/** * Validates the password for wsse. * * @param UserInterface $user The provided user. * @param TokenInterface $token The created token. * * @return boolean * * @throws NonceExpiredException If the none is used again if the lifetime is expired. */ protected function validateDigest(UserInterface $user, TokenInterface $token) { $created = $token->getCreated(); $nonce = $token->getNonce(); // expired after the lifetime if (time() - strtotime($created) > $this->lifetime) { return false; } if ($this->filesystem->exists($this->cacheDir . '/' . $nonce) && file_get_contents($this->cacheDir . '/' . $nonce) + $this->lifetime > time()) { throw new NonceExpiredException('Previously used nonce detected'); } // if cache directory does not exist it will be created if ($this->filesystem->exists($this->cacheDir) === false) { $this->filesystem->mkdir($this->cacheDir, 0777); } $this->filesystem->dumpFile($this->cacheDir . '/' . $nonce, time()); $salt = base64_decode($nonce) . $created; if (!$this->encoder->isPasswordValid($token->getDigest(), $user->getPassword(), $salt)) { throw new BadCredentialsException('The presented password is invalid.'); } return true; }