/**
* {@inheritdoc}
*/
public function authenticate(TokenInterface $token)
{
$credentials = $token->getCredentials();
if (is_null($credentials)) {
throw new AuthenticationException(OAuth2::HTTP_BAD_REQUEST, null, 'Empty credentials');
}
$client = $this->storage->getClient($credentials[0]);
if (is_null($client)) {
throw new AuthenticationException(OAuth2::ERROR_INVALID_CLIENT);
}
if ($this->storage->checkClientCredentials($client, $credentials[1]) === false) {
throw new AuthenticationException(OAuth2::ERROR_INVALID_CLIENT);
}
$token->eraseCredentials();
$newToken = new SharedSecretToken(array("ROLE_SHARED_SECRET", "ROLE_OAUTH_CLIENT"));
$newToken->setClient($client);
$newToken->setAuthenticated(true);
return $newToken;
}
/**
* {@inheritdoc}
*/
public function handle(GetResponseEvent $event)
{
if (null === ($rawToken = $this->getTokenFromRequest($event->getRequest()))) {
return;
}
$token = new SharedSecretToken();
$token->setCredentials($rawToken);
try {
$returnValue = $this->authenticationManager->authenticate($token);
if ($returnValue instanceof TokenInterface) {
return $this->securityContext->setToken($returnValue);
}
if ($returnValue instanceof Response) {
return $event->setResponse($returnValue);
}
} catch (AuthenticationException $e) {
if (null !== ($p = $e->getPrevious())) {
$event->setResponse($p->getHttpResponse());
}
}
}
