<?php
namespace EADPlataforma\Security;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use EADPlataforma\Entity\User;
use EADPlataforma\Services\ConfigurationService;
use EADPlataforma\Services\GeneralService;
use EADPlataforma\Enum\ErrorEnum;
class ApiTokenAuthenticator extends AbstractGuardAuthenticator {
/**
* @var EntityManagerInterface
*/
private $em;
/**
* @var ConfigurationService
*/
private $configurationService;
/**
* @param ConfigurationService $configurationService
*/
public function __construct(ConfigurationService $configurationService, GeneralService $generalService) {
$this->configurationService = $configurationService;
$this->em = $generalService->getService('SchoolEntityManager');
}
/**
* Called on every request to decide if this authenticator should be
* used for the request. Returning false will cause this authenticator
* to be skipped.
*/
public function supports(Request $request) {
return true;
}
/**
* Called on every request. Return whatever credentials you want to
* be passed to getUser() as $credentials.
*/
public function getCredentials(Request $request) {
return [
"token" => $request->headers->get('X-AUTH-TOKEN'),
];
}
public function getUser($credentials, UserProviderInterface $userProvider) {
$apiToken = $credentials['token'];
if (null === $apiToken) {
throw new AuthenticationException("Token not found");
}
$apiTokenClient = $this->configurationService->get('ead_api_token');
if($apiToken != $apiTokenClient){
throw new AuthenticationException("Invalid Token");
}
$user = $this->em->getRepository(User::class)->find(1);
if(!$user){
throw new AuthenticationException("User Session not found");
}
// if a User object, checkCredentials() is called
return $user;
}
public function checkCredentials($credentials, UserInterface $user) {
// check credentials - e.g. make sure the password is valid
// no credential check is needed in this case
// return true to cause authentication success
return true;
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) {
// on success, let the request continue
return null;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) {
$data = [
"http_status" => 401,
"message" => "Token not found"
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
/**
* Called when authentication is needed, but it's not sent
*/
public function start(Request $request, AuthenticationException $authException = null) {
$data = [
"data" => [ "message" => "Authentication Required" ],
"error" => ErrorEnum::AUTH_INVALID
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
public function supportsRememberMe() {
return false;
}
}