public function JwtPathAuth::authenticate in JSON Web Token Authentication (JWT) 8

Authenticates the user.

Parameters

\Symfony\Component\HttpFoundation\Request|null $request: The request object.

Return value

\Drupal\Core\Session\AccountInterface|null AccountInterface - in case of a successful authentication. NULL - in case where authentication failed.

Overrides AuthenticationProviderInterface::authenticate

File

modules/jwt_path_auth/src/Authentication/Provider/JwtPathAuth.php, line 94

Class

JwtPathAuth

JWT Authentication Provider.

Namespace

Drupal\jwt_path_auth\Authentication\Provider

Code

public function authenticate(Request $request) {
  $raw_jwt = $request->query
    ->get('jwt');

  // Decode JWT and validate signature.
  try {
    $jwt = $this->transcoder
      ->decode($raw_jwt);
  } catch (JwtDecodeException $e) {
    return NULL;
  }
  $uid = $jwt
    ->getClaim([
    'drupal',
    'path_auth',
    'uid',
  ]);

  // The JWT must include a claim matching the path after the host name,
  // or a prefix of the path.  E.g. "/system/files/". Note that this
  // must include any base path if the site is in a subdirectory.
  $path = $jwt
    ->getClaim([
    'drupal',
    'path_auth',
    'path',
  ]);
  $request_path = $request
    ->getBaseUrl() . $request
    ->getPathInfo();
  if ($uid && $path && strpos($request_path, $path) === 0) {
    $user = $this->entityTypeManager
      ->getStorage('user')
      ->load($uid);
    if ($user && !$user
      ->isBlocked()) {

      // Mark this page as being uncacheable.
      $this->killSwitch
        ->trigger();
      return $user;
    }
  }
  return NULL;
}