/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (!$this->keyExtractor->hasKey($request)) { $response = new Response(); $response->setStatusCode(401); $event->setResponse($response); return; } $apiKey = $this->keyExtractor->extractKey($request); $token = new ApiKeyUserToken(); $token->setApiKey($apiKey); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { $token = $this->securityContext->getToken(); if ($token instanceof ApiKeyUserToken && $token->getCredentials() == $apiKey) { $this->securityContext->setToken(null); } $message = $failed->getMessage(); } $response = new Response(); $response->setContent($message); $response->setStatusCode(403); $event->setResponse($response); }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $apiKey = $request->headers->get('Authorization', $request->query->get('api_key')); if (!$apiKey) { if (true === $this->forceApiKey) { $response = new Response(); $response->setStatusCode(401); $event->setResponse($response); } return; } $token = new ApiKeyUserToken(); $token->setApiKey($apiKey); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { $token = $this->securityContext->getToken(); if ($token instanceof ApiKeyUserToken && $token->getCredentials() == $apiKey) { $this->securityContext->setToken(null); } $message = $failed->getMessage(); } if ($this->isJsonRequest($request)) { $response = new JsonResponse(array('error' => $message)); } else { $response = new Response(); $response->setContent($message); } $response->setStatusCode(401); $event->setResponse($response); }