diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2013-06-13 10:14:40 +0200 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2013-06-13 10:14:40 +0200 |
| commit | faa0cebf9366ac8aeb9536668349922b91077925 (patch) | |
| tree | e6057af5a0970246fde8601842882f5af59ac4a2 /Core/Authentication/Provider | |
| parent | c61f152e5f3e24fad3e7e7930a3e0e8a8f275ab8 (diff) | |
| parent | 13715788ca2d32961b9098f434dafc70264dfddd (diff) | |
| download | symfony-security-faa0cebf9366ac8aeb9536668349922b91077925.zip symfony-security-faa0cebf9366ac8aeb9536668349922b91077925.tar.gz symfony-security-faa0cebf9366ac8aeb9536668349922b91077925.tar.bz2 | |
merged branch Seldaek/simplesecurity (PR #6069)
This PR was merged into the master branch.
Discussion
----------
[Security] Add simpler customization options
The goal of this is to provide a simpler extension point for people that don't have the time to dive into the whole security factory + authentication provider + user provider + authentication listener + token mess. As it stands, it gives you a way to just create one class that is handling all the security stuff in one (by implementing SimpleFormAuthenticatorInterface and UserProviderInterface) + one or more token classes.
I would like feedback on whether people think this makes sense or not before continuing and doing a SimpleHttpAuthenticatorInterface for non-form based stuff.
Just FYI that's how it would look in security.yml:
```yaml
security:
providers:
simple:
id: simple_authenticator
firewalls:
foo:
pattern: ^/
simple_form:
provider: simple
authenticator: simple_authenticator
```
/cc @atrauzzi (who posted a long rant on the ML about how hard this all is, and I can't agree more - I hope it's the right account on github?)
Commits
-------
74cfc84 marked some classes as being experimental in 2.3
471e5bc [Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user
01c913b moved the simple HTTP authenticator to a pre-auth one
887d9b8 fixed wrong Logger interface
65335ea [Security] Renamed simple_token to simple_http, added support for failure and success handler to both simple firewalls
f7a11a1 [Security] Add simple_token auth method
1fe2ed6 [Security] Add SimpleForm authentication
Diffstat (limited to 'Core/Authentication/Provider')
| -rw-r--r-- | Core/Authentication/Provider/SimpleAuthenticationProvider.php | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/Core/Authentication/Provider/SimpleAuthenticationProvider.php b/Core/Authentication/Provider/SimpleAuthenticationProvider.php new file mode 100644 index 0000000..50c9a08 --- /dev/null +++ b/Core/Authentication/Provider/SimpleAuthenticationProvider.php @@ -0,0 +1,58 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Core\Authentication\Provider; + +use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; +use Symfony\Component\Security\Core\User\UserProviderInterface; +use Symfony\Component\Security\Core\User\UserCheckerInterface; +use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; +use Symfony\Component\Security\Core\Exception\AuthenticationServiceException; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationException; + +/** + * @author Jordi Boggiano <j.boggiano@seld.be> + * + * @experimental This feature is experimental in 2.3 and might change in future versions + */ +class SimpleAuthenticationProvider implements AuthenticationProviderInterface +{ + private $simpleAuthenticator; + private $userProvider; + private $providerKey; + + public function __construct(SimpleAuthenticatorInterface $simpleAuthenticator, UserProviderInterface $userProvider, $providerKey) + { + $this->simpleAuthenticator = $simpleAuthenticator; + $this->userProvider = $userProvider; + $this->providerKey = $providerKey; + } + + public function authenticate(TokenInterface $token) + { + $authToken = $this->simpleAuthenticator->authenticateToken($token, $this->userProvider, $this->providerKey); + + if ($authToken instanceof TokenInterface) { + return $authToken; + } + + throw new AuthenticationException('Simple authenticator failed to return an authenticated token.'); + } + + public function supports(TokenInterface $token) + { + return $this->simpleAuthenticator->supportsToken($token, $this->providerKey); + } +} |