[Security] Support loading UserBadge directly from accessToken

Jeroeny · nicolas-grekas · commit 5bfd903d3bb1 · 2022-11-24T14:34:45.000+01:00
diff --git a/AccessToken/AccessTokenHandlerInterface.php b/AccessToken/AccessTokenHandlerInterface.php
@@ -12,6 +12,7 @@
 namespace Symfony\Component\Security\Http\AccessToken;
 
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 
 /**
  * The token handler retrieves the user identifier from the token.
@@ -24,5 +25,5 @@ interface AccessTokenHandlerInterface
     /**
      * @throws AuthenticationException
      */
-    public function getUserIdentifierFrom(#[\SensitiveParameter] string $accessToken): string;
+    public function getUserBadgeFrom(#[\SensitiveParameter] string $accessToken): UserBadge;
 }
diff --git a/Authenticator/AccessTokenAuthenticator.php b/Authenticator/AccessTokenAuthenticator.php
@@ -21,7 +21,6 @@
 use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
-use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
@@ -38,9 +37,9 @@ class AccessTokenAuthenticator implements AuthenticatorInterface
     private ?TranslatorInterface $translator = null;
 
     public function __construct(
-        private readonly UserProviderInterface $userProvider,
         private readonly AccessTokenHandlerInterface $accessTokenHandler,
         private readonly AccessTokenExtractorInterface $accessTokenExtractor,
+        private readonly ?UserProviderInterface $userProvider = null,
         private readonly ?AuthenticationSuccessHandlerInterface $successHandler = null,
         private readonly ?AuthenticationFailureHandlerInterface $failureHandler = null,
         private readonly ?string $realm = null,
@@ -58,11 +57,13 @@ public function authenticate(Request $request): Passport
         if (!$accessToken) {
             throw new BadCredentialsException('Invalid credentials.');
         }
-        $userIdentifier = $this->accessTokenHandler->getUserIdentifierFrom($accessToken);
 
-        return new SelfValidatingPassport(
-            new UserBadge($userIdentifier, $this->userProvider->loadUserByIdentifier(...))
-        );
+        $userBadge = $this->accessTokenHandler->getUserBadgeFrom($accessToken);
+        if (null === $userBadge->getUserLoader() && $this->userProvider) {
+            $userBadge->setUserLoader($this->userProvider->loadUserByIdentifier(...));
+        }
+
+        return new SelfValidatingPassport($userBadge);
     }
 
     public function createToken(Passport $passport, string $firewallName): TokenInterface
diff --git a/Tests/Authenticator/AccessToken/ChainedAccessTokenExtractorsTest.php b/Tests/Authenticator/AccessToken/ChainedAccessTokenExtractorsTest.php
@@ -22,6 +22,7 @@
 use Symfony\Component\Security\Http\AccessToken\HeaderAccessTokenExtractor;
 use Symfony\Component\Security\Http\AccessToken\QueryAccessTokenExtractor;
 use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Tests\Authenticator\InMemoryAccessTokenHandler;
 
@@ -40,7 +41,7 @@ protected function setUp(): void
     /**
      * @dataProvider provideSupportData
      */
-    public function testSupport($request): void
+    public function testSupport($request)
     {
         $this->setUpAuthenticator();
 
@@ -53,9 +54,9 @@ public function provideSupportData(): iterable
         yield [new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'Bearer INVALID_ACCESS_TOKEN'])];
     }
 
-    public function testAuthenticate(): void
+    public function testAuthenticate()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator();
 
         $request = new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'Bearer VALID_ACCESS_TOKEN']);
@@ -66,7 +67,7 @@ public function testAuthenticate(): void
     /**
      * @dataProvider provideInvalidAuthenticateData
      */
-    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class): void
+    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class)
     {
         $this->expectException($exceptionType);
         $this->expectExceptionMessage($errorMessage);
@@ -100,13 +101,13 @@ public function provideInvalidAuthenticateData(): iterable
     private function setUpAuthenticator(): void
     {
         $this->authenticator = new AccessTokenAuthenticator(
-            $this->userProvider,
             $this->accessTokenHandler,
             new ChainAccessTokenExtractor([
                 new FormEncodedBodyExtractor(),
                 new QueryAccessTokenExtractor(),
                 new HeaderAccessTokenExtractor(),
-            ])
+            ]),
+            $this->userProvider
         );
     }
 }
diff --git a/Tests/Authenticator/AccessToken/FormEncodedBodyAccessTokenAuthenticatorTest.php b/Tests/Authenticator/AccessToken/FormEncodedBodyAccessTokenAuthenticatorTest.php
@@ -19,6 +19,7 @@
 use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
 use Symfony\Component\Security\Http\AccessToken\FormEncodedBodyExtractor;
 use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Tests\Authenticator\InMemoryAccessTokenHandler;
 
