/**
* {@inheritdoc}
*/
public function fetchToken(Request $request)
{
$hash = $this->extractHash($request);
$partials = $this->getTokenPartials($hash);
if (empty($partials)) {
return null;
}
list($selector, $series, $value) = $partials;
try {
if (!($authToken = $this->tokenSource()->findBySelector($selector))) {
return null;
}
if ($authToken->isExpired()) {
$this->tokenSource()->deleteToken($authToken);
return null;
}
//If series is incorrect - skip record (token is invalid)
if (strcasecmp($authToken->getSeries(), $series) !== 0) {
return null;
}
//If hash is incorrect - record should be deleted because series is compromised
if (!$this->hashes->hashEquals($value, $authToken->getHashValue())) {
$this->tokenSource()->deleteToken($authToken);
return null;
}
return $authToken;
} catch (UndefinedTokenException $e) {
return null;
}
}
/**
* @param TokenInterface $token
* @param int $lifetime
* @return bool
*/
public function updateToken(TokenInterface $token, $lifetime)
{
if (get_class($token) != static::RECORD || !$token instanceof AbstractToken) {
throw new InvalidTokenException("Only instances of " . static::RECORD . " is allowed.");
}
/**
* Set new hash, new unique selector, same series.
* Then delete old token.
*/
$token->tokenCode = $this->generateHash();
$token->setField('hash', $this->hashes->makeHash($token->tokenCode));
$token->setField('selector', $this->generateSelector($token->getSelector()));
$token->setExpiration(new \DateTime("now + {$lifetime} seconds"));
if (!$this->save($token)) {
throw new AuthException("Unable to save token to database");
}
}
