New authenticator for the newer Symfony authenticator API

markitosgv · Jun 29, 2021 · 23f4fa6 · 23f4fa6
1 parent aafe5fb
commit 23f4fa6
Show file tree

Hide file tree

Showing 11 changed files with 497 additions and 7 deletions.
diff --git a/Event/RefreshAuthenticationFailureEvent.php b/Event/RefreshAuthenticationFailureEvent.php
@@ -0,0 +1,49 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Event;
+
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
+class RefreshAuthenticationFailureEvent extends Event
+{
+    /**
+     * @var AuthenticationException
+     */
+    private $exception;
+
+    /**
+     * @var Response|null
+     */
+    private $response;
+
+    public function __construct(AuthenticationException $exception, ?Response $response = null)
+    {
+        $this->exception = $exception;
+        $this->response = $response;
+    }
+
+    public function getException(): AuthenticationException
+    {
+        return $this->exception;
+    }
+
+    public function getResponse(): ?Response
+    {
+        return $this->response;
+    }
+
+    public function setResponse(?Response $response = null): void
+    {
+        $this->response = $response;
+    }
+}
diff --git a/Event/RefreshEvent.php b/Event/RefreshEvent.php
@@ -12,27 +12,41 @@
 namespace Gesdinet\JWTRefreshTokenBundle\Event;
 
 use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenInterface;
-use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 
 class RefreshEvent extends Event
 {
+    /**
+     * @var RefreshTokenInterface
+     */
     private $refreshToken;
 
-    private $preAuthenticatedToken;
+    /**
+     * @var TokenInterface
+     */
+    private $token;
 
-    public function __construct(RefreshTokenInterface $refreshToken, PostAuthenticationGuardToken $preAuthenticatedToken)
+    public function __construct(RefreshTokenInterface $refreshToken, TokenInterface $token)
     {
         $this->refreshToken = $refreshToken;
-        $this->preAuthenticatedToken = $preAuthenticatedToken;
+        $this->token = $token;
     }
 
     public function getRefreshToken()
     {
         return $this->refreshToken;
     }
 
+    /**
+     * @deprecated use getToken() instead
+     */
     public function getPreAuthenticatedToken()
     {
-        return $this->preAuthenticatedToken;
+        return $this->getToken();
+    }
+
+    public function getToken(): TokenInterface
+    {
+        return $this->token;
     }
 }
diff --git a/Event/RefreshTokenNotFoundEvent.php b/Event/RefreshTokenNotFoundEvent.php
@@ -0,0 +1,49 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Event;
+
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
+class RefreshTokenNotFoundEvent extends Event
+{
+    /**
+     * @var AuthenticationException
+     */
+    private $exception;
+
+    /**
+     * @var Response|null
+     */
+    private $response;
+
+    public function __construct(AuthenticationException $exception, ?Response $response = null)
+    {
+        $this->exception = $exception;
+        $this->response = $response;
+    }
+
+    public function getException(): AuthenticationException
+    {
+        return $this->exception;
+    }
+
+    public function getResponse(): ?Response
+    {
+        return $this->response;
+    }
+
+    public function setResponse(?Response $response = null): void
+    {
+        $this->response = $response;
+    }
+}
diff --git a/Http/RefreshAuthenticationFailureResponse.php b/Http/RefreshAuthenticationFailureResponse.php
@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Http;
+
+use Symfony\Component\HttpFoundation\JsonResponse;
+use Symfony\Component\HttpFoundation\Response;
+
+class RefreshAuthenticationFailureResponse extends JsonResponse
+{
+    /**
+     * @var string
+     */
+    private $message;
+
+    public function __construct(string $message = 'Bad credentials', int $statusCode = Response::HTTP_UNAUTHORIZED)
+    {
+        $this->message = $message;
+
+        parent::__construct(null, $statusCode);
+    }
+
+    public function setMessage(string $message): self
+    {
+        $this->message = $message;
+
+        return $this->setData();
+    }
+
+    public function getMessage(): string
+    {
+        return $this->message;
+    }
+
+    public function setData($data = []): self
+    {
+        return parent::setData((array) $data + ['code' => $this->statusCode, 'message' => $this->message]);
+    }
+}
diff --git a/Resources/config/services.php b/Resources/config/services.php
@@ -5,7 +5,8 @@
 use Gesdinet\JWTRefreshTokenBundle\Doctrine\RefreshTokenManager;
 use Gesdinet\JWTRefreshTokenBundle\EventListener\AttachRefreshTokenOnSuccessListener;
 use Gesdinet\JWTRefreshTokenBundle\Model\RefreshTokenManagerInterface;
-use Gesdinet\JWTRefreshTokenBundle\Security\Authenticator\RefreshTokenAuthenticator;
+use Gesdinet\JWTRefreshTokenBundle\Security\Authenticator\RefreshTokenAuthenticator as LegacyRefreshTokenAuthenticator;
+use Gesdinet\JWTRefreshTokenBundle\Security\Http\Authenticator\RefreshTokenAuthenticator;
 use Gesdinet\JWTRefreshTokenBundle\Security\Provider\RefreshTokenProvider;
 use Gesdinet\JWTRefreshTokenBundle\Service\RefreshToken;
 use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
@@ -62,12 +63,23 @@
         ]);
 
     $services->set('gesdinet.jwtrefreshtoken.authenticator')
-        ->class(RefreshTokenAuthenticator::class)
+        ->class(LegacyRefreshTokenAuthenticator::class)
         ->args([
             new Reference('gesdinet.jwtrefreshtoken.user_checker'),
             '%gesdinet_jwt_refresh_token.token_parameter_name%',
         ]);
 
+    $services->set('gesdinet.jwtrefreshtoken.http.authenticator')
+        ->class(RefreshTokenAuthenticator::class)
+        ->args([
+            new Reference('lexik_jwt_authentication.handler.authentication_success'),
+            new Reference('gesdinet.jwtrefreshtoken.refresh_token_manager'),
+            new Reference('event_dispatcher'),
+            '%gesdinet_jwt_refresh_token.token_parameter_name%',
+            '%gesdinet_jwt_refresh_token.ttl%',
+            '%gesdinet_jwt_refresh_token.ttl_update%',
+        ]);
+
     $services->set(ClearInvalidRefreshTokensCommand::class)
         ->args([
             new Reference('gesdinet.jwtrefreshtoken.refresh_token_manager'),

diff --git a/Security/Exception/InvalidTokenException.php b/Security/Exception/InvalidTokenException.php
@@ -0,0 +1,22 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Security\Exception;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
+class InvalidTokenException extends AuthenticationException
+{
+    public function getMessageKey()
+    {
+        return 'Invalid JWT Refresh Token';
+    }
+}
diff --git a/Security/Exception/MissingTokenException.php b/Security/Exception/MissingTokenException.php
@@ -0,0 +1,22 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Security\Exception;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
+class MissingTokenException extends AuthenticationException
+{
+    public function getMessageKey()
+    {
+        return 'Missing JWT Refresh Token';
+    }
+}
diff --git a/Security/Exception/TokenNotFoundException.php b/Security/Exception/TokenNotFoundException.php
@@ -0,0 +1,22 @@
+<?php
+
+/*
+ * This file is part of the GesdinetJWTRefreshTokenBundle package.
+ *
+ * (c) Gesdinet <http://www.gesdinet.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Gesdinet\JWTRefreshTokenBundle\Security\Exception;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+
+class TokenNotFoundException extends AuthenticationException
+{
+    public function getMessageKey()
+    {
+        return 'JWT Refresh Token Not Found';
+    }
+}