merged branch canni/failed_login_event (PR #2678)

Commits ------- 09562df Update CHANGELOG for 2.1, describe new auth events cf09c2d added authentication success/failure events Discussion ---------- [Security] Implementation of a "failed login" event, replaces: PR #1307 As I have to use this feature I have completed its implementation. Bugfix: no Feature addition: yes Symfopny2 tests pass: yes Replaces/closes PR: #1307 --------------------------------------------------------------------------- by schmittjoh at 2011/11/18 23:57:56 -0800 Usually, this event is used for the wrong reasons (to customize what happens on authentication failure). Can you move your implementation to the AuthenticationProviderManager instead? see https://github.com/schmittjoh/symfony/blob/master/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php#L103 --------------------------------------------------------------------------- by canni at 2011/11/19 06:00:36 -0800 Good point :) I'll not rewrite yours work, I've cherry-picked yours commits. (BTW you added call to `setEventDispatcher` on `security.authentication.manager` to commit related to some different work ;) --------------------------------------------------------------------------- by fabpot at 2011/11/22 00:12:19 -0800 The new files are missing the LICENSE header. As far as I can see, @schmittjoh fork has a different license from the Symfony one. This needs to be clarified before I can merge this PR. --------------------------------------------------------------------------- by schmittjoh at 2011/11/22 01:53:09 -0800 No biggy, MIT is fine here. --------------------------------------------------------------------------- by canni at 2011/11/22 01:57:51 -0800 @fabpot done --------------------------------------------------------------------------- by fabpot at 2011/11/22 02:22:47 -0800 @canni: Can you update the CHANGELOG file (to reference the changes and the BC breaks -- like the move of KernelEvents for instance). --------------------------------------------------------------------------- by canni at 2011/11/22 02:40:33 -0800 @fabpot: no problem & done PS I haven't realized that namespace change of `SecurityEvents` is actually a BC Break, thx for pointing this. --------------------------------------------------------------------------- by fabpot at 2011/11/22 03:06:17 -0800 @canni: What about keeping a `SecurityEvents` class in the `Http` namespace that just extends the new one. That way, we don't break BC. --------------------------------------------------------------------------- by canni at 2011/11/22 03:53:01 -0800 @fabpot: that will force us to remove `final` keyword form one of classes. Maybe we can add new, not extending class e.g.: `GeneralSecurityEvents` or `AuthenticationEvents`, that way we dont break BC and dont introduce confusion in naming? --------------------------------------------------------------------------- by canni at 2011/11/22 05:53:15 -0800 @fabpot: I've removed the BC break, and squashed schmittjoh commits, to keep things nice and clear.
author: Fabien Potencier <fabien.potencier@gmail.com> 2011-11-24 08:31:18 +0100
committer: Fabien Potencier <fabien.potencier@gmail.com> 2011-11-24 08:31:18 +0100
commit: 94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a (patch)
tree: ae4de147fc58d1e276f32e0bf5be3a3ff2b7996c
parent: c4e467ddc02588e2ac1bb532e9db59566eb059ff (diff)
parent: a02663ada4f50a7e49961085a4ef55e185226d6e (diff)
download: symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.zip
symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.tar.gz
symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.tar.bz2
4 files changed, 110 insertions, 0 deletions
diff --git a/Core/Authentication/AuthenticationProviderManager.php b/Core/Authentication/AuthenticationProviderManager.php
index a82b9fb..7ca46c0 100644
--- a/Core/Authentication/AuthenticationProviderManager.php
+++ b/Core/Authentication/AuthenticationProviderManager.php
@@ -11,6 +11,10 @@
 
 namespace Symfony\Component\Security\Core\Authentication;
 
+use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
+use Symfony\Component\Security\Core\Event\AuthenticationEvent;
+use Symfony\Component\Security\Core\AuthenticationEvents;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\Security\Core\Exception\AccountStatusException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
@@ -22,11 +26,13 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  * instances to authenticate a Token.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
 class AuthenticationProviderManager implements AuthenticationManagerInterface
 {
     private $providers;
     private $eraseCredentials;
+    private $eventDispatcher;
 
     /**
      * Constructor.
@@ -44,6 +50,11 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
         $this->eraseCredentials = (Boolean) $eraseCredentials;
     }
 
+    public function setEventDispatcher(EventDispatcherInterface $dispatcher)
+    {
+        $this->eventDispatcher = $dispatcher;
+    }
+
     /**
      * {@inheritdoc}
      */
@@ -77,6 +88,10 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
                 $result->eraseCredentials();
             }
 
+            if (null !== $this->eventDispatcher) {
+                $this->eventDispatcher->dispatch(AuthenticationEvents::AUTHENTICATION_SUCCESS, new AuthenticationEvent($result));
+            }
+
             return $result;
         }
 
@@ -84,6 +99,10 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
             $lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', get_class($token)));
         }
 
+        if (null !== $this->eventDispatcher) {
+            $this->eventDispatcher->dispatch(AuthenticationEvents::AUTHENTICATION_FAILURE, new AuthenticationFailureEvent($token, $lastException));
+        }
+
         $lastException->setExtraInformation($token);
 
         throw $lastException;
diff --git a/Core/AuthenticationEvents.php b/Core/AuthenticationEvents.php
new file mode 100644
index 0000000..1e0e6ff
--- /dev/null
+++ b/Core/AuthenticationEvents.php
@@ -0,0 +1,19 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core;
+
+final class AuthenticationEvents
+{
+    const AUTHENTICATION_SUCCESS = 'security.authentication.success';
+
+    const AUTHENTICATION_FAILURE = 'security.authentication.failure';
+}
diff --git a/Core/Event/AuthenticationEvent.php b/Core/Event/AuthenticationEvent.php
new file mode 100644
index 0000000..4c32b21
--- /dev/null
+++ b/Core/Event/AuthenticationEvent.php
@@ -0,0 +1,35 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Event;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\EventDispatcher\Event;
+
+/**
+ * This is a general purpose authentication event.
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class AuthenticationEvent extends Event
+{
+    private $authenticationToken;
+
+    public function __construct(TokenInterface $token)
+    {
+        $this->authenticationToken = $token;
+    }
+
+    public function getAuthenticationToken()
+    {
+        return $this->authenticationToken;
+    }
+}
+\ No newline at end of file
diff --git a/Core/Event/AuthenticationFailureEvent.php b/Core/Event/AuthenticationFailureEvent.php
new file mode 100644
index 0000000..6518b69
--- /dev/null
+++ b/Core/Event/AuthenticationFailureEvent.php
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Event;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+
+/**
+ * This event is dispatched on authentication failure.
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class AuthenticationFailureEvent extends AuthenticationEvent
+{
+    private $authenticationException;
+
+    public function __construct(TokenInterface $token, AuthenticationException $ex)
+    {
+        parent::__construct($token);
+
+        $this->authenticationException = $ex;
+    }
+
+    public function getAuthenticationException()
+    {
+        return $this->authenticationException;
+    }
+}
+\ No newline at end of file
author	Fabien Potencier <fabien.potencier@gmail.com>	2011-11-24 08:31:18 +0100
committer	Fabien Potencier <fabien.potencier@gmail.com>	2011-11-24 08:31:18 +0100
commit	94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a (patch)
tree	ae4de147fc58d1e276f32e0bf5be3a3ff2b7996c
parent	c4e467ddc02588e2ac1bb532e9db59566eb059ff (diff)
parent	a02663ada4f50a7e49961085a4ef55e185226d6e (diff)
download	symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.zip symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.tar.gz symfony-security-94dc616c5f298fa0d93bf6f3d2fe7941434c2b8a.tar.bz2