/**
* @return string
* @throws \TYPO3\Flow\Security\Exception\InvalidArgumentForHashGenerationException
*/
public function getJWTToken()
{
/** @var \TYPO3\Flow\Security\Account $account */
$account = $this->securityContext->getAccount();
$this->apiToken = $this->securityContext->getAuthenticationTokensOfType('RFY\\JWT\\Security\\Authentication\\Token\\JwtToken')[0];
if ($account->getAuthenticationProviderName() !== $this->apiToken->getAuthenticationProviderName()) {
// TODO: Currently you can get only 1 tokenAccount because of the duplication restraint based on accountIdentifier & AuthenticationProviderName
$account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($account->getAccountIdentifier(), $this->apiToken->getAuthenticationProviderName());
if ($account === NULL) {
$account = $this->generateTokenAccount();
}
}
$payload = array();
$payload['identifier'] = $account->getAccountIdentifier();
$payload['partyIdentifier'] = $this->persistenceManager->getIdentifierByObject($account->getParty());
$payload['user_agent'] = $this->request->getHeader('User-Agent');
$payload['ip_address'] = $this->request->getClientIpAddress();
if ($account->getCreationDate() instanceof \DateTime) {
$payload['creationDate'] = $account->getCreationDate()->getTimestamp();
}
if ($account->getExpirationDate() instanceof \DateTime) {
$payload['expirationDate'] = $account->getExpirationDate()->getTimestamp();
}
// Add hmac
$hmac = $this->hashService->generateHmac($this->signature);
return JWT::encode($payload, $hmac);
}
