protected function eventListener() { $app = $this->app; $app->on(OAuthEvents::USER, function ($event) use($app) { $this->usrToken = $event->getToken(); $this->email = $this->usrToken->getEmail(); $this->name = $this->usrToken->getUsername(); $this->usrId = $this->usrToken->getUid(); try { // // Login user $user = $this->usrManager->loadUserByUsername($this->email ?: $this->name); $this->user = $this->usrManager->refreshUser($user); $this->usrToken->setUser($this->user); $this->user->setConfirmationToken(null); $this->user->setEnabled(true); $this->usrManager->loginAsUser($this->user); $this->logger(" Try to login user from " . $this->usrToken->getService()); } catch (UsernameNotFoundException $e) { // // Register new user $this->generatePassword(); $this->user = $this->usrManager->createUser($this->email, $this->password, $this->name); $this->usrToken->setUser($this->user); $this->user->setConfirmationToken(null); $this->user->setEnabled(true); $this->user->setUsername($this->usrId); $this->usrManager->insert($this->user); $this->usrManager->loginAsUser($this->user); $app['session']->getFlashBag()->set('alert', 'Account created.'); $this->logger(" Try to register user from " . $this->usrToken->getService()); } if ($this->app['user']) { $this->setSuccessHandler($this->usrToken->getService()); } // TODO send an email with information about the user $app->after(function () use($app) { $this->usrManager->loginAsUser($this->user); if ($this->usrManager->isLoggedIn()) { $newUrl = $app['url_generator']->generate('user.view', array('id' => $this->user->getId())); return new RedirectResponse($newUrl); } }); }); return $app; }
/** * {@inheritDoc} */ public function authenticate(TokenInterface $token) { if (!$this->supports($token)) { return null; } $user = $token->getUser(); if (!$user instanceof UserInterface && null !== $this->dispatcher) { $event = new GetUserForTokenEvent($token); $event->setUserProvider($this->userProvider); $this->dispatcher->dispatch(OAuthEvents::USER, $event); $user = $event->getToken()->getUser(); } if (!$user instanceof UserInterface) { throw new BadCredentialsException('No user found for given credentials.'); } $this->userChecker->checkPostAuth($user); $authenticatedToken = new OAuthToken($this->providerKey, $user->getRoles()); $authenticatedToken->setAccessToken($token->getAccessToken()); $authenticatedToken->setService($token->getService()); $authenticatedToken->setUid($token->getUid()); $authenticatedToken->setAuthenticated(true); $authenticatedToken->setUser($user); return $authenticatedToken; }
/** * {@inheritDoc} */ protected function attemptAuthentication(Request $request) { $service = $request->attributes->get('service'); $oauthService = $this->registry->getService($service); // redirect to auth provider if initiating if ($this->httpUtils->checkRequestPath($request, $this->options['login_route'])) { if ($this->options['post_only'] && !$request->isMethod('post')) { if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication method not supported: %s.', $request->getMethod())); } return null; } // CSRF checking only upon login if (null !== $this->csrfTokenManager) { $csrfToken = $request->get($this->options['csrf_parameter'], null, true); if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['intention'], $csrfToken))) { throw new InvalidCsrfTokenException('Invalid CSRF token.'); } } $authorizationParameters = array(); if ($oauthService instanceof OAuth1ServiceInterface) { $token = $oauthService->requestRequestToken(); $authorizationParameters = array('oauth_token' => $token->getRequestToken()); } $authorizationUri = $oauthService->getAuthorizationUri($authorizationParameters); return $this->httpUtils->createRedirectResponse($request, $authorizationUri->getAbsoluteUri()); } // request access token upon callback if ($this->httpUtils->checkRequestPath($request, $this->options['callback_route'])) { if ($request->query->has('error')) { throw new AuthenticationException($request->query->get('error_description', $request->query->get('error'))); } if ($oauthService instanceof OAuth1ServiceInterface) { try { $serviceName = OAuthServiceRegistry::getServiceName($oauthService); $token = $oauthService->getStorage()->retrieveAccessToken($serviceName); } catch (StorageException $exception) { throw new AuthenticationException('Could not retrieve access token.', null, $exception); } if (!$request->query->has('oauth_token') || !$request->query->has('oauth_verifier')) { throw new AuthenticationException('Token parameters missing.'); } $oauthService->requestAccessToken($request->query->get('oauth_token'), $request->query->get('oauth_verifier'), $token->getRequestTokenSecret()); } else { if (!$request->query->has('code')) { throw new AuthenticationException('Token parameters missing.'); } $oauthService->requestAccessToken($request->query->get('code')); } // the access token is now stored in the session, redirect back to check_path return $this->httpUtils->createRedirectResponse($request, $this->options['check_route']); } $authToken = new OAuthToken($this->providerKey); $authToken->setService($this->registry->mapServiceName($service)); if (null !== $this->dispatcher) { $this->dispatcher->dispatch(OAuthEvents::TOKEN, new FilterTokenEvent($authToken)); } return $this->authenticationManager->authenticate($authToken); }