@@ -34,7 +35,7 @@ protected function setUp(): void
         $this->accessTokenHandler = new InMemoryAccessTokenHandler();
     }
 
-    public function testSupport(): void
+    public function testSupport()
     {
         $this->setUpAuthenticator();
         $request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);
@@ -44,7 +45,7 @@ public function testSupport(): void
         $this->assertNull($this->authenticator->supports($request));
     }
 
-    public function testSupportsWithCustomParameter(): void
+    public function testSupportsWithCustomParameter()
     {
         $this->setUpAuthenticator('protection-token');
         $request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);
@@ -54,9 +55,9 @@ public function testSupportsWithCustomParameter(): void
         $this->assertNull($this->authenticator->supports($request));
     }
 
-    public function testAuthenticate(): void
+    public function testAuthenticate()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator();
         $request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded'], 'access_token=VALID_ACCESS_TOKEN');
         $request->request->set('access_token', 'VALID_ACCESS_TOKEN');
@@ -66,9 +67,9 @@ public function testAuthenticate(): void
         $this->assertInstanceOf(SelfValidatingPassport::class, $passport);
     }
 
-    public function testAuthenticateWithCustomParameter(): void
+    public function testAuthenticateWithCustomParameter()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator('protection-token');
         $request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);
         $request->request->set('protection-token', 'VALID_ACCESS_TOKEN');
@@ -81,7 +82,7 @@ public function testAuthenticateWithCustomParameter(): void
     /**
      * @dataProvider provideInvalidAuthenticateData
      */
-    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class): void
+    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class)
     {
         $this->expectException($exceptionType);
         $this->expectExceptionMessage($errorMessage);
@@ -119,9 +120,9 @@ public function provideInvalidAuthenticateData(): iterable
     private function setUpAuthenticator(string $parameter = 'access_token'): void
     {
         $this->authenticator = new AccessTokenAuthenticator(
-            $this->userProvider,
             $this->accessTokenHandler,
-            new FormEncodedBodyExtractor($parameter)
+            new FormEncodedBodyExtractor($parameter),
+            $this->userProvider
         );
     }
 }
diff --git a/Tests/Authenticator/AccessToken/HeaderAccessTokenAuthenticatorTest.php b/Tests/Authenticator/AccessToken/HeaderAccessTokenAuthenticatorTest.php
@@ -19,6 +19,7 @@
 use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
 use Symfony\Component\Security\Http\AccessToken\HeaderAccessTokenExtractor;
 use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Tests\Authenticator\InMemoryAccessTokenHandler;
 
@@ -37,7 +38,7 @@ protected function setUp(): void
     /**
      * @dataProvider provideSupportData
      */
-    public function testSupport($request): void
+    public function testSupport($request)
     {
         $this->setUpAuthenticator();
 
@@ -53,7 +54,7 @@ public function provideSupportData(): iterable
     /**
      * @dataProvider provideSupportsWithCustomTokenTypeData
      */
-    public function testSupportsWithCustomTokenType($request, $result): void
+    public function testSupportsWithCustomTokenType($request, $result)
     {
         $this->setUpAuthenticator('Authorization', 'JWT');
 
@@ -71,7 +72,7 @@ public function provideSupportsWithCustomTokenTypeData(): iterable
     /**
      * @dataProvider provideSupportsWithCustomHeaderParameter
      */
-    public function testSupportsWithCustomHeaderParameter($request, $result): void
+    public function testSupportsWithCustomHeaderParameter($request, $result)
     {
         $this->setUpAuthenticator('X-FOO');
 
@@ -86,19 +87,19 @@ public function provideSupportsWithCustomHeaderParameter(): iterable
         yield [new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'Bearer INVALID_ACCESS_TOKEN']), false];
     }
 
-    public function testAuthenticate(): void
+    public function testAuthenticate()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator();
 
         $request = new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'Bearer VALID_ACCESS_TOKEN']);
         $passport = $this->authenticator->authenticate($request);
         $this->assertInstanceOf(SelfValidatingPassport::class, $passport);
     }
 
-    public function testAuthenticateWithCustomTokenType(): void
+    public function testAuthenticateWithCustomTokenType()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator('Authorization', 'JWT');
 
