/** * {@inheritdoc} */ public function authenticate(TokenInterface $token) { /** @var HmacUserToken $token */ if ($this->validateServiceLabel($token->getServiceLabel())) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($this->validateSignature($token->getRequest(), $token->getSignature(), $user->getPassword())) { $authenticatedToken = new HmacUserToken(); $authenticatedToken->setUser($user); $authenticatedToken->setServiceLabel($token->getServiceLabel()); $authenticatedToken->setRequest($token->getRequest()); return $authenticatedToken; } } throw new AuthenticationException('The HMAC authentication failed.'); }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (null !== ($authorization = $request->headers->get($this->authenticationHeaderName))) { $headerParts = array_map('trim', explode(' ', $authorization, 2)); if (2 === count($headerParts)) { $credentialParts = explode(':', $headerParts[1]); if (2 === count($credentialParts)) { $token = new HmacUserToken(); $token->setServiceLabel($headerParts[0]); $token->setUser($credentialParts[0]); $token->setSignature($credentialParts[1]); $token->setRequest($request); try { $authenticatedToken = $this->authenticationManager->authenticate($token); // Call setToken() on an instance of SecurityContextInterface or TokenStorageInterface (>=2.6) $this->tokenStorage->setToken($authenticatedToken); // Success return; } catch (AuthenticationException $exception) { } } } } $event->setResponse(new Response(null, 401)); }