/** * @param Request $request * @param string $providerKey * * @return PreAuthenticatedToken */ public function createToken(Request $request, $providerKey) { $tokenString = $request->headers->get('Authorization'); if (0 === strpos($tokenString, 'Bearer ')) { $tokenString = substr($tokenString, 7); } if (!$tokenString) { throw new BadCredentialsException('No API key found'); } try { $token = new JwtToken($tokenString); $key = $this->getKeyById($token->getKeyId()); $key->validateToken($token); } catch (\Exception $e) { throw new AuthenticationException('Invalid key', 0, $e); } return new PreAuthenticatedToken('anon.', $token, $providerKey); }
/** * @param JwtToken $token * * @throws \InvalidArgumentException */ public function validateToken(JwtToken $token) { $this->validateHeader($token->getHeader()); $this->validateClaims($token->getClaims()); if (!$this->secretLoader) { $token->validateSignature($this->secret, $this->getSignatureValidator()); return; } $token->validateSignature($this->secretLoader->load($token), $this->getSignatureValidator()); }
/** * @test */ public function willNitFailWhenSignatureValidationIsSuccessful() { $validator = $this->getMockBuilder('KleijnWeb\\JwtBundle\\Authenticator\\SignatureValidator\\SignatureValidator')->getMockForAbstractClass(); $token = new JwtToken(self::EXAMPLE_TOKEN); $validator->expects($this->once())->method('isValid')->willReturn(true); $token->validateSignature('foobar', $validator); }