public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
$oauthEvent = new OAuth2AuthenticationEvent($this->securityContext);
if ($request->request->get("_username") !== null && $request->request->get("_password") !== null) {
$token = new OAuthUserToken();
$token->setUser($request->request->get("_username"));
$token->setPassword($request->request->get("_password"));
try {
$this->eventDispatcher->dispatch(PreAuthenticationEvents::OAUTH2_PRE_AUTHENTICATION, $oauthEvent);
$authToken = $this->authenticationManager->authenticate($token);
$authToken->setAuthenticated(true);
$this->securityContext->setToken($authToken);
$this->eventDispatcher->dispatch(PostAuthenticationSuccessEvents::OAUTH2_POST_AUTHENTICATION_SUCCESS, $oauthEvent);
} catch (AuthenticationException $failed) {
// To deny the authentication clear the token.
// Make sure to only clear your token, not those of other authentication listeners.
$token = $this->securityContext->getToken();
if ($token instanceof OAuthUserToken) {
$this->securityContext->setToken(null);
}
$this->eventDispatcher->dispatch(PostAuthenticationFailureEvents::OAUTH2_POST_AUTHENTICATION_FAILURE, $oauthEvent);
}
} else {
$token = $this->securityContext->getToken();
if ($token instanceof OAuthUserToken) {
if (time() > $token->getExpireTime()) {
try {
$this->eventDispatcher->dispatch(PreRefreshEvents::OAUTH2_PRE_REFRESH, $oauthEvent);
$newToken = $this->authenticationManager->refresh($token);
$this->securityContext->setToken($newToken);
$this->eventDispatcher->dispatch(PostRefreshSuccessEvents::OAUTH2_POST_REFRESH_SUCCESS, $oauthEvent);
} catch (AuthenticationException $failed) {
// To deny the authentication clear the token.
// Make sure to only clear your token, not those of other authentication listeners.
$token = $this->securityContext->getToken();
if ($token instanceof OAuthUserToken) {
$this->securityContext->setToken(null);
}
$this->eventDispatcher->dispatch(PostRefreshFailureEvents::OAUTH2_POST_REFRESH_FAILURE, $oauthEvent);
}
}
}
}
// elsewhere we do nothing
return;
}
public function refresh(OAuthUserToken $token)
{
// BE CAREFUL !!! argument order is very important !
// if you change the order of parameters, refresh will not work and the API will give a client credential error.
$url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_secret=" . $this->remoteApiSecret . "&client_id=" . $this->remoteApiId . "&refresh_token=" . $token->getRefreshToken() . "&grant_type=refresh_token";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$apiResponse = json_decode(curl_exec($ch));
curl_close($ch);
if (isset($apiResponse->access_token)) {
$token->setOAuthToken($apiResponse->access_token);
$token->setRefreshToken($apiResponse->refresh_token);
$token->setTokenType($apiResponse->token_type);
// We take 3 minutes less (180 seconds) just to be sure.
$token->setExpireTime(time() + $apiResponse->expires_in - 180);
} elseif (isset($apiResponse->error_description)) {
throw new AuthenticationException($apiResponse->error_description);
} else {
throw new AuthenticationException('The OAuth refresh failed.');
}
return $token;
}
