src/Platform/SecurityBundle/Service/Authenticator/JWTAuthenticator.php line 26

Open in your IDE?
  1. <?php
  3. namespace Platform\SecurityBundle\Service\Authenticator;
  5. use Cms\CoreBundle\Util\Doctrine\EntityManager;
  6. use Lexik\Bundle\JWTAuthenticationBundle\Exception\ExpiredTokenException;
  7. use Lexik\Bundle\JWTAuthenticationBundle\Exception\InvalidPayloadException;
  8. use Lexik\Bundle\JWTAuthenticationBundle\Exception\InvalidTokenException;
  9. use Lexik\Bundle\JWTAuthenticationBundle\Exception\JWTDecodeFailureException;
  10. use Lexik\Bundle\JWTAuthenticationBundle\Security\Authenticator\JWTAuthenticator as BaseJWTAuthenticator;
  11. use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
  12. use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\ChainTokenExtractor;
  13. use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\QueryParameterTokenExtractor;
  14. use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\TokenExtractorInterface;
  15. use Platform\SecurityBundle\Doctrine\Identity\AccountRepository;
  16. use Platform\SecurityBundle\Entity\Identity\Account;
  17. use Platform\SecurityBundle\Service\AccountProvider;
  18. use Symfony\Component\HttpFoundation\Request;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  21. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  22. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  23. use Symfony\Contracts\Translation\TranslatorInterface;
  24. use LogicException;
  26. class JWTAuthenticator extends BaseJWTAuthenticator
  27. {
  28.     /**
  29.      * @var EntityManager
  30.      */
  31.     protected EntityManager $entityManager;
  33.     /**
  34.      * @var JWTTokenManagerInterface
  35.      */
  36.     protected JWTTokenManagerInterface $jwtTokenManager;
  38.     /**
  39.      * @param EntityManager $entityManager
  40.      * @param JWTTokenManagerInterface $jwtManager
  41.      * @param EventDispatcherInterface $eventDispatcher
  42.      * @param TokenExtractorInterface $tokenExtractor
  43.      * @param AccountProvider $accountProvider
  44.      * @param TranslatorInterface $translator
  45.      */
  46.     public function __construct(
  47.         EntityManager $entityManager,
  48.         JWTTokenManagerInterface $jwtManager,
  49.         EventDispatcherInterface $eventDispatcher,
  50.         TokenExtractorInterface $tokenExtractor,
  51.         AccountProvider $accountProvider,
  52.         TranslatorInterface $translator
  53.     )
  54.     {
  55.         parent::__construct(
  56.             $jwtManager,
  57.             $eventDispatcher,
  58.             $tokenExtractor,
  59.             $accountProvider,
  60.             $translator
  61.         );
  63.         $this->entityManager $entityManager;
  64.         $this->jwtTokenManager $jwtManager;
  65.     }
  67.     /**
  68.      * @return TokenExtractorInterface
  69.      */
  70.     protected function getTokenExtractor(): TokenExtractorInterface
  71.     {
  72.         $chainExtractor parent::getTokenExtractor();
  73.         if ( ! $chainExtractor instanceof ChainTokenExtractor) {
  74.             throw new LogicException();
  75.         }
  77.         $chainExtractor->clearMap();
  78.         $chainExtractor->addExtractor(new QueryParameterTokenExtractor('token'));
  79.         return $chainExtractor;
  80.     }
  82.     /**
  83.      * @param Request $request
  84.      * @return Passport
  85.      */
  86.     public function doAuthenticate(Request $request): Passport
  87.     {
  88.         $token $this->getTokenExtractor()->extract($request);
  89.         if ($token === false) {
  90.             throw new LogicException('Unable to extract a JWT token from the request. Also, make sure to call `supports()` before `authenticate()` to get a proper client error.');
  91.         }
  93.         try {
  94.             if (!$payload $this->jwtTokenManager->parse($token)) {
  95.                 throw new InvalidTokenException('Invalid JWT Token');
  96.             }
  97.         } catch (JWTDecodeFailureException $e) {
  98.             if (JWTDecodeFailureException::EXPIRED_TOKEN === $e->getReason()) {
  99.                 throw new ExpiredTokenException();
  100.             }
  102.             throw new InvalidTokenException('Invalid JWT Token'0$e);
  103.         }
  105.         $uid $payload['id'] ?? null;
  106.         if (empty($uid)) {
  107.             throw new InvalidPayloadException('id');
  108.         }
  110.         $passport = new SelfValidatingPassport(
  111.             new UserBadge($uid, function ($identifier) {
  112.                 /** @var AccountRepository $accountRepository */
  113.                 $accountRepository $this->entityManager->getRepository(Account::class);
  114.                 return $accountRepository->findOneBy(['internalUid' => $identifier]);
  115.             })
  116.         );
  118.         $passport->setAttribute('payload', []);
  119.         $passport->setAttribute('token'$token);
  121.         return $passport;
  122.     }
  123. }