/** * {@inheritdoc} */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (!$userProvider instanceof UserManager) { throw new \InvalidArgumentException(sprintf('The user provider must be an instance of UserManager (%s was given).', get_class($userProvider))); } $user = $token->getUser(); if ($user instanceof AbstractUser) { return new SauthToken($user, $token->getCredentials(), $providerKey, $user->getRoles()); } $service = $this->oauth->getService($token->getServiceId()); $userId = $service->authenticate($token, $userProvider); if (!$userId) { throw new AuthenticationException(sprintf('Authentication Problem.')); } $credentials = $userProvider->getCredentials($token->getServiceId(), $userId); if ($credentials) { $user = $credentials->getUser(); } else { $username = $service->getUsername($userId); $user = $userProvider->loadUserByUsername($username); if (!$user) { if ($this->allowRegistration === false) { throw new AccessDeniedException("We couldn't find a user matching these credentials. New registrations are currently closed."); } $user = $userProvider->createNew($username); } $userProvider->saveCredentials($user, $token->getServiceId(), $userId, $service->getUserTokens()); } return new SauthToken($user, $token->getCredentials(), $providerKey, $user->getRoles()); }