diff options
Diffstat (limited to 'Http/Authentication')
6 files changed, 346 insertions, 19 deletions
diff --git a/Http/Authentication/AuthenticationUtils.php b/Http/Authentication/AuthenticationUtils.php new file mode 100644 index 0000000..317c8a0 --- /dev/null +++ b/Http/Authentication/AuthenticationUtils.php @@ -0,0 +1,87 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\RequestStack; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Security; + +/** + * Extracts Security Errors from Request + * + * @author Boris Vujicic <boris.vujicic@gmail.com> + */ +class AuthenticationUtils +{ + /** + * @var RequestStack + */ + private $requestStack; + + /** + * @param RequestStack $requestStack + */ + public function __construct(RequestStack $requestStack) + { + $this->requestStack = $requestStack; + } + + /** + * @param bool $clearSession + * + * @return AuthenticationException|null + */ + public function getLastAuthenticationError($clearSession = true) + { + $request = $this->getRequest(); + $session = $request->getSession(); + $authenticationException = null; + + if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) { + $authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR); + } elseif ($session !== null && $session->has(Security::AUTHENTICATION_ERROR)) { + $authenticationException = $session->get(Security::AUTHENTICATION_ERROR); + + if ($clearSession) { + $session->remove(Security::AUTHENTICATION_ERROR); + } + } + + return $authenticationException; + } + + /** + * @return string + */ + public function getLastUsername() + { + $session = $this->getRequest()->getSession(); + + return null === $session ? '' : $session->get(Security::LAST_USERNAME); + } + + /** + * @return Request + * @throws \LogicException + */ + private function getRequest() + { + $request = $this->requestStack->getCurrentRequest(); + + if (null === $request) { + throw new \LogicException('Request should exist so it can be processed for error.'); + } + + return $request; + } +} diff --git a/Http/Authentication/CustomAuthenticationFailureHandler.php b/Http/Authentication/CustomAuthenticationFailureHandler.php new file mode 100644 index 0000000..36d4a78 --- /dev/null +++ b/Http/Authentication/CustomAuthenticationFailureHandler.php @@ -0,0 +1,45 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\Security\Core\Exception\AuthenticationException; + +/** + * @author Fabien Potencier <fabien@symfony.com> + */ +class CustomAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface +{ + private $handler; + + /** + * Constructor. + * + * @param AuthenticationFailureHandlerInterface $handler An AuthenticationFailureHandlerInterface instance + * @param array $options Options for processing a successful authentication attempt + */ + public function __construct(AuthenticationFailureHandlerInterface $handler, array $options) + { + $this->handler = $handler; + if (method_exists($handler, 'setOptions')) { + $this->handler->setOptions($options); + } + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationFailure(Request $request, AuthenticationException $exception) + { + return $this->handler->onAuthenticationFailure($request, $exception); + } +} diff --git a/Http/Authentication/CustomAuthenticationSuccessHandler.php b/Http/Authentication/CustomAuthenticationSuccessHandler.php new file mode 100644 index 0000000..2d1b26e --- /dev/null +++ b/Http/Authentication/CustomAuthenticationSuccessHandler.php @@ -0,0 +1,49 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\HttpFoundation\Request; + +/** + * @author Fabien Potencier <fabien@symfony.com> + */ +class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface +{ + private $handler; + + /** + * Constructor. + * + * @param AuthenticationSuccessHandlerInterface $handler An AuthenticationSuccessHandlerInterface instance + * @param array $options Options for processing a successful authentication attempt + * @param string $providerKey The provider key + */ + public function __construct(AuthenticationSuccessHandlerInterface $handler, array $options, $providerKey) + { + $this->handler = $handler; + if (method_exists($handler, 'setOptions')) { + $this->handler->setOptions($options); + } + if (method_exists($handler, 'setProviderKey')) { + $this->handler->setProviderKey($providerKey); + } + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationSuccess(Request $request, TokenInterface $token) + { + return $this->handler->onAuthenticationSuccess($request, $token); + } +} diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php index b3c5c4d..8864dae 100644 --- a/Http/Authentication/DefaultAuthenticationFailureHandler.php +++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php @@ -15,7 +15,7 @@ use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\HttpKernelInterface; use Psr\Log\LoggerInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\SecurityContextInterface; +use Symfony\Component\Security\Core\Security; use Symfony\Component\Security\Http\HttpUtils; /** @@ -34,6 +34,12 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle protected $httpUtils; protected $logger; protected $options; + protected $defaultOptions = array( + 'failure_path' => null, + 'failure_forward' => false, + 'login_path' => '/login', + 'failure_path_parameter' => '_failure_path', + ); /** * Constructor. @@ -43,18 +49,32 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle * @param array $options Options for processing a failed authentication attempt. * @param LoggerInterface $logger Optional logger */ - public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options, LoggerInterface $logger = null) + public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options = array(), LoggerInterface $logger = null) { $this->httpKernel = $httpKernel; $this->httpUtils = $httpUtils; $this->logger = $logger; + $this->setOptions($options); + } - $this->options = array_merge(array( - 'failure_path' => null, - 'failure_forward' => false, - 'login_path' => '/login', - 'failure_path_parameter' => '_failure_path', - ), $options); + /** + * Gets the options. + * + * @return array An array of options + */ + public