vendor/trikoder/oauth2-bundle/Security/Authentication/Provider/OAuth2Provider.php line 87

Open in your IDE?
  1. <?php
  2. declare(strict_types=1);
  3. namespace Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Provider;
  4. use League\OAuth2\Server\Exception\OAuthServerException;
  5. use League\OAuth2\Server\ResourceServer;
  6. use RuntimeException;
  7. use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  11. use Symfony\Component\Security\Core\User\UserProviderInterface;
  12. use Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Token\OAuth2Token;
  13. use Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Token\OAuth2TokenFactory;
  14. final class OAuth2Provider implements AuthenticationProviderInterface
  15. {
  16.     /**
  17.      * @var UserProviderInterface
  18.      */
  19.     private $userProvider;
  20.     /**
  21.      * @var ResourceServer
  22.      */
  23.     private $resourceServer;
  24.     /**
  25.      * @var OAuth2TokenFactory
  26.      */
  27.     private $oauth2TokenFactory;
  28.     /**
  29.      * @var string
  30.      */
  31.     private $providerKey;
  32.     public function __construct(
  33.         UserProviderInterface $userProvider,
  34.         ResourceServer $resourceServer,
  35.         OAuth2TokenFactory $oauth2TokenFactory,
  36.         string $providerKey
  37.     ) {
  38.         $this->userProvider $userProvider;
  39.         $this->resourceServer $resourceServer;
  40.         $this->oauth2TokenFactory $oauth2TokenFactory;
  41.         $this->providerKey $providerKey;
  42.     }
  43.     /**
  44.      * {@inheritdoc}
  45.      */
  46.     public function authenticate(TokenInterface $token)
  47.     {
  48.         if (!$this->supports($token)) {
  49.             throw new RuntimeException(sprintf('This authentication provider can only handle tokes of type \'%s\'.'OAuth2Token::class));
  50.         }
  51.         try {
  52.             $request $this->resourceServer->validateAuthenticatedRequest(
  53.                 $token->getAttribute('server_request')
  54.             );
  55.         } catch (OAuthServerException $e) {
  56.             throw new AuthenticationException('The resource server rejected the request.'0$e);
  57.         }
  58.         $user $this->getAuthenticatedUser(
  59.             $request->getAttribute('oauth_user_id')
  60.         );
  61.         $token $this->oauth2TokenFactory->createOAuth2Token($request$user$this->providerKey);
  62.         $token->setAuthenticated(true);
  63.         return $token;
  64.     }
  65.     /**
  66.      * {@inheritdoc}
  67.      */
  68.     public function supports(TokenInterface $token)
  69.     {
  70.         return $token instanceof OAuth2Token && $this->providerKey === $token->getProviderKey();
  71.     }
  72.     private function getAuthenticatedUser(string $userIdentifier): ?UserInterface
  73.     {
  74.         if ('' === $userIdentifier) {
  75.             /*
  76.              * If the identifier is an empty string, that means that the
  77.              * access token isn't bound to a user defined in the system.
  78.              */
  79.             return null;
  80.         }
  81.         return $this->userProvider->loadUserByUsername($userIdentifier);
  82.     }
  83. }