AuthenticatorInterface.php 5.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\Security\Guard;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\Response;
  13. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  14. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  15. use Symfony\Component\Security\Core\User\UserInterface;
  16. use Symfony\Component\Security\Core\User\UserProviderInterface;
  17. use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
  18. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  19. /**
  20. * The interface for all "guard" authenticators.
  21. *
  22. * The methods on this interface are called throughout the guard authentication
  23. * process to give you the power to control most parts of the process from
  24. * one location.
  25. *
  26. * @author Ryan Weaver <ryan@knpuniversity.com>
  27. * @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
  28. */
  29. interface AuthenticatorInterface extends AuthenticationEntryPointInterface
  30. {
  31. /**
  32. * Does the authenticator support the given Request?
  33. *
  34. * If this returns false, the authenticator will be skipped.
  35. *
  36. * @return bool
  37. */
  38. public function supports(Request $request);
  39. /**
  40. * Get the authentication credentials from the request and return them
  41. * as any type (e.g. an associate array).
  42. *
  43. * Whatever value you return here will be passed to getUser() and checkCredentials()
  44. *
  45. * For example, for a form login, you might:
  46. *
  47. * return [
  48. * 'username' => $request->request->get('_username'),
  49. * 'password' => $request->request->get('_password'),
  50. * ];
  51. *
  52. * Or for an API token that's on a header, you might use:
  53. *
  54. * return ['api_key' => $request->headers->get('X-API-TOKEN')];
  55. *
  56. * @return mixed Any non-null value
  57. *
  58. * @throws \UnexpectedValueException If null is returned
  59. */
  60. public function getCredentials(Request $request);
  61. /**
  62. * Return a UserInterface object based on the credentials.
  63. *
  64. * The *credentials* are the return value from getCredentials()
  65. *
  66. * You may throw an AuthenticationException if you wish. If you return
  67. * null, then a UsernameNotFoundException is thrown for you.
  68. *
  69. * @param mixed $credentials
  70. *
  71. * @throws AuthenticationException
  72. *
  73. * @return UserInterface|null
  74. */
  75. public function getUser($credentials, UserProviderInterface $userProvider);
  76. /**
  77. * Returns true if the credentials are valid.
  78. *
  79. * If false is returned, authentication will fail. You may also throw
  80. * an AuthenticationException if you wish to cause authentication to fail.
  81. *
  82. * The *credentials* are the return value from getCredentials()
  83. *
  84. * @param mixed $credentials
  85. *
  86. * @return bool
  87. *
  88. * @throws AuthenticationException
  89. */
  90. public function checkCredentials($credentials, UserInterface $user);
  91. /**
  92. * Create an authenticated token for the given user.
  93. *
  94. * If you don't care about which token class is used or don't really
  95. * understand what a "token" is, you can skip this method by extending
  96. * the AbstractGuardAuthenticator class from your authenticator.
  97. *
  98. * @see AbstractGuardAuthenticator
  99. *
  100. * @return GuardTokenInterface
  101. */
  102. public function createAuthenticatedToken(UserInterface $user, string $providerKey);
  103. /**
  104. * Called when authentication executed, but failed (e.g. wrong username password).
  105. *
  106. * This should return the Response sent back to the user, like a
  107. * RedirectResponse to the login page or a 401 response.
  108. *
  109. * If you return null, the request will continue, but the user will
  110. * not be authenticated. This is probably not what you want to do.
  111. *
  112. * @return Response|null
  113. */
  114. public function onAuthenticationFailure(Request $request, AuthenticationException $exception);
  115. /**
  116. * Called when authentication executed and was successful!
  117. *
  118. * This should return the Response sent back to the user, like a
  119. * RedirectResponse to the last page they visited.
  120. *
  121. * If you return null, the current request will continue, and the user
  122. * will be authenticated. This makes sense, for example, with an API.
  123. *
  124. * @return Response|null
  125. */
  126. public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $providerKey);
  127. /**
  128. * Does this method support remember me cookies?
  129. *
  130. * Remember me cookie will be set if *all* of the following are met:
  131. * A) This method returns true
  132. * B) The remember_me key under your firewall is configured
  133. * C) The "remember me" functionality is activated. This is usually
  134. * done by having a _remember_me checkbox in your form, but
  135. * can be configured by the "always_remember_me" and "remember_me_parameter"
  136. * parameters under the "remember_me" firewall key
  137. * D) The onAuthenticationSuccess method returns a Response object
  138. *
  139. * @return bool
  140. */
  141. public function supportsRememberMe();
  142. }