vendor/trikoder/oauth2-bundle/Security/Authentication/Provider/OAuth2Provider.php line 97

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Provider;
  7. use League\OAuth2\Server\Exception\OAuthServerException;
  8. use League\OAuth2\Server\ResourceServer;
  9. use RuntimeException;
  10. use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  13. use Symfony\Component\Security\Core\User\UserInterface;
  14. use Symfony\Component\Security\Core\User\UserProviderInterface;
  15. use Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Token\OAuth2Token;
  16. use Trikoder\Bundle\OAuth2Bundle\Security\Authentication\Token\OAuth2TokenFactory;
  18. final class OAuth2Provider implements AuthenticationProviderInterface
  19. {
  20.     /**
  21.      * @var UserProviderInterface
  22.      */
  23.     private $userProvider;
  25.     /**
  26.      * @var ResourceServer
  27.      */
  28.     private $resourceServer;
  30.     /**
  31.      * @var OAuth2TokenFactory
  32.      */
  33.     private $oauth2TokenFactory;
  35.     /**
  36.      * @var string
  37.      */
  38.     private $providerKey;
  40.     public function __construct(
  41.         UserProviderInterface $userProvider,
  42.         ResourceServer $resourceServer,
  43.         OAuth2TokenFactory $oauth2TokenFactory,
  44.         string $providerKey
  45.     ) {
  46.         $this->userProvider $userProvider;
  47.         $this->resourceServer $resourceServer;
  48.         $this->oauth2TokenFactory $oauth2TokenFactory;
  49.         $this->providerKey $providerKey;
  50.     }
  52.     /**
  53.      * {@inheritdoc}
  54.      */
  55.     public function authenticate(TokenInterface $token)
  56.     {
  57.         if (!$this->supports($token)) {
  58.             throw new RuntimeException(sprintf('This authentication provider can only handle tokes of type \'%s\'.'OAuth2Token::class));
  59.         }
  61.         try {
  62.             $request $this->resourceServer->validateAuthenticatedRequest(
  63.                 $token->getAttribute('server_request')
  64.             );
  65.         } catch (OAuthServerException $e) {
  66.             throw new AuthenticationException('The resource server rejected the request.'0$e);
  67.         }
  69.         $user $this->getAuthenticatedUser(
  70.             $request->getAttribute('oauth_user_id')
  71.         );
  73.         $token $this->oauth2TokenFactory->createOAuth2Token($request$user$this->providerKey);
  74.         $token->setAuthenticated(true);
  76.         return $token;
  77.     }
  79.     /**
  80.      * {@inheritdoc}
  81.      */
  82.     public function supports(TokenInterface $token)
  83.     {
  84.         return $token instanceof OAuth2Token && $this->providerKey === $token->getProviderKey();
  85.     }
  87.     private function getAuthenticatedUser(string $userIdentifier): ?UserInterface
  88.     {
  89.         if ('' === $userIdentifier) {
  90.             /*
  91.              * If the identifier is an empty string, that means that the
  92.              * access token isn't bound to a user defined in the system.
  93.              */
  94.             return null;
  95.         }
  97.         return $this->userProvider->loadUserByUsername($userIdentifier);
  98.     }
  99. }