FallbackUserLoader example

$request = Request::create('/test');

        $this->accessTokenExtractor
            ->expects($this->once())
            ->method('extractAccessToken')
            ->with($request)
            ->willReturn('test');
        $this->accessTokenHandler
            ->expects($this->once())
            ->method('getUserBadgeFrom')
            ->with('test')
            ->willReturn(new UserBadge('test', new FallbackUserLoader(fn () => new InMemoryUser('john', null))));

        $authenticator = new AccessTokenAuthenticator(
            $this->accessTokenHandler,
            $this->accessTokenExtractor,
            $this->userProvider,
        );

        $passport = $authenticator->authenticate($request);

        $this->assertEquals('test', $passport->getUser()->getUserIdentifier());
    }
}
->method('toArray')
            ->willReturn($claims);

        $clientMock = $this->createMock(HttpClientInterface::class);
        $clientMock->expects($this->once())
            ->method('request')->with('GET', '', ['auth_bearer' => $accessToken])
            ->willReturn($responseMock);

        $userBadge = (new OidcUserInfoTokenHandler($clientMock, null, $claim))->getUserBadgeFrom($accessToken);
        $actualUser = $userBadge->getUserLoader()();

        $this->assertEquals(new UserBadge($expectednew FallbackUserLoader(fn () => $expectedUser)$claims)$userBadge);
        $this->assertInstanceOf(OidcUser::class$actualUser);
        $this->assertEquals($expectedUser$actualUser);
        $this->assertEquals($claims$userBadge->getAttributes());
        $this->assertEquals($claims['sub']$actualUser->getUserIdentifier());
    }

    public static function getClaims(): iterable
    {
        yield ['sub', 'e21bf182-1538-406e-8ccb-e25a17aba39f'];
        yield ['email', 'foo@example.com'];
    }

    
// Call the OIDC server to retrieve the user info             // If the token is invalid or expired, the OIDC server will return an error             $claims = $this->client->request('GET', '', [
                'auth_bearer' => $accessToken,
            ])->toArray();

            if (empty($claims[$this->claim])) {
                throw new MissingClaimException(sprintf('"%s" claim not found on OIDC server response.', $this->claim));
            }

            // UserLoader argument can be overridden by a UserProvider on AccessTokenAuthenticator::authenticate             return new UserBadge($claims[$this->claim]new FallbackUserLoader(fn () => $this->createUser($claims))$claims);
        } catch (\Exception $e) {
            $this->logger?->error('An error occurred on OIDC server.', [
                'error' => $e->getMessage(),
                'trace' => $e->getTraceAsString(),
            ]);

            throw new BadCredentialsException('Invalid credentials.', $e->getCode()$e);
        }
    }
}
$userBadge = (new OidcTokenHandler(
            new ES256(),
            $this->getJWK(),
            self::AUDIENCE,
            ['https://www.example.com'],
            $claim,
            $loggerMock,
        ))->getUserBadgeFrom($token);
        $actualUser = $userBadge->getUserLoader()();

        $this->assertEquals(new UserBadge($expectednew FallbackUserLoader(fn () => $expectedUser)$claims)$userBadge);
        $this->assertInstanceOf(OidcUser::class$actualUser);
        $this->assertEquals($expectedUser$actualUser);
        $this->assertEquals($claims$userBadge->getAttributes());
        $this->assertEquals($claims['sub']$actualUser->getUserIdentifier());
    }

    public static function getClaims(): iterable
    {
        yield ['sub', 'e21bf182-1538-406e-8ccb-e25a17aba39f'];
        yield ['email', 'foo@example.com'];
    }

    
new Checker\IssuerChecker($this->issuers),
            ];
            $claimCheckerManager = new ClaimCheckerManager($checkers);
            // if this check fails, an InvalidClaimException is thrown             $claimCheckerManager->check($claims);

            if (empty($claims[$this->claim])) {
                throw new MissingClaimException(sprintf('"%s" claim not found.', $this->claim));
            }

            // UserLoader argument can be overridden by a UserProvider on AccessTokenAuthenticator::authenticate             return new UserBadge($claims[$this->claim]new FallbackUserLoader(fn () => $this->createUser($claims))$claims);
        } catch (\Exception $e) {
            $this->logger?->error('An error occurred while decoding and validating the token.', [
                'error' => $e->getMessage(),
                'trace' => $e->getTraceAsString(),
            ]);

            throw new BadCredentialsException('Invalid credentials.', $e->getCode()$e);
        }
    }
}
Home | Imprint | This part of the site doesn't use cookies.