/**
* Listen for successful login events
*
* @param \Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event
*/
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
{
$request = $event->getRequest();
// Check if security token is supported
$token = $event->getAuthenticationToken();
if (!$this->isTokenSupported($token)) {
return;
}
// Forward to two-factor providers
// They decide if they will do two-factor authentication
$context = new AuthenticationContext($request, $token);
$this->authHandler->beginAuthentication($context);
}
/**
* Listen for successful login events.
*
* @param InteractiveLoginEvent $event
*/
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
{
$request = $event->getRequest();
// Skip two-factor authentication for whitelisted IPs
if (in_array($request->getClientIp(), $this->ipWhitelist)) {
return;
}
// Check if security token is supported
$token = $event->getAuthenticationToken();
if (!$this->isTokenSupported($token)) {
return;
}
// Forward to two-factor providers
// They decide if they will do two-factor authentication
$context = $this->authenticationContextFactory->create($request, $token);
$this->authHandler->beginAuthentication($context);
}
/**
* Call TwoFactorProviderRegistry, set trusted computer cookie if requested.
*
* @param AuthenticationContextInterface $context
*
* @return Response|null
*/
public function requestAuthenticationCode(AuthenticationContextInterface $context)
{
$request = $context->getRequest();
$user = $context->getUser();
$context->setUseTrustedOption($this->useTrustedOption);
// Set trusted flag
$response = $this->authHandler->requestAuthenticationCode($context);
// On response validate if trusted cookie should be set
if ($response instanceof Response) {
// Set trusted cookie
if ($context->isAuthenticated() && $context->useTrustedOption() && $request->get($this->trustedName)) {
$cookie = $this->cookieManager->createTrustedCookie($request, $user);
$response->headers->setCookie($cookie);
}
return $response;
}
return null;
}
/**
* Listen for request events
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
*/
public function onCoreRequest(GetResponseEvent $event)
{
$request = $event->getRequest();
// Exclude path
if ($this->excludePattern !== null && preg_match("#" . $this->excludePattern . "#", $request->getPathInfo())) {
return;
}
// Check if security token is supported
$token = $this->securityContext->getToken();
if (!$this->isTokenSupported($token)) {
return;
}
// Forward to two-factor provider
// Providers can create a response object
$context = new AuthenticationContext($request, $token);
$response = $this->authHandler->requestAuthenticationCode($context);
// Set the response (if there is one)
if ($response instanceof Response) {
$event->setResponse($response);
}
}
