/**
* Logout the user if the token is expired
* @param GetResponseEvent $event
*/
public function onKernelRequest(GetResponseEvent $event)
{
$token = $this->tokenStorage->getToken();
if (!$token instanceof RoleToken) {
return;
}
if (!$token->isExpired()) {
return;
}
$config = $this->configProvider->getRoleConfig();
$response = new RedirectResponse($config['logout_path']);
$event->setResponse($response);
}
/**
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param $providerKey
* @return UsernamePasswordToken
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$user = $userProvider->loadUserByUsername($token->getUsername());
$config = $this->configProvider->getRoleConfig();
$params = ["client_id" => $config['client_id'], "client_secret" => $config['client_secret'], "username" => $token->getUsername(), "password" => $token->getCredentials()];
try {
$storage = $this->roleTokenProvider->authentificate($config['endpoint'], $params, $this->role);
} catch (BadAuthentificationException $e) {
// CAUTION: this message will be returned to the client
// (so don't put any un-trusted messages / error strings here)
throw new CustomUserMessageAuthenticationException('Invalid username or password');
}
$roleToken = new RoleToken($user, $user->getPassword(), $providerKey, $user->getRoles());
$roleToken->setAccessToken($storage['accessToken']);
$roleToken->setRefreshToken($storage['refreshToken']);
$roleToken->setRoleRequired($this->role);
$roleToken->setExpiresIn($storage['expiresIn']);
return $roleToken;
}
public function testConfiguration()
{
$containerMock = $this->getMockBuilder(ContainerInterface::class)->disableOriginalConstructor()->getMock();
$containerMock->expects($this->any())->method('getParameter')->willReturnCallback(function ($name) {
$prefix = "vss_oauth_extension.auth.role";
switch ($name) {
case "{$prefix}.client_id":
return 37;
case "{$prefix}.client_secret":
return "secret";
case "{$prefix}.endpoint":
return "/token";
case "{$prefix}.logout_path":
return "logout_path";
}
});
$routerMock = $this->getMockBuilder(Router::class)->disableOriginalConstructor()->getMock();
$routerMock->expects($this->once())->method('generate')->with('logout_path')->willReturn('/logout');
$configProvider = new ConfigProvider($containerMock, $routerMock);
$config = $configProvider->getRoleConfig();
$expected = ["client_id" => 37, "client_secret" => "secret", "endpoint" => "/token", "logout_path" => "/logout"];
$this->assertEquals($expected, $config);
}
