/**
  * @test
  */
 public function it_returns_an_authenticated_token_when_the_jwt_is_valid()
 {
     $jwt = new Jwt();
     $token = new JwtUserToken($jwt);
     $this->decoderService->expects($this->once())->method('verifySignature')->with($jwt)->willReturn(true);
     $this->decoderService->expects($this->once())->method('validateData')->with($jwt)->willReturn(true);
     $this->decoderService->expects($this->once())->method('validateRequiredClaims')->with($jwt)->willReturn(true);
     $authToken = $this->authenticationProvider->authenticate($token);
     $this->assertEquals($jwt, $authToken->getCredentials());
     $this->assertTrue($authToken->isAuthenticated());
 }
 /**
  * @param GetResponseEvent $event
  */
 public function handle(GetResponseEvent $event)
 {
     $request = $event->getRequest();
     $jwtString = $this->getJwtString($request);
     if (empty($jwtString)) {
         return;
     }
     $jwt = $this->decoderService->parse(new StringLiteral($jwtString));
     $token = new JwtUserToken($jwt);
     try {
         $authenticatedToken = $this->authenticationManager->authenticate($token);
         $this->tokenStorage->setToken($authenticatedToken);
     } catch (AuthenticationException $e) {
         $event->setResponse(new Response($e->getMessage(), 401));
     }
 }
 /**
  * {@inheritdoc}
  */
 public function authenticate(TokenInterface $token)
 {
     /* @var JwtUserToken $token */
     if (!$this->supports($token)) {
         throw new AuthenticationException("Token type " . get_class($token) . " not supported.");
     }
     $jwt = $token->getCredentials();
     if (!$this->decoderService->verifySignature($jwt)) {
         throw new AuthenticationException("Token signature verification failed. The token is likely forged or manipulated.");
     }
     if (!$this->decoderService->validateData($jwt)) {
         throw new AuthenticationException("Token claims validation failed. This most likely means the token is expired.");
     }
     if (!$this->decoderService->validateRequiredClaims($jwt)) {
         throw new AuthenticationException("Token is missing one of its required claims.");
     }
     return new JwtUserToken($jwt, true);
 }
 /**
  * @test
  */
 public function it_returns_an_unauthorized_response_if_jwt_authentication_fails()
 {
     $tokenString = 'headers.payload.signature';
     $jwt = new Jwt(['alg' => 'none'], [], null, ['headers', 'payload']);
     $token = new JwtUserToken($jwt);
     $request = new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'Bearer ' . $tokenString], '');
     $this->getResponseEvent->expects($this->any())->method('getRequest')->willReturn($request);
     $this->jwtDecoderService->expects($this->once())->method('parse')->with(new StringLiteral($tokenString))->willReturn($jwt);
     $authenticationException = new AuthenticationException('Authentication failed', 666);
     $this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->willThrowException($authenticationException);
     $this->getResponseEvent->expects($this->once())->method('setResponse')->willReturnCallback(function (Response $response) {
         $this->assertEquals('Authentication failed', $response->getContent());
         $this->assertEquals(401, $response->getStatusCode());
     });
     $this->listener->handle($this->getResponseEvent);
 }