From 61405ead60b635397af7491b0af8afb50d45ca81 Mon Sep 17 00:00:00 2001
From: Alexey Skobkin <skobkin-ru@ya.ru>
Date: Wed, 27 Jun 2018 02:02:32 +0300
Subject: [PATCH] AuthenticatedApiToken implemented for per-request
 ApiToken::$key value storage.

---
 src/Security/ApiTokenAuthenticator.php       |  3 ++-
 src/Security/Token/AuthenticatedApiToken.php | 25 ++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 src/Security/Token/AuthenticatedApiToken.php

diff --git a/src/Security/ApiTokenAuthenticator.php b/src/Security/ApiTokenAuthenticator.php
index 99561f0..2d1adb1 100644
--- a/src/Security/ApiTokenAuthenticator.php
+++ b/src/Security/ApiTokenAuthenticator.php
@@ -3,6 +3,7 @@
 namespace App\Security;
 
 use App\Api\V1\DTO\ApiResponse;
+use App\Security\Token\AuthenticatedApiToken;
 use Symfony\Component\HttpFoundation\{JsonResponse, Request};
 use Symfony\Component\Security\Core\Authentication\Token\{PreAuthenticatedToken, TokenInterface};
 use Symfony\Component\Security\Core\Exception\{AuthenticationException, BadCredentialsException, CustomUserMessageAuthenticationException};
@@ -59,7 +60,7 @@ class ApiTokenAuthenticator implements SimplePreAuthenticatorInterface, Authenti
             ));
         }
 
-        return new PreAuthenticatedToken(
+        return new AuthenticatedApiToken(
             $user,
             $apiTokenKey,
             $providerKey,
diff --git a/src/Security/Token/AuthenticatedApiToken.php b/src/Security/Token/AuthenticatedApiToken.php
new file mode 100644
index 0000000..f7d1336
--- /dev/null
+++ b/src/Security/Token/AuthenticatedApiToken.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace App\Security\Token;
+
+use App\Entity\User;
+use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
+
+/** This token stores ApiToken key even after eraseCredentials() called */
+class AuthenticatedApiToken extends PreAuthenticatedToken
+{
+    /** @var string|null This token is stored only for this request and will not be erased by eraseCredentials() or serialized */
+    private $tokenKey;
+
+    public function __construct(User $user, string $credentials, string $providerKey, array $roles = [])
+    {
+        parent::__construct($user, $credentials, $providerKey, $roles);
+        // @todo probably separate constructor argument needed
+        $this->tokenKey = $credentials;
+    }
+
+    public function getTokenKey(): ?string
+    {
+        return $this->tokenKey;
+    }
+}
\ No newline at end of file