public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (!$userProvider instanceof EntityUserProvider) { throw new \InvalidArgumentException(sprintf('The user provider must be an instance of EntityUserProvider (%s was given).', get_class($userProvider))); } try { $jwt = $token->getCredentials(); $username = $this->jwtManager->getUserIdFromToken($jwt); $issuedAt = $this->jwtManager->getIssuedAtFromToken($jwt); } catch (\UnexpectedValueException $e) { throw new BadCredentialsException('Invalid JSON Web Token: ' . $e->getMessage()); } catch (\Exception $e) { throw new BadCredentialsException('Invalid JSON Web Token'); } $user = $userProvider->loadUserByUsername($username); $authentication = $user->getAuthentication(); if ($authentication) { $tokenNotValidBefore = $authentication->getInvalidateTokenIssuedBefore(); if ($tokenNotValidBefore) { if ($tokenNotValidBefore > $issuedAt) { throw new BadCredentialsException('Invalid JSON Web Token: Not issued before ' . $tokenNotValidBefore->format('c')); } } } $authenticatedToken = new PreAuthenticatedToken($user, $jwt, $providerKey); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; }
public function testCreateJwtFromUser() { $user = m::mock('Ilios\\CoreBundle\\Entity\\UserInterface')->shouldReceive('getId')->andReturn(42)->mock(); $obj = new JsonWebTokenManager('secret'); $jwt = $obj->createJwtFromUser($user); $this->assertSame(42, $obj->getUserIdFromToken($jwt)); }