<?php
namespace App\EventListener;
use Lexik\Bundle\JWTAuthenticationBundle\Event\JWTDecodedEvent;
use Symfony\Component\HttpFoundation\RequestStack;
class JWTDecodedListener {
/**
* @var RequestStack
*/
private $requestStack;
/**
* @param RequestStack $requestStack
*/
public function __construct(RequestStack $requestStack)
{
$this->requestStack = $requestStack;
}
/**
* @param JWTDecodedEvent $event
*
* @return void
*/
public function onJWTDecoded(JWTDecodedEvent $event)
{
$request = $this->requestStack->getCurrentRequest();
$payload = $event->getPayload();
if (!isset($payload['aud'])
|| $payload['aud'] !== ["dpae-test.cpam-isere.fr"]
|| !isset($payload['exp'])
|| $request->server->get('REQUEST_TIME') > $payload['exp']
|| $payload['alg'] !== "HS512"
|| $payload['username'] !== "apiadmin@assurance-maladie.fr"
|| $payload['roles'] !== ["API_AUTHENTICATED"]) {
$event->markAsInvalid();
}
}
}