*/ #[\SensitiveParameter] private array $passwords, /** @var array */ private array $roles = [], /** @var array> */ private array $data = [], ) { } /** * Performs an authentication against e.g. database. * and returns IIdentity on success or throws AuthenticationException * @throws AuthenticationException */ public function authenticate( string $username, #[\SensitiveParameter] string $password, ): IIdentity { foreach ($this->passwords as $name => $pass) { if (strcasecmp($name, $username) === 0) { if ($this->verifyPassword($password, $pass)) { return new SimpleIdentity($name, $this->roles[$name] ?? null, $this->data[$name] ?? []); } else { throw new AuthenticationException('Invalid password.', self::InvalidCredential); } } } throw new AuthenticationException("User '$username' not found.", self::IdentityNotFound); } protected function verifyPassword(string $password, string $passOrHash): bool { return $password === $passOrHash; } }