11 files changed, 131 insertions, 21 deletions

diff --git a/Core/Authentication/AuthenticationProviderManager.php b/Core/Authentication/AuthenticationProviderManager.php
index a82b9fb..7ca46c0 100644
--- a/Core/Authentication/AuthenticationProviderManager.php
+++ b/Core/Authentication/AuthenticationProviderManager.php
@@ -11,6 +11,10 @@
 
 namespace Symfony\Component\Security\Core\Authentication;
 
+use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
+use Symfony\Component\Security\Core\Event\AuthenticationEvent;
+use Symfony\Component\Security\Core\AuthenticationEvents;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 use Symfony\Component\Security\Core\Exception\AccountStatusException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
@@ -22,11 +26,13 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  * instances to authenticate a Token.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  */
 class AuthenticationProviderManager implements AuthenticationManagerInterface
 {
     private $providers;
     private $eraseCredentials;
+    private $eventDispatcher;
 
     /**
      * Constructor.
@@ -44,6 +50,11 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
         $this->eraseCredentials = (Boolean) $eraseCredentials;
     }
 
+    public function setEventDispatcher(EventDispatcherInterface $dispatcher)
+    {
+        $this->eventDispatcher = $dispatcher;
+    }
+
     /**
      * {@inheritdoc}
      */
@@ -77,6 +88,10 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
                 $result->eraseCredentials();
             }
 
+            if (null !== $this->eventDispatcher) {
+                $this->eventDispatcher->dispatch(AuthenticationEvents::AUTHENTICATION_SUCCESS, new AuthenticationEvent($result));
+            }
+
             return $result;
         }
 
@@ -84,6 +99,10 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
             $lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', get_class($token)));
         }
 
+        if (null !== $this->eventDispatcher) {
+            $this->eventDispatcher->dispatch(AuthenticationEvents::AUTHENTICATION_FAILURE, new AuthenticationFailureEvent($token, $lastException));
+        }
+
         $lastException->setExtraInformation($token);
 
         throw $lastException;
diff --git a/Core/Authentication/AuthenticationTrustResolver.php b/Core/Authentication/AuthenticationTrustResolver.php
index 8ca28fb..9b3ff3d 100644
--- a/Core/Authentication/AuthenticationTrustResolver.php
+++ b/Core/Authentication/AuthenticationTrustResolver.php
@@ -28,8 +28,6 @@ class AuthenticationTrustResolver implements AuthenticationTrustResolverInterfac
      *
      * @param string $anonymousClass
      * @param string $rememberMeClass
-     *
-     * @return void
      */
     public function __construct($anonymousClass, $rememberMeClass)
     {
diff --git a/Core/Authentication/Provider/AuthenticationProviderInterface.php b/Core/Authentication/Provider/AuthenticationProviderInterface.php
index c843216..956adf1 100644
--- a/Core/Authentication/Provider/AuthenticationProviderInterface.php
+++ b/Core/Authentication/Provider/AuthenticationProviderInterface.php
@@ -15,7 +15,7 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 
 /**
- * AuthenticationProviderInterface is the interface for for all authentication
+ * AuthenticationProviderInterface is the interface for all authentication
  * providers.
  *
  * Concrete implementations processes specific Token instances.
diff --git a/Core/Authentication/Provider/UserAuthenticationProvider.php b/Core/Authentication/Provider/UserAuthenticationProvider.php
index ce78df6..f0463ea 100644
--- a/Core/Authentication/Provider/UserAuthenticationProvider.php
+++ b/Core/Authentication/Provider/UserAuthenticationProvider.php
@@ -65,26 +65,34 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
 
         try {
             $user = $this->retrieveUser($username, $token);
-
-            if (!$user instanceof UserInterface) {
-                throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.');
+        } catch (UsernameNotFoundException $notFound) {
+            if ($this->hideUserNotFoundExceptions) {
+                throw new BadCredentialsException('Bad credentials', 0, $notFound);
             }
 
+            throw $notFound;
+        }
+
+        if (!$user instanceof UserInterface) {
+            throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.');
+        }
+
+        try {
             $this->userChecker->checkPreAuth($user);
             $this->checkAuthentication($user, $token);
             $this->userChecker->checkPostAuth($user);
-
-            $authenticatedToken = new UsernamePasswordToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
-            $authenticatedToken->setAttributes($token->getAttributes());
-
-            return $authenticatedToken;
-        } catch (UsernameNotFoundException $notFound) {
+        } catch (BadCredentialsException $e) {
             if ($this->hideUserNotFoundExceptions) {
-                throw new BadCredentialsException('Bad credentials', 0, $notFound);
+                throw new BadCredentialsException('Bad credentials', 0, $e);
             }
 
