HttpBasicAuthenticator.php 3.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\Security\Http\Authenticator;
  11. use Psr\Log\LoggerInterface;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  16. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
  18. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  19. use Symfony\Component\Security\Core\User\UserInterface;
  20. use Symfony\Component\Security\Core\User\UserProviderInterface;
  21. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  22. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  23. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  24. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  25. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  26. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  27. /**
  28. * @author Wouter de Jong <wouter@wouterj.nl>
  29. * @author Fabien Potencier <fabien@symfony.com>
  30. *
  31. * @final
  32. * @experimental in 5.2
  33. */
  34. class HttpBasicAuthenticator implements AuthenticatorInterface, AuthenticationEntryPointInterface
  35. {
  36. private $realmName;
  37. private $userProvider;
  38. private $logger;
  39. public function __construct(string $realmName, UserProviderInterface $userProvider, ?LoggerInterface $logger = null)
  40. {
  41. $this->realmName = $realmName;
  42. $this->userProvider = $userProvider;
  43. $this->logger = $logger;
  44. }
  45. public function start(Request $request, AuthenticationException $authException = null): Response
  46. {
  47. $response = new Response();
  48. $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName));
  49. $response->setStatusCode(401);
  50. return $response;
  51. }
  52. public function supports(Request $request): ?bool
  53. {
  54. return $request->headers->has('PHP_AUTH_USER');
  55. }
  56. public function authenticate(Request $request): PassportInterface
  57. {
  58. $username = $request->headers->get('PHP_AUTH_USER');
  59. $password = $request->headers->get('PHP_AUTH_PW', '');
  60. $passport = new Passport(new UserBadge($username, function ($username) {
  61. $user = $this->userProvider->loadUserByUsername($username);
  62. if (!$user instanceof UserInterface) {
  63. throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
  64. }
  65. return $user;
  66. }), new PasswordCredentials($password));
  67. if ($this->userProvider instanceof PasswordUpgraderInterface) {
  68. $passport->addBadge(new PasswordUpgradeBadge($password, $this->userProvider));
  69. }
  70. return $passport;
  71. }
  72. /**
  73. * @param Passport $passport
  74. */
  75. public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
  76. {
  77. return new UsernamePasswordToken($passport->getUser(), null, $firewallName, $passport->getUser()->getRoles());
  78. }
  79. public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
  80. {
  81. return null;
  82. }
  83. public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
  84. {
  85. if (null !== $this->logger) {
  86. $this->logger->info('Basic authentication failed for user.', ['username' => $request->headers->get('PHP_AUTH_USER'), 'exception' => $exception]);
  87. }
  88. return $this->start($request, $exception);
  89. }
  90. }