/**
* @param Request $request
* @param string $providerKey
*
* @return PreAuthenticatedToken
*/
public function createToken(Request $request, $providerKey)
{
$tokenString = $request->headers->get('Authorization');
if (0 === strpos($tokenString, 'Bearer ')) {
$tokenString = substr($tokenString, 7);
}
if (!$tokenString) {
throw new BadCredentialsException('No API key found');
}
try {
$token = new JwtToken($tokenString);
$key = $this->getKeyById($token->getKeyId());
$key->validateToken($token);
} catch (\Exception $e) {
throw new AuthenticationException('Invalid key', 0, $e);
}
return new PreAuthenticatedToken('anon.', $token, $providerKey);
}
/**
* @param JwtToken $token
*
* @throws \InvalidArgumentException
*/
public function validateToken(JwtToken $token)
{
$this->validateHeader($token->getHeader());
$this->validateClaims($token->getClaims());
if (!$this->secretLoader) {
$token->validateSignature($this->secret, $this->getSignatureValidator());
return;
}
$token->validateSignature($this->secretLoader->load($token), $this->getSignatureValidator());
}
/**
* @test
*/
public function willNitFailWhenSignatureValidationIsSuccessful()
{
$validator = $this->getMockBuilder('KleijnWeb\\JwtBundle\\Authenticator\\SignatureValidator\\SignatureValidator')->getMockForAbstractClass();
$token = new JwtToken(self::EXAMPLE_TOKEN);
$validator->expects($this->once())->method('isValid')->willReturn(true);
$token->validateSignature('foobar', $validator);
}
