/**
* Returns an authenticated token
*
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param string $providerKey
*
* @return PreAuthenticatedToken
*
* @throws AuthenticationException If the api key does not exist or is invalid
* @throws RuntimeException If $userProvider is not an instance of AdvancedUserProviderInterface
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
if (!$userProvider instanceof AdvancedUserProviderInterface) {
throw new RuntimeException(sprintf('The api key provider must implement %s', AdvancedUserProviderInterface::class));
}
$apiKey = $token->getCredentials();
$user = $userProvider->findUserByApiKey($apiKey);
if (!$user) {
throw new AuthenticationException(sprintf('API key %s does not exist!', $apiKey));
}
return new PreAuthenticatedToken($user, $apiKey, $providerKey, $user->getRoles());
}
