/**
* {@inheritDoc}
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if ($request->getMethod() === 'OPTIONS') {
$this->securityContext->setToken(new AnonymousToken('', 'anon.', array()));
return;
}
$regex = '/Bearer (.*)/';
if (!$request->headers->has('Authorization') || preg_match($regex, $request->headers->get('Authorization'), $matches) !== 1) {
$event->setResponse($this->getInvalidRequestResponse());
return;
}
$token = new OAuth2UserToken();
$token->setOAuthToken($matches[1]);
$token->request = $request;
try {
$authToken = $this->authenticationManager->authenticate($token);
$this->securityContext->setToken($authToken);
return;
} catch (AuthenticationException $failed) {
$event->setResponse($this->getInvalidTokenReponse());
return;
}
$event->setResponse($this->getInvalidTokenReponse());
}
/**
* {@inheritDoc}
*/
public function authenticate(TokenInterface $token)
{
$oauthRequest = OAuthRequest::createFromRequest($token->request);
// Not authenticated
if (!$this->server->verifyResourceRequest($oauthRequest)) {
throw new AuthenticationException('OAuth2 authentication failed');
}
$userData = $this->server->getAccessTokenData($oauthRequest);
$user = $this->userProvider->findById($userData['user_id']);
$roles = $this->roleFinder->findRoleNamesByUserId($user->getId());
$user->setRoles($roles);
$authenticatedToken = new OAuth2UserToken($roles);
$authenticatedToken->setUser($user);
$authenticatedToken->setAuthenticated(true);
$authenticatedToken->setOAuthToken($token->getOAuthToken());
return $authenticatedToken;
}
