/** * @param GetResponseEvent $event * * @throws ClientAccessDeniedHttpException */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if ($this->securityContext->getToken() instanceof TokenInterface && $this->securityContext->getToken()->isAuthenticated()) { return; } if (!($accessToken = $request->get('access_token'))) { throw new ClientAccessDeniedHttpException(); } $token = $this->authenticationManager->authenticate(OAuth2Token::create($accessToken)); $this->securityContext->setToken($token); }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @throws TokenBlockedHttpException * @throws TokenExpiredHttpException * @throws UserNotFoundHttpException * @return TokenInterface An authenticated TokenInterface instance, never null */ public function authenticate(TokenInterface $token) { $accessToken = $token->getAccessToken(); $accessTokenEntity = $this->accessTokenRepository->findOneByCode($accessToken); if (is_null($accessTokenEntity) || $accessTokenEntity->isBlocked()) { throw new TokenBlockedHttpException(); } if ($accessTokenEntity->isExpired()) { throw new TokenExpiredHttpException(); } $authenticatedToken = OAuth2Token::createFromAccessTokenEntity($accessTokenEntity); return $authenticatedToken; }