DefaultAuthenticationSuccessHandler.php 4.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\Security\Http\Authentication;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Http\HttpUtils;
  14. use Symfony\Component\Security\Http\ParameterBagUtils;
  15. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  16. /**
  17. * Class with the default authentication success handling logic.
  18. *
  19. * @author Fabien Potencier <fabien@symfony.com>
  20. * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  21. * @author Alexander <iam.asm89@gmail.com>
  22. */
  23. class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
  24. {
  25. use TargetPathTrait;
  26. protected $httpUtils;
  27. protected $options;
  28. /** @deprecated since 5.2, use $firewallName instead */
  29. protected $providerKey;
  30. protected $firewallName;
  31. protected $defaultOptions = [
  32. 'always_use_default_target_path' => false,
  33. 'default_target_path' => '/',
  34. 'login_path' => '/login',
  35. 'target_path_parameter' => '_target_path',
  36. 'use_referer' => false,
  37. ];
  38. /**
  39. * @param array $options Options for processing a successful authentication attempt
  40. */
  41. public function __construct(HttpUtils $httpUtils, array $options = [])
  42. {
  43. $this->httpUtils = $httpUtils;
  44. $this->setOptions($options);
  45. }
  46. /**
  47. * {@inheritdoc}
  48. */
  49. public function onAuthenticationSuccess(Request $request, TokenInterface $token)
  50. {
  51. return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
  52. }
  53. /**
  54. * Gets the options.
  55. *
  56. * @return array An array of options
  57. */
  58. public function getOptions()
  59. {
  60. return $this->options;
  61. }
  62. public function setOptions(array $options)
  63. {
  64. $this->options = array_merge($this->defaultOptions, $options);
  65. }
  66. /**
  67. * Get the provider key.
  68. *
  69. * @return string
  70. *
  71. * @deprecated since 5.2, use getFirewallName() instead
  72. */
  73. public function getProviderKey()
  74. {
  75. if (1 !== \func_num_args() || true !== func_get_arg(0)) {
  76. trigger_deprecation('symfony/security-core', '5.2', 'Method "%s()" is deprecated, use "getFirewallName()" instead.', __METHOD__);
  77. }
  78. if ($this->providerKey !== $this->firewallName) {
  79. trigger_deprecation('symfony/security-core', '5.2', 'The "%1$s::$providerKey" property is deprecated, use "%1$s::$firewallName" instead.', __CLASS__);
  80. return $this->providerKey;
  81. }
  82. return $this->firewallName;
  83. }
  84. public function setProviderKey(string $providerKey)
  85. {
  86. if (2 !== \func_num_args() || true !== func_get_arg(1)) {
  87. trigger_deprecation('symfony/security-http', '5.2', 'Method "%s" is deprecated, use "setFirewallName()" instead.', __METHOD__);
  88. }
  89. $this->providerKey = $providerKey;
  90. }
  91. public function getFirewallName(): ?string
  92. {
  93. return $this->getProviderKey(true);
  94. }
  95. public function setFirewallName(string $firewallName): void
  96. {
  97. $this->setProviderKey($firewallName, true);
  98. $this->firewallName = $firewallName;
  99. }
  100. /**
  101. * Builds the target URL according to the defined options.
  102. *
  103. * @return string
  104. */
  105. protected function determineTargetUrl(Request $request)
  106. {
  107. if ($this->options['always_use_default_target_path']) {
  108. return $this->options['default_target_path'];
  109. }
  110. if ($targetUrl = ParameterBagUtils::getRequestParameterValue($request, $this->options['target_path_parameter'])) {
  111. return $targetUrl;
  112. }
  113. $firewallName = $this->getFirewallName();
  114. if (null !== $firewallName && $targetUrl = $this->getTargetPath($request->getSession(), $firewallName)) {
  115. $this->removeTargetPath($request->getSession(), $firewallName);
  116. return $targetUrl;
  117. }
  118. if ($this->options['use_referer'] && $targetUrl = $request->headers->get('Referer')) {
  119. if (false !== $pos = strpos($targetUrl, '?')) {
  120. $targetUrl = substr($targetUrl, 0, $pos);
  121. }
  122. if ($targetUrl && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
  123. return $targetUrl;
  124. }
  125. }
  126. return $this->options['default_target_path'];
  127. }
  128. }