* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Security\Guard; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Guard\Token\GuardTokenInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; /** * The interface for all "guard" authenticators. * * The methods on this interface are called throughout the guard authentication * process to give you the power to control most parts of the process from * one location. * * @author Ryan Weaver * @author Amaury Leroux de Lens */ interface AuthenticatorInterface extends AuthenticationEntryPointInterface { /** * Does the authenticator support the given Request? * * If this returns false, the authenticator will be skipped. * * @return bool */ public function supports(Request $request); /** * Get the authentication credentials from the request and return them * as any type (e.g. an associate array). * * Whatever value you return here will be passed to getUser() and checkCredentials() * * For example, for a form login, you might: * * return [ * 'username' => $request->request->get('_username'), * 'password' => $request->request->get('_password'), * ]; * * Or for an API token that's on a header, you might use: * * return ['api_key' => $request->headers->get('X-API-TOKEN')]; * * @return mixed Any non-null value * * @throws \UnexpectedValueException If null is returned */ public function getCredentials(Request $request); /** * Return a UserInterface object based on the credentials. * * The *credentials* are the return value from getCredentials() * * You may throw an AuthenticationException if you wish. If you return * null, then a UsernameNotFoundException is thrown for you. * * @param mixed $credentials * * @throws AuthenticationException * * @return UserInterface|null */ public function getUser($credentials, UserProviderInterface $userProvider); /** * Returns true if the credentials are valid. * * If false is returned, authentication will fail. You may also throw * an AuthenticationException if you wish to cause authentication to fail. * * The *credentials* are the return value from getCredentials() * * @param mixed $credentials * * @return bool * * @throws AuthenticationException */ public function checkCredentials($credentials, UserInterface $user); /** * Create an authenticated token for the given user. * * If you don't care about which token class is used or don't really * understand what a "token" is, you can skip this method by extending * the AbstractGuardAuthenticator class from your authenticator. * * @see AbstractGuardAuthenticator * * @return GuardTokenInterface */ public function createAuthenticatedToken(UserInterface $user, string $providerKey); /** * Called when authentication executed, but failed (e.g. wrong username password). * * This should return the Response sent back to the user, like a * RedirectResponse to the login page or a 401 response. * * If you return null, the request will continue, but the user will * not be authenticated. This is probably not what you want to do. * * @return Response|null */ public function onAuthenticationFailure(Request $request, AuthenticationException $exception); /** * Called when authentication executed and was successful! * * This should return the Response sent back to the user, like a * RedirectResponse to the last page they visited. * * If you return null, the current request will continue, and the user * will be authenticated. This makes sense, for example, with an API. * * @return Response|null */ public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $providerKey); /** * Does this method support remember me cookies? * * Remember me cookie will be set if *all* of the following are met: * A) This method returns true * B) The remember_me key under your firewall is configured * C) The "remember me" functionality is activated. This is usually * done by having a _remember_me checkbox in your form, but * can be configured by the "always_remember_me" and "remember_me_parameter" * parameters under the "remember_me" firewall key * D) The onAuthenticationSuccess method returns a Response object * * @return bool */ public function supportsRememberMe(); }