public function authenticate(TokenInterface $token) { if (strlen($token->getOAuthToken()) === 0) { $url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_id=" . $this->remoteApiId . "&client_secret=" . $this->remoteApiSecret . "&grant_type=password" . "&username="******"&password=" . $token->getPassword(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $apiResponse = json_decode(curl_exec($ch)); curl_close($ch); if (isset($apiResponse->access_token)) { $user = $this->userManager->createUser(); $user->setUsername($token->getUsername()); $authenticatedToken = new OAuthUserToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setOAuthToken($apiResponse->access_token); $authenticatedToken->setRefreshToken($apiResponse->refresh_token); $authenticatedToken->setTokenType($apiResponse->token_type); // We take 3 minutes less (180 seconds) just to be sure. $authenticatedToken->setExpireTime(time() + $apiResponse->expires_in - 180); return $authenticatedToken; } elseif (isset($apiResponse->error_description)) { throw new AuthenticationException($apiResponse->error_description); } else { throw new AuthenticationException('The OAuth authentication failed.'); } } else { return $token; } }
/** * {@inheritDoc} */ public function authenticate(TokenInterface $token) { $oauthRequest = OAuthRequest::createFromRequest($token->request); // Not authenticated if (!$this->server->verifyResourceRequest($oauthRequest)) { throw new AuthenticationException('OAuth2 authentication failed'); } $userData = $this->server->getAccessTokenData($oauthRequest); $user = $this->userProvider->findById($userData['user_id']); $roles = $this->roleFinder->findRoleNamesByUserId($user->getId()); $user->setRoles($roles); $authenticatedToken = new OAuth2UserToken($roles); $authenticatedToken->setUser($user); $authenticatedToken->setAuthenticated(true); $authenticatedToken->setOAuthToken($token->getOAuthToken()); return $authenticatedToken; }