public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (!$userProvider instanceof EntityUserProvider) { throw new \InvalidArgumentException(sprintf('The user provider must be an instance of EntityUserProvider (%s was given).', get_class($userProvider))); } try { $jwt = $token->getCredentials(); $username = $this->jwtManager->getUserIdFromToken($jwt); $issuedAt = $this->jwtManager->getIssuedAtFromToken($jwt); } catch (\UnexpectedValueException $e) { throw new BadCredentialsException('Invalid JSON Web Token: ' . $e->getMessage()); } catch (\Exception $e) { throw new BadCredentialsException('Invalid JSON Web Token'); } $user = $userProvider->loadUserByUsername($username); $authentication = $user->getAuthentication(); if ($authentication) { $tokenNotValidBefore = $authentication->getInvalidateTokenIssuedBefore(); if ($tokenNotValidBefore) { if ($tokenNotValidBefore > $issuedAt) { throw new BadCredentialsException('Invalid JSON Web Token: Not issued before ' . $tokenNotValidBefore->format('c')); } } } $authenticatedToken = new PreAuthenticatedToken($user, $jwt, $providerKey); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; }
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (!$userProvider instanceof WebserviceUserProvider) { throw new \InvalidArgumentException(sprintf('The user provider must be an instance of ApiKeyUserProvider (%s was given).', get_class($userProvider))); } $apiKey = $token->getCredentials(); $user = $token->getUser(); if ($user instanceof User) { return new PreAuthenticatedToken($user, $apiKey, $providerKey, $user->getRoles()); } $user = $userProvider->loadUserByUsername($apiKey); $newToken = new PreAuthenticatedToken($user, $apiKey, $providerKey, $user->getRoles()); if (!is_null($user)) { $newToken->setAuthenticated(true); } return $newToken; }
/** * Update users to the new password encoding when they login * @param AuthenticationEntityInterface $authEntity * @param string $password */ protected function updateLegacyPassword(AuthenticationEntityInterface $authEntity, $password) { if ($authEntity->isLegacyAccount()) { //we have to have a valid token to update the user because the audit log requires it $authenticatedToken = new PreAuthenticatedToken($authEntity->getUser(), 'fakekey', 'fakeProvider'); $authenticatedToken->setAuthenticated(true); $this->tokenStorage->setToken($authenticatedToken); $authEntity->setPasswordSha256(null); $encodedPassword = $this->encoder->encodePassword($authEntity->getUser(), $password); $authEntity->setPasswordBcrypt($encodedPassword); $this->authManager->updateAuthentication($authEntity); } }