/**
  * Set user data using shibboleth heders as data source
  *
  * @param \FOS\UserBundle\Entity\User                             $user
  * @param \KULeuven\ShibbolethBundle\Security\ShibbolethUserToken $token
  */
 private function setUserData(BaseUser $user, ShibbolethUserToken $token)
 {
     if ($user instanceof User) {
         $user->setGivenName($token->getGivenName());
         $user->setSurname($token->getSurname());
     }
     $user->setPlainPassword('no_passwd');
     if (null != $token->getMail()) {
         $user->setEmail($token->getMail());
     } else {
         $user->setEmail($token->getUsername() . '@kuleuven.be');
     }
     if ($token->isStudent()) {
         $user->addRole('ROLE_STUDENT');
     } elseif ($token->isStaff()) {
         $user->addRole('ROLE_STAFF');
     } else {
         $user->addRole('ROLE_GUEST');
     }
     $user->addRole('ROLE_USER');
     $user->setEnabled(true);
     $this->userManager->updateUser($user);
 }
 public function authenticate(TokenInterface $token)
 {
     if (!$this->supports($token)) {
         return null;
     }
     if (!($user = $token->getUser())) {
         throw new BadCredentialsException('No pre-authenticated shibboleth principal found in request.');
     }
     try {
         $user = $this->retrieveUser($token);
         $this->checkAuthentication($user, $token);
         if ($user instanceof UserInterface) {
             $this->userChecker->checkPostAuth($user);
         }
         $authenticatedToken = new ShibbolethUserToken($user, $token->getAttributes());
         $authenticatedToken->setAuthenticated(true);
         if (null !== $this->logger) {
             $this->logger->debug(sprintf('ShibbolethAuthProvider: authenticated token: %s', $authenticatedToken));
         }
         return $authenticatedToken;
     } catch (UsernameNotFoundException $notFound) {
         throw $notFound;
     }
 }