/** * {@inheritdoc} */ public function loadUserByUsername($username) { $credentials = $this->accountCredentialsRepository->findByEmail(new EmailAddress($username)); if (!$credentials) { throw new UsernameNotFoundException(); } return AccountUser::fromAccountCredentials($credentials); }
public function __invoke($username, $password) { try { $user = $this->userProvider->loadUserByUsername($username); } catch (UsernameNotFoundException $e) { // in order to prevent timing attacks, we call the same method on a dummy user // this way it is not revealed that the user by that username does not exist in DB $this->passwordEncoder->isPasswordValid(AccountUser::dummy(), 'dummy'); return false; } return $this->passwordEncoder->isPasswordValid($user, $password) ? $username : false; }
function it_authenticates_token_when_request_contains_valid_access_token(ResourceServer $resourceServer, UserProviderInterface $userProvider, EmitterInterface $emitter) { $accessToken = 'DDSHs55zpG51Mtxnt6H8vwn5fVJ230dF'; $providerKey = 'default'; $userIdentifier = '*****@*****.**'; $resourceServer->isValidRequest(true)->shouldBeCalled(); $this->resourceServerWillReturnOwnerId($resourceServer, $emitter, $userIdentifier); $user = AccountUser::fromAccountCredentials(new AccountCredentials(new AccountId('1abfd7a0-e0ff-11e4-b571-0800200c9a66'), new Credentials(new EmailAddress($userIdentifier), 'pa$$word', 'salt123'))); $userProvider->loadUserByUsername($userIdentifier)->willReturn($user); $token = new PreAuthenticatedToken('anon.', $accessToken, $providerKey); $authenticatedToken = $this->authenticateToken($token, $userProvider, $providerKey); $authenticatedToken->shouldBeAnInstanceOf(PreAuthenticatedToken::class); $authenticatedToken->getUser()->shouldBe($user); $authenticatedToken->getProviderKey()->shouldBe($providerKey); $authenticatedToken->getRoles()->shouldBeLike($user->getRoles()); }