protected function createPrincipal(string $username, Subject $subject, LoginContextInterface $loginContext)
{
// initialize the roles and the user principal
$roles = new ArrayList();
$userPrincipal = null;
// scan the Principals for this Subject
foreach ($subject->getPrincipals() as $principal) {
// query whether or not the principal found is a group principal
if ($principal instanceof GroupInterface && $principal->getName()->equals(new String(Util::DEFAULT_GROUP_NAME))) {
// if yes, add the role name
foreach ($principal->getMembers() as $role) {
$roles->add($role->getName());
}
// query whether or not the principal found is a user principal
} elseif ($userPrincipal == null && $principal instanceof PrincipalInterface) {
$userPrincipal = $principal;
} else {
// do nothing, because we've no principal or group to deal with
}
}
// return the resulting Principal for our authenticated user
return new GenericPrincipal($username, null, $roles, $userPrincipal, $loginContext);
}