tothbt/keycloak-bundle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
91f14ae4cbd1b9cad6a712bb07875122e91d9027
keycloak-bundle/Security/Authenticator/KeycloakBearerAuthenticator.php
ELMAKHROUBI ABDELLAH 436615212d use the new authenticator system introduced since 5.3
2021-11-10 15:54:50 +01:00

63 lines
2.3 KiB
PHP
Raw Blame History

<?php
namespace ABEL\Bundle\keycloakBearerOnlyAdapterBundle\Security\Authenticator;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
class KeycloakBearerAuthenticator extends AbstractAuthenticator
{
/**
* @param string $token
* @return string
*/
protected function formatToken(string $token): string
{
return trim(preg_replace('/^(?:\s+)?[B-b]earer\s/', '', $token));
}
public function supports(Request $request): ?bool
{
return $request->headers->has('Authorization');
}
public function authenticate(Request $request): PassportInterface
{
$token = $request->headers->get('Authorization');
if (null === $token) {
// The token header was empty, authentication fails with HTTP Status
// Code 401 "Unauthorized"
throw new CustomUserMessageAuthenticationException('Token is not present in the request headers');
}
return new SelfValidatingPassport(new UserBadge($this->formatToken($token)));
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
return null;
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
{
$data = [
// you may want to customize or obfuscate the message first
'message' => strtr($exception->getMessageKey(), $exception->getMessageData())
// or to translate this message
// $this->translator->trans($exception->getMessageKey(), $exception->getMessageData())
];
return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
}
}
Reference in New Issue View Git Blame Copy Permalink