/**
* @param GetResponseEvent $event
*
* @throws ClientAccessDeniedHttpException
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if ($this->securityContext->getToken() instanceof TokenInterface && $this->securityContext->getToken()->isAuthenticated()) {
return;
}
if (!($accessToken = $request->get('access_token'))) {
throw new ClientAccessDeniedHttpException();
}
$token = $this->authenticationManager->authenticate(OAuth2Token::create($accessToken));
$this->securityContext->setToken($token);
}
/**
* Attempts to authenticate a TokenInterface object.
*
* @param TokenInterface $token The TokenInterface instance to authenticate
*
* @throws TokenBlockedHttpException
* @throws TokenExpiredHttpException
* @throws UserNotFoundHttpException
* @return TokenInterface An authenticated TokenInterface instance, never null
*/
public function authenticate(TokenInterface $token)
{
$accessToken = $token->getAccessToken();
$accessTokenEntity = $this->accessTokenRepository->findOneByCode($accessToken);
if (is_null($accessTokenEntity) || $accessTokenEntity->isBlocked()) {
throw new TokenBlockedHttpException();
}
if ($accessTokenEntity->isExpired()) {
throw new TokenExpiredHttpException();
}
$authenticatedToken = OAuth2Token::createFromAccessTokenEntity($accessTokenEntity);
return $authenticatedToken;
}