-            throw $notFound;
+            throw $e;
         }
+
+        $authenticatedToken = new UsernamePasswordToken($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
+        $authenticatedToken->setAttributes($token->getAttributes());
+
+        return $authenticatedToken;
     }
 
     /**
diff --git a/Core/Authentication/Token/RememberMeToken.php b/Core/Authentication/Token/RememberMeToken.php
index 7ac9e1c..de50e5c 100644
--- a/Core/Authentication/Token/RememberMeToken.php
+++ b/Core/Authentication/Token/RememberMeToken.php
@@ -52,7 +52,7 @@ class RememberMeToken extends AbstractToken
     public function setAuthenticated($authenticated)
     {
         if ($authenticated) {
-            throw new \RuntimeException('You cannot set this token to authenticated after creation.');
+            throw new \LogicException('You cannot set this token to authenticated after creation.');
         }
 
         parent::setAuthenticated(false);
diff --git a/Core/AuthenticationEvents.php b/Core/AuthenticationEvents.php
new file mode 100644
index 0000000..1e0e6ff
--- /dev/null
+++ b/Core/AuthenticationEvents.php
@@ -0,0 +1,19 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core;
+
+final class AuthenticationEvents
+{
+    const AUTHENTICATION_SUCCESS = 'security.authentication.success';
+
+    const AUTHENTICATION_FAILURE = 'security.authentication.failure';
+}
diff --git a/Core/Authorization/Voter/AuthenticatedVoter.php b/Core/Authorization/Voter/AuthenticatedVoter.php
index d750e33..5847e0d 100644
--- a/Core/Authorization/Voter/AuthenticatedVoter.php
+++ b/Core/Authorization/Voter/AuthenticatedVoter.php
@@ -35,8 +35,6 @@ class AuthenticatedVoter implements VoterInterface
      * Constructor.
      *
      * @param AuthenticationTrustResolverInterface $authenticationTrustResolver
-     *
-     * @return void
      */
     public function __construct(AuthenticationTrustResolverInterface $authenticationTrustResolver)
     {
diff --git a/Core/Event/AuthenticationEvent.php b/Core/Event/AuthenticationEvent.php
new file mode 100644
index 0000000..132cea9
--- /dev/null
+++ b/Core/Event/AuthenticationEvent.php
@@ -0,0 +1,35 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Event;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\EventDispatcher\Event;
+
+/**
+ * This is a general purpose authentication event.
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class AuthenticationEvent extends Event
+{
+    private $authenticationToken;
+
+    public function __construct(TokenInterface $token)
+    {
+        $this->authenticationToken = $token;
+    }
+
+    public function getAuthenticationToken()
+    {
+        return $this->authenticationToken;
+    }
+}
diff --git a/Core/Event/AuthenticationFailureEvent.php b/Core/Event/AuthenticationFailureEvent.php
new file mode 100644
index 0000000..6705fc9
--- /dev/null
+++ b/Core/Event/AuthenticationFailureEvent.php
@@ -0,0 +1,37 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Core\Event;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+
+/**
+ * This event is dispatched on authentication failure.
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class AuthenticationFailureEvent extends AuthenticationEvent
+{
+    private $authenticationException;
+
+    public function __construct(TokenInterface $token, AuthenticationException $ex)
+    {
+        parent::__construct($token);
+
+        $this->authenticationException = $ex;
+    }
+
+    public function getAuthenticationException()
+    {
+        return $this->authenticationException;
+    }
+}
diff --git a/Core/SecurityContextInterface.php b/Core/SecurityContextInterface.php
index 46b2cc4..960a4cd 100644
--- a/Core/SecurityContextInterface.php
+++ b/Core/SecurityContextInterface.php
@@ -35,8 +35,6 @@ interface SecurityContextInterface
      * Sets the authentication token.
      *
      * @param TokenInterface $token
-     *
-     * @return void
      */
     function setToken(TokenInterface $token = null);
 
diff --git a/Core/User/UserInterface.php b/Core/User/UserInterface.php
index 3b66956..ed6ce0a 100644
--- a/Core/User/UserInterface.php
+++ b/Core/User/UserInterface.php
@@ -48,8 +48,6 @@ interface UserInterface
 
     /**
      * Removes sensitive data from the user.
-     *
-     * @return void
      */
     function eraseCredentials();