/**
* Attempts to authenticate a TokenInterface object.
*
* @param TokenInterface $token The TokenInterface instance to authenticate
*
* @return TokenInterface An authenticated TokenInterface instance, never null
*
* @throws AuthenticationException if the authentication fails
*/
public function authenticate(TokenInterface $token)
{
if (false === $this->supports($token)) {
return null;
}
/** @var SamlSpResponseToken $token */
$user = null;
try {
$user = $this->loadUser($token);
} catch (UsernameNotFoundException $ex) {
$user = $this->createUser($token);
}
if (null == $user && $this->force) {
$user = $this->createDefaultUser($token);
}
if (null == $user) {
$ex = new AuthenticationException('Unable to resolve user');
$ex->setToken($token);
throw $ex;
}
if ($this->userChecker && $user instanceof UserInterface) {
$this->userChecker->checkPostAuth($user);
}
$attributes = $this->getAttributes($token);
$result = new SamlSpToken($user instanceof UserInterface ? $user->getRoles() : [], $this->providerKey, $attributes, $user);
return $result;
}
/**
* @test
*/
public function shouldRemoveErrorFromSessionOnManage()
{
$error = new AuthenticationException('an error');
$error->setToken(new OpenIdToken('aProviderKey', 'anIdentity'));
$session = $this->createSessionStub($returnGet = $error);
$session->expects($this->once())->method('remove')->with($this->equalTo(Security::AUTHENTICATION_ERROR));
$request = $this->createRequestStub($returnGet = 1, $returnSession = $session);
$relyingParty = new RecoveredFailureRelyingParty();
//guard
$this->assertTrue($relyingParty->supports($request));
$relyingParty->manage($request);
}
public function testFailureHandler()
{
$username = '******';
$token = $this->getMock(TokenInterface::class);
$token->expects($this->any())->method('getUsername')->will($this->returnValue($username));
$exception = new AuthenticationException();
$exception->setToken($token);
$authenticator = new ApiKeyAuthenticator();
$response = $authenticator->onAuthenticationFailure(Request::create('/'), $exception);
$this->assertInstanceOf(JsonResponse::class, $response);
$this->assertSame($response->getStatusCode(), Response::HTTP_UNAUTHORIZED);
$content = json_decode($response->getContent(), true);
$this->assertSame('Credentials refused!', $content['reason']);
$this->assertSame($username, $content['username']);
}
