/**
* {@inheritdoc}
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
if (!$userProvider instanceof UserManager) {
throw new \InvalidArgumentException(sprintf('The user provider must be an instance of UserManager (%s was given).', get_class($userProvider)));
}
$user = $token->getUser();
if ($user instanceof AbstractUser) {
return new SauthToken($user, $token->getCredentials(), $providerKey, $user->getRoles());
}
$service = $this->oauth->getService($token->getServiceId());
$userId = $service->authenticate($token, $userProvider);
if (!$userId) {
throw new AuthenticationException(sprintf('Authentication Problem.'));
}
$credentials = $userProvider->getCredentials($token->getServiceId(), $userId);
if ($credentials) {
$user = $credentials->getUser();
} else {
$username = $service->getUsername($userId);
$user = $userProvider->loadUserByUsername($username);
if (!$user) {
if ($this->allowRegistration === false) {
throw new AccessDeniedException("We couldn't find a user matching these credentials. New registrations are currently closed.");
}
$user = $userProvider->createNew($username);
}
$userProvider->saveCredentials($user, $token->getServiceId(), $userId, $service->getUserTokens());
}
return new SauthToken($user, $token->getCredentials(), $providerKey, $user->getRoles());
}
