/** * @inheritdoc */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { /* @var PreAuthenticatedToken $token */ $authToken = $token->getToken(); if (empty($authToken)) { $authToken = 'NONE_PROVIDED'; } $tokenEntity = $this->tokenManager->findById($authToken); if (!$tokenEntity) { throw new BadCredentialsException('Bad token'); } if (true === $this->tokenManager->isExpired($tokenEntity)) { throw new TokenExpiredException('Token expired'); } $user = $this->retrieveUser($userProvider, $tokenEntity); if (!$user instanceof UserInterface) { throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.'); } try { $this->userChecker->checkPreAuth($user); $this->checkAuthentication($user, $tokenEntity, $token); $this->userChecker->checkPostAuth($user); } catch (BadCredentialsException $e) { throw new BadCredentialsException('Bad credentials', 0, $e); } $authenticatedToken = new PreAuthenticatedToken($token->getToken(), $providerKey, $user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setAttributes($token->getAttributes()); return $authenticatedToken; }
/** * @test */ public function it_can_check_for_expired_tokens() { $this->assertFalse($this->manager->isExpired((new Token())->setExpiresAt(new \DateTime('10 seconds')))); $this->assertTrue($this->manager->isExpired((new Token())->setExpiresAt(new \DateTime('-10 seconds')))); }