src/EventListener/JWTDecodedListener.php line 28

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
  6. use Symfony\Component\HttpFoundation\RequestStack;
  9. class JWTDecodedListener  {
  11.     /**
  12.      * @var RequestStack
  13.      */
  14.     private $requestStack;
  16.     /**
  17.      * @param RequestStack $requestStack
  18.      */
  19.     public function __construct(RequestStack $requestStack)
  20.     {
  21.         $this->requestStack $requestStack;
  22.     }
  23.     /**
  24.      * @param JWTDecodedEvent $event
  25.      *
  26.      * @return void
  27.      */
  28.     public function onJWTDecoded(JWTDecodedEvent $event)
  29.     {
  30.         $request $this->requestStack->getCurrentRequest();
  31.         
  32.         $payload $event->getPayload();
  33.         if (!isset($payload['aud'])
  34.         || $payload['aud'] !== ["dpae-test.cpam-isere.fr"
  35.         || !isset($payload['exp']) 
  36.         || $request->server->get('REQUEST_TIME') >  $payload['exp'
  37.         || $payload['alg'] !== "HS512"
  38.         || $payload['username'] !== "apiadmin@assurance-maladie.fr" 
  39.         || $payload['roles'] !== ["API_AUTHENTICATED"]) {
  40.             $event->markAsInvalid();
  41.         }
  42.     }
  43. }