/**
* {@inheritDoc}
*/
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
}
/* @var OAuthToken $token */
$resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
$userResponse = $resourceOwner->getUserInformation($token->getRawToken());
try {
$user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
} catch (OAuthAwareExceptionInterface $e) {
$e->setToken($token);
$e->setResourceOwnerName($token->getResourceOwnerName());
throw $e;
}
if (!$user instanceof UserInterface) {
throw new AuthenticationServiceException('loadUserByOAuthUserResponse() must return a UserInterface.');
}
$this->userChecker->checkPreAuth($user);
$this->userChecker->checkPostAuth($user);
$token = new OAuthToken($token->getRawToken(), $user->getRoles());
$token->setResourceOwnerName($resourceOwner->getName());
$token->setUser($user);
$token->setAuthenticated(true);
return $token;
}
public function testOAuth()
{
$accessToken = array('access_token' => '986d3212c8aca7122993035d82742270f168db5e');
$token = new OAuthToken($accessToken, array('ROLE_ADMIN'));
$this->assertEquals('986d3212c8aca7122993035d82742270f168db5e', $token->getAccessToken());
$user = new OAuthUser('anna_admin');
$this->assertEquals('anna_admin', $user->getUsername());
$token->setUser($user);
$this->assertSame('ROLE_ADMIN', current($token->getRoles()[0]));
}
/**
* {@inheritDoc}
*/
public function authenticate(TokenInterface $token)
{
$resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
$userResponse = $resourceOwner->getUserInformation($token->getCredentials());
try {
$user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
} catch (OAuthAwareExceptionInterface $e) {
$e->setAccessToken($token->getCredentials());
$e->setResourceOwnerName($token->getResourceOwnerName());
throw $e;
}
$token = new OAuthToken($token->getCredentials(), $user->getRoles());
$token->setUser($user);
$token->setAuthenticated(true);
return $token;
}
/**
* @When /^I am logged in as "([^"]*)"$/
*/
public function iAmLoggedInAs($username)
{
if (!$this->developers[$username]) {
throw new ExpectationException('User not found');
}
$user = $this->developers[$username];
$token = new OAuthToken(null, $user->getRoles());
$token->setUser($user);
$token->setAuthenticated(true);
$session = $this->getContainer()->get('session');
$session->set('_security_secured_area', serialize($token));
$session->save();
$this->getSession()->setCookie($session->getName(), $session->getId());
}
/**
* Authenticate a user with Symfony Security
*
* @param Request $request
* @param UserInterface $user
* @param string $resourceOwnerName
* @param string $accessToken
* @param boolean $fakeLogin
*/
protected function authenticateUser(Request $request, UserInterface $user, $resourceOwnerName, $accessToken, $fakeLogin = true)
{
try {
$this->container->get('hwi_oauth.user_checker')->checkPostAuth($user);
} catch (AccountStatusException $e) {
// Don't authenticate locked, disabled or expired users
return;
}
$token = new OAuthToken($accessToken, $user->getRoles());
$token->setResourceOwnerName($resourceOwnerName);
$token->setUser($user);
$token->setAuthenticated(true);
$this->container->get('security.context')->setToken($token);
if ($fakeLogin) {
// Since we're "faking" normal login, we need to throw our INTERACTIVE_LOGIN event manually
$this->container->get('event_dispatcher')->dispatch(SecurityEvents::INTERACTIVE_LOGIN, new InteractiveLoginEvent($request, $token));
}
}
