/**
* Attempts to authenticate a TokenInterface object.
*
* @param TokenInterface $token The TokenInterface instance to authenticate
*
* @return TokenInterface An authenticated TokenInterface instance, never null
*
* @throws AuthenticationException if the authentication fails
*/
public function authenticate(TokenInterface $token)
{
if (!$token instanceof HawkToken) {
throw new \InvalidArgumentException('Provided token is not HawkToken');
}
try {
$user = $this->userProvider->loadUserByUsername($token->getId());
$this->userChecker->checkPreAuth($user);
$this->hawkServer->authenticate($token->getMethod(), $token->getHost(), $token->getPort(), $token->getUri(), $token->getContentType(), $token->getPayload(), $token->getAuthorizationHeader());
$this->userChecker->checkPostAuth($user);
$authenticatedToken = new HawkToken($user->getRoles());
$authenticatedToken->copy($token);
$authenticatedToken->setAuthenticated(true);
$authenticatedToken->setUser($user);
return $authenticatedToken;
} catch (UnauthorizedException $exception) {
throw new AuthenticationException('Invalid Hawk authentication data');
}
}
