/** * Logout the user if the token is expired * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { $token = $this->tokenStorage->getToken(); if (!$token instanceof RoleToken) { return; } if (!$token->isExpired()) { return; } $config = $this->configProvider->getRoleConfig(); $response = new RedirectResponse($config['logout_path']); $event->setResponse($response); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $user = $userProvider->loadUserByUsername($token->getUsername()); $config = $this->configProvider->getRoleConfig(); $params = ["client_id" => $config['client_id'], "client_secret" => $config['client_secret'], "username" => $token->getUsername(), "password" => $token->getCredentials()]; try { $storage = $this->roleTokenProvider->authentificate($config['endpoint'], $params, $this->role); } catch (BadAuthentificationException $e) { // CAUTION: this message will be returned to the client // (so don't put any un-trusted messages / error strings here) throw new CustomUserMessageAuthenticationException('Invalid username or password'); } $roleToken = new RoleToken($user, $user->getPassword(), $providerKey, $user->getRoles()); $roleToken->setAccessToken($storage['accessToken']); $roleToken->setRefreshToken($storage['refreshToken']); $roleToken->setRoleRequired($this->role); $roleToken->setExpiresIn($storage['expiresIn']); return $roleToken; }
public function testConfiguration() { $containerMock = $this->getMockBuilder(ContainerInterface::class)->disableOriginalConstructor()->getMock(); $containerMock->expects($this->any())->method('getParameter')->willReturnCallback(function ($name) { $prefix = "vss_oauth_extension.auth.role"; switch ($name) { case "{$prefix}.client_id": return 37; case "{$prefix}.client_secret": return "secret"; case "{$prefix}.endpoint": return "/token"; case "{$prefix}.logout_path": return "logout_path"; } }); $routerMock = $this->getMockBuilder(Router::class)->disableOriginalConstructor()->getMock(); $routerMock->expects($this->once())->method('generate')->with('logout_path')->willReturn('/logout'); $configProvider = new ConfigProvider($containerMock, $routerMock); $config = $configProvider->getRoleConfig(); $expected = ["client_id" => 37, "client_secret" => "secret", "endpoint" => "/token", "logout_path" => "/logout"]; $this->assertEquals($expected, $config); }