MyComments/src/Security/AccessTokenHandler.php

<?php

namespace App\Security;

use App\Entity\UserAccessToken;
use App\Repository\UserAccessTokenRepository;
use App\Repository\UserRepository;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
use Symfony\Component\Security\Http\AccessToken\AccessTokenHandlerInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;

class AccessTokenHandler implements AccessTokenHandlerInterface
{
    public function __construct(
        private UserAccessTokenRepository $repository
    ) {
    }

    public function getUserBadgeFrom(string $accessToken): UserBadge
    {
        /** @var $token UserAccessToken|null */
        if (!$accessToken || !$token = $this->repository->findOneBy(['token' => $accessToken])) {
            throw new BadCredentialsException('Invalid credentials.');
        }

        if($token->getDeletedAt() || ( $token->getExpiresAt() && $token->getExpiresAt() <= new \DateTime() ) ) {
            throw new CredentialsExpiredException('Token expired.');
        }

        // and return a UserBadge object containing the user identifier from the found token
        return new UserBadge($token->getOwner()->getId(), function() use($token){
            return $token->getOwner();
        });
    }
}