public function handle(GetResponseEvent $event) { // getting request $request = $event->getRequest(); // getting attributes $apiClientToken = $request->attributes->get('apiClientToken'); $apiUserToken = $request->attributes->get('apiUserToken'); $apiServerAction = $request->attributes->get('apiAction'); /* @var $apiServerAction ApiServerAction */ // cleaning credentials and interface name $request->attributes->remove('apiClientToken'); $request->attributes->remove('apiUserToken'); // creating token $token = new Token($apiServerAction->getApiServerInterface()); $token->setCredentials([$apiClientToken, $apiUserToken]); try { // authenticating $authenticatedToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authenticatedToken); // getting authenticated user $user = $authenticatedToken->getUser(); /* @var $user User */ // setting request attributes $request->attributes->set('apiConnection', $user->getApiConnection()); $request->attributes->set('apiClient', $user->getApiClient()); $request->attributes->set('apiUser', $user->getApiUser()); } catch (\Exception $e) { $event->stopPropagation(); throw new AccessDeniedHttpException(null, $e); } }
public function authenticate(TokenInterface $token) { /* @var $token Token */ try { $credentials = $token->getCredentials(); $user = $this->userProvider->authenticate($token->getApiServerInterface(), $credentials[0], $credentials[1]); } catch (\Exception $e) { throw new AccessDeniedHttpException('Authentication error: ' . $e->getMessage()); } $authenticatedToken = new Token($token->getApiServerInterface(), $user->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; }