public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new AuthenticationException('Invalid username or password or authentication code'); } if ($user->getSafeDatabase() == null) { throw new InitializationException('Please initialize your account.'); } $key = $this->encryptionService->generateKey($token->getCredentials(), $user->getSafeDatabase()->getSalt(), $user->getSafeDatabase()->getKeyIterations()); if ($this->encryptionService->isValidKey($key, $user->getSafeDatabase()) && $this->mfaService->validateOTP($user, $token->getMfaCode())) { return new UsernameKeyToken($user, $key, $providerKey, $user->getRoles()); } throw new AuthenticationException('Invalid username or password or authentication code'); }