function getOptions() + { + return $this->options; + } + + /** + * Sets the options. + * + * @param array $options An array of options + */ + public function setOptions(array $options) + { + $this->options = array_merge($this->defaultOptions, $options); } /** @@ -76,7 +96,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle } $subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']); - $subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); + $subRequest->attributes->set(Security::AUTHENTICATION_ERROR, $exception); return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST); } @@ -85,7 +105,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle $this->logger->debug(sprintf('Redirecting to %s', $this->options['failure_path'])); } - $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); + $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception); return $this->httpUtils->createRedirectResponse($request, $this->options['failure_path']); } diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php index 591a28d..5fa7071 100644 --- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php +++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php @@ -27,6 +27,13 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle protected $httpUtils; protected $options; protected $providerKey; + protected $defaultOptions = array( + 'always_use_default_target_path' => false, + 'default_target_path' => '/', + 'login_path' => '/login', + 'target_path_parameter' => '_target_path', + 'use_referer' => false, + ); /** * Constructor. @@ -34,17 +41,10 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle * @param HttpUtils $httpUtils * @param array $options Options for processing a successful authentication attempt. */ - public function __construct(HttpUtils $httpUtils, array $options) + public function __construct(HttpUtils $httpUtils, array $options = array()) { $this->httpUtils = $httpUtils; - - $this->options = array_merge(array( - 'always_use_default_target_path' => false, - 'default_target_path' => '/', - 'login_path' => '/login', - 'target_path_parameter' => '_target_path', - 'use_referer' => false, - ), $options); + $this->setOptions($options); } /** @@ -56,6 +56,26 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle } /** + * Gets the options. + * + * @return array An array of options + */ + public function getOptions() + { + return $this->options; + } + + /** + * Sets the options. + * + * @param array $options An array of options + */ + public function setOptions(array $options) + { + $this->options = array_merge($this->defaultOptions, $options); + } + + /** * Get the provider key. * * @return string diff --git a/Http/Authentication/SimpleAuthenticationHandler.php b/Http/Authentication/SimpleAuthenticationHandler.php new file mode 100644 index 0000000..09a55ef --- /dev/null +++ b/Http/Authentication/SimpleAuthenticationHandler.php @@ -0,0 +1,106 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Psr\Log\LoggerInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface; + +/** + * Class to proxy authentication success/failure handlers + * + * Events are sent to the SimpleAuthenticatorInterface if it implements + * the right interface, otherwise (or if it fails to return a Response) + * the default handlers are triggered. + * + * @author Jordi Boggiano <j.boggiano@seld.be> + */ +class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterface, AuthenticationSuccessHandlerInterface +{ + protected $successHandler; + protected $failureHandler; + protected $simpleAuthenticator; + protected $logger; + + /** + * Constructor. + * + * @param SimpleAuthenticatorInterface $authenticator SimpleAuthenticatorInterface instance + * @param AuthenticationSuccessHandlerInterface $successHandler Default success handler + * @param AuthenticationFailureHandlerInterface $failureHandler Default failure handler + * @param LoggerInterface $logger Optional logger + */ + public function __construct(SimpleAuthenticatorInterface $authenticator, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, LoggerInterface $logger = null) + { + $this->simpleAuthenticator = $authenticator; + $this->successHandler = $successHandler; + $this->failureHandler = $failureHandler; + $this->logger = $logger; + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationSuccess(Request $request, TokenInterface $token) + { + if ($this->simpleAuthenticator instanceof AuthenticationSuccessHandlerInterface) { + if ($this->logger) { + $this->logger->debug(sprintf('Using the %s object as authentication success handler', get_class($this->simpleAuthenticator))); + } + + $response = $this->simpleAuthenticator->onAuthenticationSuccess($request, $token); + if ($response instanceof Response) { + return $response; + } + + if (null !== $response) { + throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationSuccess method must return null to use the default success handler, or a Response object', get_class($this->simpleAuthenticator))); + } + } + + if ($this->logger) { + $this->logger->debug('Fallback to the default authentication success handler'); + } + + return $this->successHandler->onAuthenticationSuccess($request, $token); + } + + /** + * {@inheritdoc} + */ + public function onAuthenticationFailure(Request $request, AuthenticationException $exception) + { + if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) { + if ($this->logger) { + $this->logger->debug(sprintf('Using the %s object as authentication failure handler', get_class($this->simpleAuthenticator))); + } + + $response = $this->simpleAuthenticator->onAuthenticationFailure($request, $exception); + if ($response instanceof Response) { + return $response; + } + + if (null !== $response) { + throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationFailure method must return null to use the default failure handler, or a Response object', get_class($this->simpleAuthenticator))); + } + } + + if ($this->logger) { + $this->logger->debug('Fallback to the default authentication failure handler'); + } + + return $this->failureHandler->onAuthenticationFailure($request, $exception); + } +} |