/**
* When the security token is created, populate it with user information from the service API.
*
* @param FilterTokenEvent $event
*/
public function onFilterToken(FilterTokenEvent $event)
{
$token = $event->getToken();
$service = $token->getService();
$oauthService = $this->registry->getService($service);
$config = $this->config[$service];
$serviceName = OAuthServiceRegistry::getServiceName($oauthService);
$accessToken = $oauthService->getStorage()->retrieveAccessToken($serviceName);
$token->setAccessToken($accessToken);
$callback = isset($config['user_callback']) && is_callable($config['user_callback']) ? $config['user_callback'] : array($this, 'defaultUserCallback');
if (isset($config['user_endpoint'])) {
$rawUserInfo = json_decode($oauthService->request($config['user_endpoint']), true);
}
call_user_func($callback, $token, $rawUserInfo, $oauthService);
}
/**
* {@inheritDoc}
*/
protected function attemptAuthentication(Request $request)
{
$service = $request->attributes->get('service');
$oauthService = $this->registry->getService($service);
// redirect to auth provider if initiating
if ($this->httpUtils->checkRequestPath($request, $this->options['login_route'])) {
if ($this->options['post_only'] && !$request->isMethod('post')) {
if (null !== $this->logger) {
$this->logger->debug(sprintf('Authentication method not supported: %s.', $request->getMethod()));
}
return null;
}
// CSRF checking only upon login
if (null !== $this->csrfTokenManager) {
$csrfToken = $request->get($this->options['csrf_parameter'], null, true);
if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) {
throw new InvalidCsrfTokenException('Invalid CSRF token.');
}
}
$authorizationParameters = array();
if ($oauthService instanceof OAuth1ServiceInterface) {
$token = $oauthService->requestRequestToken();
$authorizationParameters = array('oauth_token' => $token->getRequestToken());
}
$authorizationUri = $oauthService->getAuthorizationUri($authorizationParameters);
return $this->httpUtils->createRedirectResponse($request, $authorizationUri->getAbsoluteUri());
}
// request access token upon callback
if ($this->httpUtils->checkRequestPath($request, $this->options['callback_route'])) {
if ($request->query->has('error')) {
throw new AuthenticationException($request->query->get('error_description', $request->query->get('error')));
}
if ($oauthService instanceof OAuth1ServiceInterface) {
try {
$serviceName = OAuthServiceRegistry::getServiceName($oauthService);
$token = $oauthService->getStorage()->retrieveAccessToken($serviceName);
} catch (StorageException $exception) {
throw new AuthenticationException('Could not retrieve access token.', null, $exception);
}
if (!$request->query->has('oauth_token') || !$request->query->has('oauth_verifier')) {
throw new AuthenticationException('Token parameters missing.');
}
$oauthService->requestAccessToken($request->query->get('oauth_token'), $request->query->get('oauth_verifier'), $token->getRequestTokenSecret());
} else {
if (!$request->query->has('code')) {
throw new AuthenticationException('Token parameters missing.');
}
$oauthService->requestAccessToken($request->query->get('code'));
}
// the access token is now stored in the session, redirect back to check_path
return $this->httpUtils->createRedirectResponse($request, $this->options['check_route']);
}
$authToken = new OAuthToken($this->providerKey);
$authToken->setService($this->registry->mapServiceName($service));
if (null !== $this->dispatcher) {
$this->dispatcher->dispatch(OAuthEvents::TOKEN, new FilterTokenEvent($authToken));
}
return $this->authenticationManager->authenticate($authToken);
}
