/**
  * @inheritdoc
  */
 public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
 {
     /* @var PreAuthenticatedToken $token */
     $authToken = $token->getToken();
     if (empty($authToken)) {
         $authToken = 'NONE_PROVIDED';
     }
     $tokenEntity = $this->tokenManager->findById($authToken);
     if (!$tokenEntity) {
         throw new BadCredentialsException('Bad token');
     }
     if (true === $this->tokenManager->isExpired($tokenEntity)) {
         throw new TokenExpiredException('Token expired');
     }
     $user = $this->retrieveUser($userProvider, $tokenEntity);
     if (!$user instanceof UserInterface) {
         throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.');
     }
     try {
         $this->userChecker->checkPreAuth($user);
         $this->checkAuthentication($user, $tokenEntity, $token);
         $this->userChecker->checkPostAuth($user);
     } catch (BadCredentialsException $e) {
         throw new BadCredentialsException('Bad credentials', 0, $e);
     }
     $authenticatedToken = new PreAuthenticatedToken($token->getToken(), $providerKey, $user->getRoles());
     $authenticatedToken->setUser($user);
     $authenticatedToken->setAttributes($token->getAttributes());
     return $authenticatedToken;
 }
 /**
  * @test
  */
 public function it_can_check_for_expired_tokens()
 {
     $this->assertFalse($this->manager->isExpired((new Token())->setExpiresAt(new \DateTime('10 seconds'))));
     $this->assertTrue($this->manager->isExpired((new Token())->setExpiresAt(new \DateTime('-10 seconds'))));
 }