public function authenticate(TokenInterface $token) { if (strlen($token->getOAuthToken()) === 0) { $url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_id=" . $this->remoteApiId . "&client_secret=" . $this->remoteApiSecret . "&grant_type=password" . "&username="******"&password=" . $token->getPassword(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $apiResponse = json_decode(curl_exec($ch)); curl_close($ch); if (isset($apiResponse->access_token)) { $user = $this->userManager->createUser(); $user->setUsername($token->getUsername()); $authenticatedToken = new OAuthUserToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setOAuthToken($apiResponse->access_token); $authenticatedToken->setRefreshToken($apiResponse->refresh_token); $authenticatedToken->setTokenType($apiResponse->token_type); // We take 3 minutes less (180 seconds) just to be sure. $authenticatedToken->setExpireTime(time() + $apiResponse->expires_in - 180); return $authenticatedToken; } elseif (isset($apiResponse->error_description)) { throw new AuthenticationException($apiResponse->error_description); } else { throw new AuthenticationException('The OAuth authentication failed.'); } } else { return $token; } }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $oauthEvent = new OAuth2AuthenticationEvent($this->securityContext); if ($request->request->get("_username") !== null && $request->request->get("_password") !== null) { $token = new OAuthUserToken(); $token->setUser($request->request->get("_username")); $token->setPassword($request->request->get("_password")); try { $this->eventDispatcher->dispatch(PreAuthenticationEvents::OAUTH2_PRE_AUTHENTICATION, $oauthEvent); $authToken = $this->authenticationManager->authenticate($token); $authToken->setAuthenticated(true); $this->securityContext->setToken($authToken); $this->eventDispatcher->dispatch(PostAuthenticationSuccessEvents::OAUTH2_POST_AUTHENTICATION_SUCCESS, $oauthEvent); } catch (AuthenticationException $failed) { // To deny the authentication clear the token. // Make sure to only clear your token, not those of other authentication listeners. $token = $this->securityContext->getToken(); if ($token instanceof OAuthUserToken) { $this->securityContext->setToken(null); } $this->eventDispatcher->dispatch(PostAuthenticationFailureEvents::OAUTH2_POST_AUTHENTICATION_FAILURE, $oauthEvent); } } else { $token = $this->securityContext->getToken(); if ($token instanceof OAuthUserToken) { if (time() > $token->getExpireTime()) { try { $this->eventDispatcher->dispatch(PreRefreshEvents::OAUTH2_PRE_REFRESH, $oauthEvent); $newToken = $this->authenticationManager->refresh($token); $this->securityContext->setToken($newToken); $this->eventDispatcher->dispatch(PostRefreshSuccessEvents::OAUTH2_POST_REFRESH_SUCCESS, $oauthEvent); } catch (AuthenticationException $failed) { // To deny the authentication clear the token. // Make sure to only clear your token, not those of other authentication listeners. $token = $this->securityContext->getToken(); if ($token instanceof OAuthUserToken) { $this->securityContext->setToken(null); } $this->eventDispatcher->dispatch(PostRefreshFailureEvents::OAUTH2_POST_REFRESH_FAILURE, $oauthEvent); } } } } // elsewhere we do nothing return; }