src/Security/ApiKeyAuthenticator.php line 62
<?phpnamespace App\Security;use App\Entity\User;use App\Security\Providers\UserProvider;use Symfony\Component\HttpFoundation\JsonResponse;use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Exception\AuthenticationException;use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PreAuthenticatedUserBadge;use Symfony\Component\Security\Http\Authenticator\Passport\Passport;use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;use League\OAuth2\Server\CryptKey;use League\OAuth2\Server\CryptTrait;use League\OAuth2\Server\Exception\OAuthServerException;use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface;use DateTimeZone;use Lcobucci\Clock\SystemClock;use Lcobucci\JWT\Configuration;use Lcobucci\JWT\Signer\Key\InMemory;use Lcobucci\JWT\Signer\Rsa\Sha256;use Lcobucci\JWT\Validation\Constraint\SignedWith;use Lcobucci\JWT\Validation\Constraint\StrictValidAt;use Lcobucci\JWT\Validation\Constraint\ValidAt;use Lcobucci\JWT\Validation\RequiredConstraintsViolated;use Psr\Http\Message\ServerRequestInterface;use Symfony\Component\HttpFoundation\RequestStack;use Symfony\Component\HttpFoundation\Session\Session;class ApiKeyAuthenticator extends AbstractAuthenticator{use CryptTrait;public const PREFIX = 'Bearer ';private UserProvider $userProvider;/** @var RequestStack */private RequestStack $requestStack;/** @var ?string */protected $accessToken;/*** @param AccessTokenRepositoryInterface $accessTokenRepository* @param RequestStack $requestStack* @param UserProvider $userProvider**/public function __construct(AccessTokenRepositoryInterface $accessTokenRepository, RequestStack $requestStack, UserProvider $userProvider){$this->requestStack = $requestStack;$this->userProvider = $userProvider;/** @var Session $session */$session = $this->requestStack->getSession();$this->accessToken = $session->get('accessToken');}public function supports(Request $request): ?bool{return null !== $this->accessToken;}public function authenticate(Request $request): Passport{/** @var Session $session */$session = $this->requestStack->getSession();$accessToken = $session->get('accessToken');return new SelfValidatingPassport(new UserBadge($accessToken, function () use ($accessToken) {return $this->userProvider->loadUserByAccessToken($accessToken);}));}public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response{// on success, let the request continuereturn null;}public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response{$data = [// you may want to customize or obfuscate the message first'message' => strtr($exception->getMessageKey(), $exception->getMessageData())// or to translate this message// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())];return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);}}