Stop extending AbstractGuardAuthenticator since no benefit

lexik · Sep 8, 2016 · 2ba412d · 2ba412d
1 parent 5a57443
commit 2ba412d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 17 deletions.
diff --git a/Security/Guard/JWTTokenAuthenticator.php b/Security/Guard/JWTTokenAuthenticator.php
@@ -27,17 +27,17 @@
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
-use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
+use Symfony\Component\Security\Guard\GuardAuthenticatorInterface;
 
 /**
- * JWTTokenAuthenticator (Guard implementation).
+ * JWTTokenAuthenticator (Guard strict implementation).
  *
  * @see http://knpuniversity.com/screencast/symfony-rest4/jwt-guard-authenticator
  *
  * @author Nicolas Cabot <[email protected]>
  * @author Robin Chalas <[email protected]>
  */
-class JWTTokenAuthenticator extends AbstractGuardAuthenticator
+class JWTTokenAuthenticator implements GuardAuthenticatorInterface
 {
     /**
      * @var JWTTokenManagerInterface
@@ -82,7 +82,7 @@ public function __construct(
      *
      * @return PreAuthenticationJWTUserToken
      *
-     * @throws InvalidTokenException If the request token cannot be decoded
+     * @throws InvalidTokenException If an error occur while decoding the token
      * @throws ExpiredTokenException If the request token is expired
      */
     public function getCredentials(Request $request)
@@ -95,7 +95,7 @@ public function getCredentials(Request $request)
 
         try {
             if (!$payload = $this->jwtManager->decode($preAuthToken)) {
-                throw new InvalidTokenException();
+                throw new InvalidTokenException('Invalid JWT Token');
             }
 
             $preAuthToken->setPayload($payload);
@@ -117,8 +117,9 @@ public function getCredentials(Request $request)
      *
      * @param PreAuthenticationJWTUserToken Implementation of the (Security) TokenInterface
      *
-     * @throws InvalidPayloadException If the user identity field is not a key of the payload
-     * @throws UserNotFoundException   If no user can be loaded from the given token
+     * @throws \InvalidArgumentException If preAuthToken is not of the good type
+     * @throws InvalidPayloadException   If the user identity field is not a key of the payload
+     * @throws UserNotFoundException     If no user can be loaded from the given token
      */
     public function getUser($preAuthToken, UserProviderInterface $userProvider)
     {
@@ -178,8 +179,6 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token,
      * {@inheritdoc}
      *
      * @return JWTAuthenticationFailureResponse
-     *
-     * @throws MissingTokenException
      */
     public function start(Request $request, AuthenticationException $authException = null)
     {
@@ -201,21 +200,18 @@ public function checkCredentials($credentials, UserInterface $user)
 
     /**
      * {@inheritdoc}
+     *
+     * @throws \RuntimeException If there is no pre-authenticated token previously stored
      */
     public function createAuthenticatedToken(UserInterface $user, $providerKey)
     {
         $preAuthToken = $this->preAuthenticationTokenStorage->getToken();
 
         if (null === $preAuthToken) {
-            return parent::createAuthenticatedToken($user, $providerKey);
+            throw new \RuntimeException('Unable to return an post authentication token since there is no pre authentication token in %s::$preAuthenticationTokenStorage');
         }
 
-        $authToken = new JWTUserToken(
-            $user->getRoles(),
-            $user,
-            $preAuthToken->getCredentials(),
-            $providerKey
-        );
+        $authToken = new JWTUserToken($user->getRoles(), $user, $preAuthToken->getCredentials(), $providerKey);
 
         $this->dispatcher->dispatch(Events::JWT_AUTHENTICATED, new JWTAuthenticatedEvent($preAuthToken->getPayload(), $authToken));
         $this->preAuthenticationTokenStorage->setToken(null);

diff --git a/UPGRADE.md b/UPGRADE.md
@@ -15,7 +15,7 @@ Configuration
   If a firewall allows anonymous, the entry point will not be called at all, letting the request continue.  
   If it doesn't, the entry point will dispatch a `on_jwt_not_found` event that can be subscribed to customize the default failure response that will be returned by the entry point.
   - `throw_exceptions`: This option doesn't make sense anymore as the exceptions thrown during the authentication process are needed, involving call of the good method in the good time, dispatching the good events, so a custom response can be easily set, as its content no more depends on the exception thrown.
-  - `authentication_provider` and `authentication_listener`: It's now part of the authenticator role, simplifiying a lot the corresponding code that can now be found/overrided from one place.
+  - `authentication_provider` and `authentication_listener`: It's now part of the authenticator role, simplifiying a lot the corresponding code that can now be found/overriden from one place.
 
   __Before__