src/EventListener/JWTDecodedListener.php line 28

Open in your IDE?
  1. <?php
  2. namespace App\EventListener;
  3. use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
  4. use Symfony\Component\HttpFoundation\RequestStack;
  5. class JWTDecodedListener  {
  6.     /**
  7.      * @var RequestStack
  8.      */
  9.     private $requestStack;
  10.     /**
  11.      * @param RequestStack $requestStack
  12.      */
  13.     public function __construct(RequestStack $requestStack)
  14.     {
  15.         $this->requestStack $requestStack;
  16.     }
  17.     /**
  18.      * @param JWTDecodedEvent $event
  19.      *
  20.      * @return void
  21.      */
  22.     public function onJWTDecoded(JWTDecodedEvent $event)
  23.     {
  24.         $request $this->requestStack->getCurrentRequest();
  25.         
  26.         $payload $event->getPayload();
  27.         if (!isset($payload['aud'])
  28.         || $payload['aud'] !== ["dpae-test.cpam-isere.fr"
  29.         || !isset($payload['exp']) 
  30.         || $request->server->get('REQUEST_TIME') >  $payload['exp'
  31.         || $payload['alg'] !== "HS512"
  32.         || $payload['username'] !== "apiadmin@assurance-maladie.fr" 
  33.         || $payload['roles'] !== ["API_AUTHENTICATED"]) {
  34.             $event->markAsInvalid();
  35.         }
  36.     }
  37. }