Test Setup Failed
Pull Request — master (#146)
by
unknown
02:57
created

RefreshTokenAuthenticator::supportsToken()   A

Complexity

Conditions 2
Paths 2

Size

Total Lines 4

Duplication

Lines 0
Ratio 0 %

Code Coverage

Tests 0
CRAP Score 6

Importance

Changes 0
Metric Value
dl 0
loc 4
rs 10
c 0
b 0
f 0
ccs 0
cts 0
cp 0
cc 2
nc 2
nop 2
crap 6
1
<?php
2
3
/*
4
 * This file is part of the GesdinetJWTRefreshTokenBundle package.
5
 *
6
 * (c) Gesdinet <http://www.gesdinet.com/>
7
 *
8
 * For the full copyright and license information, please view the LICENSE
9
 * file that was distributed with this source code.
10
 */
11
12
namespace Gesdinet\JWTRefreshTokenBundle\Security\Authenticator;
13
14
use Gesdinet\JWTRefreshTokenBundle\Request\RequestRefreshToken;
15
use Symfony\Component\HttpFoundation\JsonResponse;
16
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
17
use Symfony\Component\Security\Core\Exception\AuthenticationException;
18
use Symfony\Component\HttpFoundation\Request;
19
use Symfony\Component\Security\Core\User\UserCheckerInterface;
20
use Symfony\Component\Security\Core\User\UserInterface;
21
use Symfony\Component\Security\Core\User\UserProviderInterface;
22
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
23
use Symfony\Component\HttpFoundation\Response;
24 1
use Gesdinet\JWTRefreshTokenBundle\Security\Provider\RefreshTokenProvider;
25
26
/**
27
 * Class RefreshTokenAuthenticator.
28 1
 */
29
class RefreshTokenAuthenticator extends AbstractGuardAuthenticator
30
{
31
32
    /**
33
     * @var UserCheckerInterface
34
     */
35
    private $userChecker;
36
37
    /**
38
     * @var string
39
     */
40
    protected $tokenParameterName;
41
42
    /**
43
     * Constructor.
44
     *
45
     * @param UserCheckerInterface $userChecker
46
     * @param string               $tokenParameterName
47
     */
48
    public function __construct(UserCheckerInterface $userChecker, $tokenParameterName)
49
    {
50
        $this->userChecker = $userChecker;
51
        $this->tokenParameterName = $tokenParameterName;
52
    }
53
54
    public function supports(Request $request)
55
    {
56
        return null !== RequestRefreshToken::getRefreshToken($request, $this->tokenParameterName);
57
    }
58
59
    public function getCredentials(Request $request)
60
    {
61
        return [
62
            'token' => RequestRefreshToken::getRefreshToken($request, $this->tokenParameterName),
63
        ];
64
    }
65
66
    public function getUser($credentials, UserProviderInterface $userProvider)
67
    {
68
        if (!$userProvider instanceof RefreshTokenProvider) {
69
            throw new \InvalidArgumentException(
70
                sprintf(
71
                    'The user provider must be an instance of RefreshTokenProvider (%s was given).',
72
                    get_class($userProvider)
73
                )
74
            );
75
        }
76
77
        $refreshToken = $credentials['token'];
78
79
        $username = $userProvider->getUsernameForRefreshToken($refreshToken);
80 1
81
        if (null === $username) {
82 1
            throw new AuthenticationException(
83
                sprintf('Refresh token "%s" does not exist.', $refreshToken)
84
            );
85 1
        }
86
87 1
        $user = $userProvider->loadUserByUsername($username);
88
89
        $this->userChecker->checkPreAuth($user);
90
        $this->userChecker->checkPostAuth($user);
91
92
        return $user;
93
    }
94
95
    public function checkCredentials($credentials, UserInterface $user)
96
    {
97
        // check credentials - e.g. make sure the password is valid
98
        // no credential check is needed in this case
99
100
        // return true to cause authentication success
101
        return true;
102
    }
103
104
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
105
    {
106
        // on success, let the request continue
107
        return null;
108
    }
109
110
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
111
    {
112
        return new Response('Refresh token authentication failed.', 403);
113
    }
114
115
    public function start(Request $request, AuthenticationException $authException = null)
116
    {
117
        $data = [
118
            // you might translate this message
119
            'message' => 'Authentication Required',
120
        ];
121
122
        return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
123
    }
124
125
    public function supportsRememberMe()
126
    {
127
        return false;
128
    }
129
}
130