/**
  * Checks if the passed value is valid.
  *
  * @param UserInterface $value      The value that should be validated
  * @param Constraint    $constraint The constraint for the validation
  *
  * @throws UnexpectedTypeException if $value is not instance of \Symfony\Component\Security\Core\User\UserInterface
  */
 public function validate($value, Constraint $constraint)
 {
     if (!$value instanceof UserInterface) {
         throw new UnexpectedTypeException($value, 'Symfony\\Component\\Security\\Core\\User\\UserInterface');
     }
     $user = $this->ldapManager->findUserByUsername($value->getUsername());
     if ($user) {
         $this->context->addViolation($constraint->message, array('%property%' => $constraint->property));
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     $presentedPassword = $token->getCredentials();
     if ($currentUser instanceof UserInterface) {
         if ('' === $presentedPassword) {
             throw new BadCredentialsException('The password in the token is empty. You may forgive turn off `erase_credentials` in your `security.yml`');
         }
         if (!$this->ldapManager->bind($currentUser, $presentedPassword)) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if ('' === $presentedPassword) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->ldapManager->bind($user, $presentedPassword)) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
 }
 public function testCheckAuthenticationUnknownUserPasswordIs0()
 {
     $method = $this->setMethodAccessible('checkAuthentication');
     $username = '******';
     $password = '******';
     $user = new TestUser();
     $user->setUsername($username);
     $token = new UsernamePasswordToken($username, $password, 'provider_key', array());
     $this->ldapManager->expects($this->once())->method('bind')->with($this->equalTo($user), $this->equalTo($password))->will($this->returnValue(true));
     $method->invoke($this->ldapAuthenticationProvider, $user, $token);
     $this->assertTrue(true);
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof LdapUserInterface) {
         if (!$this->ldapManager->bind($currentUser, $currentUser->getPassword())) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!$user->getDn()) {
             $userLdap = $this->ldapManager->findUserByUsername($user->getUsername());
             if (!$userLdap) {
                 throw new BadCredentialsException(sprintf('User "%s" not found', $user->getUsername()));
             }
             $user->setDn($userLdap->getDn());
         }
         if (!($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->ldapManager->bind($user, $presentedPassword)) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
 }
 public function testNoViolationsOnUniqueUserProperty()
 {
     $this->ldapManagerMock->expects($this->once())->method('findUserByUsername')->will($this->returnValue(null))->with($this->equalTo($this->user->getUsername()));
     $this->validatorContext->expects($this->never())->method('addViolation');
     $this->validator->validate($this->user, $this->constraint);
 }
 public function testTrueOnUniqueUserProperty()
 {
     $this->ldapManagerMock->expects($this->once())->method('findUserByUsername')->will($this->returnValue(null))->with($this->equalTo($this->user->getUsername()));
     $this->assertTrue($this->validator->isValid($this->user, $this->constraint));
 }