract-based allowlist {@see \Milpa\Live\Http\LiveEndpoint} defers to — nothing here inspects the CSRF token or state signature, those are separate gates that already ran before authorization.

ContractInteractionAuthorizer::__construct()

public function __construct(Milpa\Live\Contracts\Component\ComponentRegistryInterface $components):

Parameters

Parameters of __construct()
NameTypeDescription
$componentsMilpa\Live\Contracts\Component\ComponentRegistryInterface

ContractInteractionAuthorizer::authorize()

public function authorize(Milpa\Live\ValueObjects\InteractionRequest $request, ?Milpa\Live\ValueObjects\SecurityPrincipal $principal = null): Milpa\Live\ValueObjects\AuthorizationResult

Authorizes one interaction request. Every denial path returns a keyed error explaining which check failed (`component`, `componentId`, `componentName`, `action`, `principal`, or `scope`) rather than a bare boolean — never throws for an ordinary unauthorized request.

Parameters

Parameters of authorize()
NameTypeDescription
$requestMilpa\Live\ValueObjects\InteractionRequest
$principal?Milpa\Live\ValueObjects\SecurityPrincipal