         $request = new Request([], [], [], [], [], ['HTTP_AUTHORIZATION' => 'JWT VALID_ACCESS_TOKEN']);
@@ -109,7 +110,7 @@ public function testAuthenticateWithCustomTokenType(): void
     /**
      * @dataProvider provideInvalidAuthenticateData
      */
-    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class): void
+    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class)
     {
         $this->expectException($exceptionType);
         $this->expectExceptionMessage($errorMessage);
@@ -143,9 +144,9 @@ public function provideInvalidAuthenticateData(): iterable
     private function setUpAuthenticator(string $headerParameter = 'Authorization', string $tokenType = 'Bearer'): void
     {
         $this->authenticator = new AccessTokenAuthenticator(
-            $this->userProvider,
             $this->accessTokenHandler,
-            new HeaderAccessTokenExtractor($headerParameter, $tokenType)
+            new HeaderAccessTokenExtractor($headerParameter, $tokenType),
+            $this->userProvider
         );
     }
 }
diff --git a/Tests/Authenticator/AccessToken/QueryAccessTokenAuthenticatorTest.php b/Tests/Authenticator/AccessToken/QueryAccessTokenAuthenticatorTest.php
@@ -19,6 +19,7 @@
 use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
 use Symfony\Component\Security\Http\AccessToken\QueryAccessTokenExtractor;
 use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 use Symfony\Component\Security\Http\Tests\Authenticator\InMemoryAccessTokenHandler;
 
@@ -34,7 +35,7 @@ protected function setUp(): void
         $this->accessTokenHandler = new InMemoryAccessTokenHandler();
     }
 
-    public function testSupport(): void
+    public function testSupport()
     {
         $this->setUpAuthenticator();
         $request = new Request();
@@ -43,7 +44,7 @@ public function testSupport(): void
         $this->assertNull($this->authenticator->supports($request));
     }
 
-    public function testSupportsWithCustomParameter(): void
+    public function testSupportsWithCustomParameter()
     {
         $this->setUpAuthenticator('protection-token');
         $request = new Request();
@@ -52,9 +53,9 @@ public function testSupportsWithCustomParameter(): void
         $this->assertNull($this->authenticator->supports($request));
     }
 
-    public function testAuthenticate(): void
+    public function testAuthenticate()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator();
         $request = new Request();
         $request->query->set('access_token', 'VALID_ACCESS_TOKEN');
@@ -63,9 +64,9 @@ public function testAuthenticate(): void
         $this->assertInstanceOf(SelfValidatingPassport::class, $passport);
     }
 
-    public function testAuthenticateWithCustomParameter(): void
+    public function testAuthenticateWithCustomParameter()
     {
-        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');
+        $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));
         $this->setUpAuthenticator('protection-token');
         $request = new Request();
         $request->query->set('protection-token', 'VALID_ACCESS_TOKEN');
@@ -77,7 +78,7 @@ public function testAuthenticateWithCustomParameter(): void
     /**
      * @dataProvider provideInvalidAuthenticateData
      */
-    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class): void
+    public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class)
     {
         $this->expectException($exceptionType);
         $this->expectExceptionMessage($errorMessage);
@@ -111,9 +112,9 @@ public function provideInvalidAuthenticateData(): iterable
     private function setUpAuthenticator(string $parameter = 'access_token'): void
     {
         $this->authenticator = new AccessTokenAuthenticator(
-            $this->userProvider,
             $this->accessTokenHandler,
-            new QueryAccessTokenExtractor($parameter)
+            new QueryAccessTokenExtractor($parameter),
+            $this->userProvider
         );
     }
 }
diff --git a/Tests/Authenticator/InMemoryAccessTokenHandler.php b/Tests/Authenticator/InMemoryAccessTokenHandler.php
@@ -13,15 +13,16 @@
 
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 
 class InMemoryAccessTokenHandler implements AccessTokenHandlerInterface
 {
     /**
-     * @var array<string, string>
+     * @var array<string, UserBadge>
      */
     private $accessTokens = [];
 
-    public function getUserIdentifierFrom(string $accessToken): string
+    public function getUserBadgeFrom(string $accessToken): UserBadge
     {
         if (!\array_key_exists($accessToken, $this->accessTokens)) {
             throw new BadCredentialsException('Invalid access token or invalid user.');
@@ -37,7 +38,7 @@ public function remove(string $accessToken): self
         return $this;
     }
 
-    public function add(string $accessToken, string $user): self
+    public function add(string $accessToken, UserBadge $user): self
     {
         $this->accessTokens[$accessToken] = $user;
 

