/**
* {@inheritdoc}
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if ($this->securityContext->getToken() !== null) {
return;
}
if ($request->getRequestUri() == '/app_dev.php/api/login' || $request->getRequestUri() == '/api/login') {
return;
}
//Try to reach token from HTTP headers
if ($request->headers->has('X-Auth-Token')) {
$tokenId = $request->headers->get('X-Auth-Token');
} else {
$tokenId = $request->get('token');
}
//by token
if (isset($tokenId)) {
$user = $this->userProvider->findUserByToken($tokenId);
if (!$user) {
throw new BadCredentialsException();
}
try {
$token = new ApiToken([], $this->providerId, $this->key);
$token->setUser($user);
$authenticatedToken = $this->authenticationManager->authenticate($token);
$this->securityContext->setToken($authenticatedToken);
} catch (AuthenticationException $e) {
//log something
}
}
}
/**
* Attempts to authenticate a TokenInterface object.
*
* @param TokenInterface $token The TokenInterface instance to authenticate
*
* @return TokenInterface An authenticated TokenInterface instance, never null
*
* @throws AuthenticationException if the authentication fails
*/
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return null;
}
$user = $token->getUser();
/** @var ApiToken $token */
if ($this->key !== $token->getKey()) {
throw new BadCredentialsException('The presented key does not match.');
}
$this->userChecker->checkPostAuth($user);
$authenticatedToken = new ApiToken($user->getRoles(), $this->providerId, $this->key);
$authenticatedToken->setUser($user);
$authenticatedToken->setAttributes($token->getAttributes());
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
}
