public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
if (!$userProvider instanceof EntityUserProvider) {
throw new \InvalidArgumentException(sprintf('The user provider must be an instance of EntityUserProvider (%s was given).', get_class($userProvider)));
}
try {
$jwt = $token->getCredentials();
$username = $this->jwtManager->getUserIdFromToken($jwt);
$issuedAt = $this->jwtManager->getIssuedAtFromToken($jwt);
} catch (\UnexpectedValueException $e) {
throw new BadCredentialsException('Invalid JSON Web Token: ' . $e->getMessage());
} catch (\Exception $e) {
throw new BadCredentialsException('Invalid JSON Web Token');
}
$user = $userProvider->loadUserByUsername($username);
$authentication = $user->getAuthentication();
if ($authentication) {
$tokenNotValidBefore = $authentication->getInvalidateTokenIssuedBefore();
if ($tokenNotValidBefore) {
if ($tokenNotValidBefore > $issuedAt) {
throw new BadCredentialsException('Invalid JSON Web Token: Not issued before ' . $tokenNotValidBefore->format('c'));
}
}
}
$authenticatedToken = new PreAuthenticatedToken($user, $jwt, $providerKey);
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
}
public function testGetIssuedAtFromToken()
{
$yesterday = new DateTime('yesterday');
$stamp = $yesterday->format('U');
$obj = new JsonWebTokenManager('secret');
$jwt = $this->buildToken(array('iat' => $stamp));
$this->assertSame($stamp, $obj->getIssuedAtFromToken($jwt)->format('U'));
}