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@`
`19`	`19`	`use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;`
`20`	`20`	`use Symfony\Component\Security\Http\AccessToken\FormEncodedBodyExtractor;`
`21`	`21`	`use Symfony\Component\Security\Http\Authenticator\AccessTokenAuthenticator;`
	`22`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;`
`22`	`23`	`use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;`
`23`	`24`	`use Symfony\Component\Security\Http\Tests\Authenticator\InMemoryAccessTokenHandler;`
`24`	`25`
`@@ -34,7 +35,7 @@ protected function setUp(): void`
`34`	`35`	`$this->accessTokenHandler = new InMemoryAccessTokenHandler();`
`35`	`36`	`}`
`36`	`37`
`37`		`- public function testSupport(): void`
	`38`	`+ public function testSupport()`
`38`	`39`	`{`
`39`	`40`	`$this->setUpAuthenticator();`
`40`	`41`	`$request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);`
`@@ -44,7 +45,7 @@ public function testSupport(): void`
`44`	`45`	`$this->assertNull($this->authenticator->supports($request));`
`45`	`46`	`}`
`46`	`47`
`47`		`- public function testSupportsWithCustomParameter(): void`
	`48`	`+ public function testSupportsWithCustomParameter()`
`48`	`49`	`{`
`49`	`50`	`$this->setUpAuthenticator('protection-token');`
`50`	`51`	`$request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);`
`@@ -54,9 +55,9 @@ public function testSupportsWithCustomParameter(): void`
`54`	`55`	`$this->assertNull($this->authenticator->supports($request));`
`55`	`56`	`}`
`56`	`57`
`57`		`- public function testAuthenticate(): void`
	`58`	`+ public function testAuthenticate()`
`58`	`59`	`{`
`59`		`- $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');`
	`60`	`+ $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));`
`60`	`61`	`$this->setUpAuthenticator();`
`61`	`62`	`$request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded'], 'access_token=VALID_ACCESS_TOKEN');`
`62`	`63`	`$request->request->set('access_token', 'VALID_ACCESS_TOKEN');`
`@@ -66,9 +67,9 @@ public function testAuthenticate(): void`
`66`	`67`	`$this->assertInstanceOf(SelfValidatingPassport::class, $passport);`
`67`	`68`	`}`
`68`	`69`
`69`		`- public function testAuthenticateWithCustomParameter(): void`
	`70`	`+ public function testAuthenticateWithCustomParameter()`
`70`	`71`	`{`
`71`		`- $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', 'foo');`
	`72`	`+ $this->accessTokenHandler->add('VALID_ACCESS_TOKEN', new UserBadge('foo'));`
`72`	`73`	`$this->setUpAuthenticator('protection-token');`
`73`	`74`	`$request = new Request([], [], [], [], [], ['CONTENT_TYPE' => 'application/x-www-form-urlencoded']);`
`74`	`75`	`$request->request->set('protection-token', 'VALID_ACCESS_TOKEN');`
`@@ -81,7 +82,7 @@ public function testAuthenticateWithCustomParameter(): void`
`81`	`82`	`/**`
`82`	`83`	`* @dataProvider provideInvalidAuthenticateData`
`83`	`84`	`*/`
`84`		`- public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class): void`
	`85`	`+ public function testAuthenticateInvalid($request, $errorMessage, $exceptionType = BadRequestHttpException::class)`
`85`	`86`	`{`
`86`	`87`	`$this->expectException($exceptionType);`
`87`	`88`	`$this->expectExceptionMessage($errorMessage);`
`@@ -119,9 +120,9 @@ public function provideInvalidAuthenticateData(): iterable`
`119`	`120`	`private function setUpAuthenticator(string $parameter = 'access_token'): void`
`120`	`121`	`{`
`121`	`122`	`$this->authenticator = new AccessTokenAuthenticator(`
`122`		`- $this->userProvider,`
`123`	`123`	`$this->accessTokenHandler,`
`124`		`- new FormEncodedBodyExtractor($parameter)`
	`124`	`+ new FormEncodedBodyExtractor($parameter),`
	`125`	`+ $this->userProvider`
`125`	`126`	`);`
`126`	`127`	`}`
`127`	`128`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13,15 +13,16 @@`
`13`	`13`
`14`	`14`	`use Symfony\Component\Security\Core\Exception\BadCredentialsException;`
`15`	`15`	`use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;`
	`16`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;`
`16`	`17`
`17`	`18`	`class InMemoryAccessTokenHandler implements AccessTokenHandlerInterface`
`18`	`19`	`{`
`19`	`20`	`/**`
`20`		`- * @var array<string, string>`
	`21`	`+ * @var array<string, UserBadge>`
`21`	`22`	`*/`
`22`	`23`	`private $accessTokens = [];`
`23`	`24`
`24`		`- public function getUserIdentifierFrom(string $accessToken): string`
	`25`	`+ public function getUserBadgeFrom(string $accessToken): UserBadge`
`25`	`26`	`{`
`26`	`27`	`if (!\array_key_exists($accessToken, $this->accessTokens)) {`
`27`	`28`	`throw new BadCredentialsException('Invalid access token or invalid user.');`
`@@ -37,7 +38,7 @@ public function remove(string $accessToken): self`
`37`	`38`	`return $this;`
`38`	`39`	`}`
`39`	`40`
`40`		`- public function add(string $accessToken, string $user): self`
	`41`	`+ public function add(string $accessToken, UserBadge $user): self`
`41`	`42`	`{`
`42`	`43`	`$this->accessTokens[$accessToken] = $user;`
`43`	`44`