/**
* @param TokenInterface $token
* @return WsseToken|TokenInterface
*/
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && $this->validateDigest($token->getAttribute('digest'), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user), $user)) {
$authenticatedToken = new WsseToken($user->getRoles());
$authenticatedToken->setUser($user);
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
}
$this->logger->error(sprintf('Attempt of unauthorized access for user: %s', $token->getUsername()));
throw new AuthenticationException(' Incorrect email or password.');
}
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
$wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/';
if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) {
return;
}
$user = $matches[1];
$token = new WsseToken();
$token->setUser($user);
$token->setAttribute('digest', $matches[2]);
$token->setAttribute('nonce', $matches[3]);
$token->setAttribute('created', $matches[4]);
try {
$returnValue = $this->authenticationManager->authenticate($token);
if ($returnValue instanceof TokenInterface) {
if (!$returnValue->getUser()->isActive()) {
throw new AuthenticationException("Your account is not activated yet, please check your email and confirm registration.\n" . "If you didn't receive your verification email, please <a href=\"#reconfirm/{$user}\">click here.</a>");
}
return $this->securityContext->setToken($returnValue);
} else {
if ($returnValue instanceof Response) {
$event->setResponse($returnValue);
return;
}
}
} catch (AuthenticationException $failed) {
$this->logger->error(sprintf("Authentication failed for user %s. Reason: %s", $token->getUser(), $failed->getMessage()));
$response = new Response($this->serializer->serialize(['message' => $failed->getMessage()], $request->getRequestFormat()), Codes::HTTP_UNAUTHORIZED);
$event->setResponse($response);
}
}
/**
* @test
*/
public function getCredentials()
{
$token = new WsseToken();
$this->assertEquals('', $token->getCredentials());
}
/**
* @test
*/
public function handleReturnResponse()
{
$token = new WsseToken();
$token->setUser('admin');
$token->setAttribute('digest', 'admin');
$token->setAttribute('nonce', 'admin');
$token->setAttribute('created', '2010-12-12 20:00:00');
$this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->will($this->returnValue($this->response));
$this->responseEvent->expects($this->once())->method('setResponse')->with($this->response);
$this->request->headers->add(array('X-WSSE' => 'UsernameToken Username="******", PasswordDigest="admin", Nonce="admin", Created="2010-12-12 20:00:00"'));
$this->wsseListener->handle($this->responseEvent);
}
