/** * @return string * @throws \TYPO3\Flow\Security\Exception\InvalidArgumentForHashGenerationException */ public function getJWTToken() { /** @var \TYPO3\Flow\Security\Account $account */ $account = $this->securityContext->getAccount(); $this->apiToken = $this->securityContext->getAuthenticationTokensOfType('RFY\\JWT\\Security\\Authentication\\Token\\JwtToken')[0]; if ($account->getAuthenticationProviderName() !== $this->apiToken->getAuthenticationProviderName()) { // TODO: Currently you can get only 1 tokenAccount because of the duplication restraint based on accountIdentifier & AuthenticationProviderName $account = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($account->getAccountIdentifier(), $this->apiToken->getAuthenticationProviderName()); if ($account === NULL) { $account = $this->generateTokenAccount(); } } $payload = array(); $payload['identifier'] = $account->getAccountIdentifier(); $payload['partyIdentifier'] = $this->persistenceManager->getIdentifierByObject($account->getParty()); $payload['user_agent'] = $this->request->getHeader('User-Agent'); $payload['ip_address'] = $this->request->getClientIpAddress(); if ($account->getCreationDate() instanceof \DateTime) { $payload['creationDate'] = $account->getCreationDate()->getTimestamp(); } if ($account->getExpirationDate() instanceof \DateTime) { $payload['expirationDate'] = $account->getExpirationDate()->getTimestamp(); } // Add hmac $hmac = $this->hashService->generateHmac($this->signature); return JWT::encode($payload, $hmac); }