Fix oauth provider y listener authentication

Security/Authentication/Provider/OAuthProxyProvider.php

@@ -2,7 +2,7 @@
 
 namespace AuthBundle\Security\Authentication\Provider;
 
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
@@ -34,12 +34,11 @@ class OAuthProxyProvider implements AuthenticationProviderInterface
      */
     public function authenticate(TokenInterface $token)
     {
-        $user = $token->getUser();   
+        $user = $token->getUser();
         if ($user) {
-            $authenticatedToken = new UsernamePasswordToken($user, null, "api", $user->getRoles());
-            $authenticatedToken->setUser($user);
+            $token->setAuthenticated(true);
             
-            return $authenticatedToken;
+            return $token;
         }
 
         throw new AuthenticationException('The OAuth authentication failed.');
@@ -52,7 +51,7 @@ class OAuthProxyProvider implements AuthenticationProviderInterface
      */
     public function supports(TokenInterface $token)
     {
-        return $token instanceof UsernamePasswordToken;
+        return $token instanceof OAuthToken;
     }
 
 }

Security/Firewall/OAuthProxyListener.php

@@ -4,7 +4,7 @@ namespace AuthBundle\Security\Firewall;
 
 use AuthBundle\Services\AccessTokenService;
 use Base\OAuthClientBundle\Security\Core\User\CustomOAuthUser;
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
+use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
@@ -62,20 +62,30 @@ class OAuthProxyListener implements ListenerInterface
             $username = $request->headers->get("php-auth-user");
             $password = $request->headers->get("php-auth-pw");
             $token = $this->accessTokenService->getToken($username, $password);
+            unset($token['user_info']);
+            $accessToken = $token;
             $auth_info = $this->accessTokenService->getUserInfo($username, $password);
         } elseif ($request->headers->has("authorization")) {
             $authorization = $request->headers->get("authorization");
+            $pieces = explode(' ', $authorization);
+            $accessToken = array(
+                'access_token' => $pieces[1],
+            );
             $auth_info = $this->accessTokenService->requestUserInfo($authorization);
             if (isset($auth_info['username'])) {
                 $username = $auth_info['username'];
             } else {
-                return;
+                return $this->deny($event);
             }
         } elseif ($request->getClientIp()) {
             $username = $clientIp = $request->getClientIp();
             if (\AuthBundle\Utils\IpUtils::checkIp($clientIp) === false) {
-                return;
+                return $this->deny($event);
             }
+            // @TODO: Generar access token para el caso de IP valida
+            $accessToken = array(
+                'access_token' => '',
+            );
             $auth_info['roles'] = array('ROLE_USER');
             // @TODO: Traer la tenencia Base de la app Base
             $tenancy = array(
@@ -84,7 +94,7 @@ class OAuthProxyListener implements ListenerInterface
             );
             $auth_info['tenancies'] = $auth_info['tenancyCurrent'] = $tenancy;
         } else {
-            return;
+            return $this->deny($event);
         }
                 
         $user = new CustomOAuthUser($username);
@@ -92,29 +102,32 @@ class OAuthProxyListener implements ListenerInterface
         $user->setTenancies($auth_info['tenancies']);
         $user->setTenancyCurrent($auth_info['tenancyCurrent']);
         
-        $token = new UsernamePasswordToken($user, null, "api", $user->getRoles());
-        
+        $token = new OAuthToken($accessToken, $user->getRoles());
+        $token->setUser($user);
         try {
             $authToken = $this->authenticationManager->authenticate($token);
             $this->tokenStorage->setToken($authToken);
             
             return;
         } catch (AuthenticationException $failed) {
-            // ... you might log something here
-            // To deny the authentication clear the token. This will redirect to the login page.
-            // Make sure to only clear your token, not those of other authentication listeners.
-             $token = $this->tokenStorage->getToken();
-             if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) {
-                 $this->tokenStorage->setToken(null);
-             }
-
-             return;
+            var_dump($failed->getMessage());
         }
 
-        // By default deny authorization
+        $this->deny($event);
+    }
+    
+    /**
+     * @param GetResponseEvent $event
+     */
+    private function deny(GetResponseEvent $event)
+    {
+        $this->tokenStorage->setToken(null);
+        
         $response = new Response();
         $response->setStatusCode(Response::HTTP_FORBIDDEN);
         $event->setResponse($response);
+        
+        return;
     }
 
 }