/**
* This interface must be implemented by firewall listeners.
*
* @param GetResponseEvent $event
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if ($request->headers->has(static::AUTH_HEADER)) {
$unauthenticatedToken = new ApiUserToken();
$unauthenticatedToken->setAttribute('key', $request->headers->get(static::AUTH_HEADER));
$authenticatedToken = $this->authenticationManager->authenticate($unauthenticatedToken);
$this->tokenStorage->setToken($authenticatedToken);
}
}
/**
* Attempts to authenticate a TokenInterface object.
*
* @param TokenInterface $token The TokenInterface instance to authenticate
*
* @return TokenInterface An authenticated TokenInterface instance, never null
*
* @throws AuthenticationException if the authentication fails
*/
public function authenticate(TokenInterface $token)
{
try {
$key = $token->getAttribute('key');
/** @var ApiUser $user */
$user = $this->apiUserProvider->loadUserByKey($key);
$authenticatedToken = new ApiUserToken($user->getRoles());
$authenticatedToken->setUser($user);
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
} catch (BadCredentialsException $notFoundException) {
throw new AuthenticationException('User not found');
}
}
