vendor/nen/kennisbank-platform/src/Nen/Security/JwtTokenAuthenticator.php line 23

Open in your IDE?
  1. <?php
  2. namespace Nen\Bundle\KennisbankPlatformBundle\Security;
  3. use Doctrine\ORM\EntityManagerInterface;
  4. use Lexik\Bundle\JWTAuthenticationBundle\Encoder\JWTEncoderInterface;
  5. use Lexik\Bundle\JWTAuthenticationBundle\TokenExtractor\QueryParameterTokenExtractor;
  6. use Symfony\Component\HttpFoundation\Request;
  7. use Symfony\Component\HttpFoundation\Response;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  11. use Symfony\Component\Security\Core\User\UserProviderInterface;
  12. use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
  13. use App\Entity\User;
  14. use Symfony\Component\HttpFoundation\JsonResponse;
  15. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  20. class JwtTokenAuthenticator extends AbstractAuthenticator
  21. {
  22.     private $jwtEncoder;
  23.     private $em;
  24.     private $urlGenerator;
  25.     private $extractor;
  26.     public function __construct(JWTEncoderInterface $jwtEncoderEntityManagerInterface $emUrlGeneratorInterface $urlGenerator)
  27.     {
  28.         $this->jwtEncoder $jwtEncoder;
  29.         $this->em $em;
  30.         $this->urlGenerator $urlGenerator;
  31.         $this->extractor = new QueryParameterTokenExtractor(
  32.             'jwt'
  33.         );
  34.     }
  35.     public function supports(Request $request): bool
  36.     {
  37.         return false !== $this->extractor->extract($request) &&  ! in_array($request->attributes->get('_route'), ['login''subscription_index''abonnementen_detail']) ;
  38.     }
  39.     public function getCredentials(Request $request)
  40.     {
  41.         $token $this->extractor->extract($request);
  42.         if (!$token) {
  43.             return;
  44.         }
  45.         return $token;
  46.     }
  47.     public function getUser($credentials)
  48.     {
  49.         try {
  50.             $data $this->jwtEncoder->decode($credentials);
  51.         } catch (JWTDecodeFailureException $e) {
  52.             // if you want to, use can use $e->getReason() to find out which of the 3 possible things went wrong
  53.             // and tweak the message accordingly
  54.             // https://github.com/lexik/LexikJWTAuthenticationBundle/blob/05e15967f4dab94c8a75b275692d928a2fbf6d18/Exception/JWTDecodeFailureException.php
  55.             throw new CustomUserMessageAuthenticationException('Invalid Token');
  56.         }
  57.         if ($data === false) {
  58.             throw new CustomUserMessageAuthenticationException('Invalid Token');
  59.         }
  60.         if (empty($data['username'])) {
  61.             return null;
  62.         }
  63.         $username $data['username'];
  64.         return $this->em
  65.             ->getRepository(User::class)
  66.             ->findOneBy(['username' => $username]);
  67.     }
  68.     public function authenticate(Request $request): PassportInterface
  69.     {
  70.         $credentials $this->getCredentials($request);
  71.         try {
  72.             $data $this->jwtEncoder->decode($credentials);
  73.             return new SelfValidatingPassport(
  74.             new UserBadge($credentials, [$this'getUser'])
  75.         );
  76.         } catch (JWTDecodeFailureException $e) {
  77.             // if you want to, use can use $e->getReason() to find out which of the 3 possible things went wrong
  78.             // and tweak the message accordingly
  79.             // https://github.com/lexik/LexikJWTAuthenticationBundle/blob/05e15967f4dab94c8a75b275692d928a2fbf6d18/Exception/JWTDecodeFailureException.php
  80.             throw new CustomUserMessageAuthenticationException('Invalid Token');
  81.         }
  82.         return true;
  83.     }
  84.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  85.     {
  86.         $response = new RedirectResponse($this->urlGenerator->generate('login', ['jwt' => $this->extractor->extract($request)]), 302);
  87.         // $response->headers->set('Authorization', 'Bearer ' . $this->extractor->extract($request));
  88.         return $response;
  89.         // do nothing - let the controller be called
  90.     }
  91.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  92.     {
  93.          return null;
  94.     }
  95.     public function supportsRememberMe()
  96.     {
  97.         return false;
  98.     }
  99.     public function start(Request $requestAuthenticationException $authException null)
  100.     {
  101.         return new JsonResponse([
  102.             'error' => 'auth required'
  103.         ], 401);
  104.     }
  105. }