/**
* Updates the authentication credentials, the authentication manager needs to authenticate this token.
* This could be a username/password from a login controller.
* This method is called while initializing the security context. By returning TRUE you
* make sure that the authentication manager will (re-)authenticate the tokens with the current credentials.
* Note: You should not persist the credentials!
*
* @param \TYPO3\Flow\Mvc\ActionRequest $actionRequest The current request instance
* @return void
*/
public function updateCredentials(\TYPO3\Flow\Mvc\ActionRequest $actionRequest)
{
$this->opauth->setActionRequest($actionRequest);
$response = $this->opauth->getResponse();
if ($response !== NULL) {
$this->strategy = $response->getStrategy();
$this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED);
}
return;
}
/**
* Overridden authenticateAction method to check for an existing account with the Opauth data.
*
* @return string
*/
public function authenticateAction()
{
$opauthResponse = $this->opauth->getResponse();
if ($this->authenticateActionAlreadyCalled == FALSE && $opauthResponse !== NULL) {
$this->authenticateActionAlreadyCalled = TRUE;
if ($opauthResponse->isAuthenticationSucceeded()) {
$opauthAccount = $this->opauthAccountService->getAccount($opauthResponse);
$doesAccountExists = $this->opauthAccountService->doesAccountExist($opauthAccount);
if ($doesAccountExists === FALSE) {
return $this->onOpauthAccountDoesNotExist($opauthResponse->getRawData(), $opauthAccount);
}
} else {
return $this->onOpauthAuthenticationFailure($opauthResponse->getRawData());
}
}
return parent::authenticateAction();
}
/**
* Tries to authenticate the given token. Sets isAuthenticated to TRUE if authentication succeeded.
*
* @param \TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken The token to be authenticated
* @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException
* @return void
*/
public function authenticate(\TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken)
{
if (!$authenticationToken instanceof OpauthToken) {
throw new \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1381598908);
}
$response = $this->opauth->getResponse();
if ($response !== NULL && $response->isAuthenticationSucceeded()) {
$accountIdentifier = $this->accountService->createAccountIdentifier($response);
$authenticationProviderName = $this->name;
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName);
if ($account !== NULL) {
$authenticationToken->setAccount($account);
$authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL);
}
} else {
$authenticationToken->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::NO_CREDENTIALS_GIVEN);
}
}
