Home Explore Help
Sign In
dima
/
balticrest
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 8967e8d364
Branches Tags
balticrest
/
vendor
/
symfony
/
security-core
/
Authentication
/
Provider
/
UserAuthenticationProvider.php

UserAuthenticationProvider.php 4.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4.  * This file is part of the Symfony package.
    5. 

  5.  *
    6. 

  6.  * (c) Fabien Potencier <fabien@symfony.com>
    7. 

  7.  *
    8. 

  8.  * For the full copyright and license information, please view the LICENSE
    9. 

  9.  * file that was distributed with this source code.
    10. 

  10.  */
    11. 

  11. 

  12. namespace Symfony\Component\Security\Core\Authentication\Provider;
    13. 

  13. 

  14. use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
    15. 

  15. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
    16. 

  16. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
    17. 

  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
    18. 

  18. use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
    19. 

  19. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
    20. 

  20. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
    21. 

  21. use Symfony\Component\Security\Core\User\UserCheckerInterface;
    22. 

  22. use Symfony\Component\Security\Core\User\UserInterface;
    23. 

  23. 

  24. /**
    25. 

  25.  * UserProviderInterface retrieves users for UsernamePasswordToken tokens.
    26. 

  26.  *
    27. 

  27.  * @author Fabien Potencier <fabien@symfony.com>
    28. 

  28.  */
    29. 

  29. abstract class UserAuthenticationProvider implements AuthenticationProviderInterface
    30. 

  30. {
    31. 

  31.     private $hideUserNotFoundExceptions;
    32. 

  32.     private $userChecker;
    33. 

  33.     private $providerKey;
    34. 

  34. 

  35.     /**
    36. 

  36.      * @throws \InvalidArgumentException
    37. 

  37.      */
    38. 

  38.     public function __construct(UserCheckerInterface $userChecker, string $providerKey, bool $hideUserNotFoundExceptions = true)
    39. 

  39.     {
    40. 

  40.         if (empty($providerKey)) {
    41. 

  41.             throw new \InvalidArgumentException('$providerKey must not be empty.');
    42. 

  42.         }
    43. 

  43. 

  44.         $this->userChecker = $userChecker;
    45. 

  45.         $this->providerKey = $providerKey;
    46. 

  46.         $this->hideUserNotFoundExceptions = $hideUserNotFoundExceptions;
    47. 

  47.     }
    48. 

  48. 

  49.     /**
    50. 

  50.      * {@inheritdoc}
    51. 

  51.      */
    52. 

  52.     public function authenticate(TokenInterface $token)
    53. 

  53.     {
    54. 

  54.         if (!$this->supports($token)) {
    55. 

  55.             throw new AuthenticationException('The token is not supported by this authentication provider.');
    56. 

  56.         }
    57. 

  57. 

  58.         $username = $token->getUsername();
    59. 

  59.         if ('' === $username || null === $username) {
    60. 

  60.             $username = AuthenticationProviderInterface::USERNAME_NONE_PROVIDED;
    61. 

  61.         }
    62. 

  62. 

  63.         try {
    64. 

  64.             $user = $this->retrieveUser($username, $token);
    65. 

  65.         } catch (UsernameNotFoundException $e) {
    66. 

  66.             if ($this->hideUserNotFoundExceptions) {
    67. 

  67.                 throw new BadCredentialsException('Bad credentials.', 0, $e);
    68. 

  68.             }
    69. 

  69.             $e->setUsername($username);
    70. 

  70. 

  71.             throw $e;
    72. 

  72.         }
    73. 

  73. 

  74.         if (!$user instanceof UserInterface) {
    75. 

  75.             throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.');
    76. 

  76.         }
    77. 

  77. 

  78.         try {
    79. 

  79.             $this->userChecker->checkPreAuth($user);
    80. 

  80.             $this->checkAuthentication($user, $token);
    81. 

  81.             $this->userChecker->checkPostAuth($user);
    82. 

  82.         } catch (BadCredentialsException $e) {
    83. 

  83.             if ($this->hideUserNotFoundExceptions) {
    84. 

  84.                 throw new BadCredentialsException('Bad credentials.', 0, $e);
    85. 

  85.             }
    86. 

  86. 

  87.             throw $e;
    88. 

  88.         }
    89. 

  89. 

  90.         if ($token instanceof SwitchUserToken) {
    91. 

  91.             $authenticatedToken = new SwitchUserToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles(), $token->getOriginalToken());
    92. 

  92.         } else {
    93. 

  93.             $authenticatedToken = new UsernamePasswordToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
    94. 

  94.         }
    95. 

  95. 

  96.         $authenticatedToken->setAttributes($token->getAttributes());
    97. 

  97. 

  98.         return $authenticatedToken;
    99. 

  99.     }
    100. 

  100. 

  101.     /**
    102. 

  102.      * {@inheritdoc}
    103. 

  103.      */
    104. 

  104.     public function supports(TokenInterface $token)
    105. 

  105.     {
    106. 

  106.         return $token instanceof UsernamePasswordToken && $this->providerKey === $token->getFirewallName();
    107. 

  107.     }
    108. 

  108. 

  109.     /**
    110. 

  110.      * Retrieves the user from an implementation-specific location.
    111. 

  111.      *
    112. 

  112.      * @return UserInterface The user
    113. 

  113.      *
    114. 

  114.      * @throws AuthenticationException if the credentials could not be validated
    115. 

  115.      */
    116. 

  116.     abstract protected function retrieveUser(string $username, UsernamePasswordToken $token);
    117. 

  117. 

  118.     /**
    119. 

  119.      * Does additional checks on the user and token (like validating the
    120. 

  120.      * credentials).
    121. 

  121.      *
    122. 

  122.      * @throws AuthenticationException if the credentials could not be validated
    123. 

  123.      */
    124. 

  124.     abstract protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token);
    125. 

  125. }
    126.