Beispiel #1
0
 public function handle(GetResponseEvent $event)
 {
     $request = $event->getRequest();
     /**
      * Prépare a requete a envoyé au Parefeu
      */
     $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/';
     if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) {
         return;
     }
     /**
      * Création d'un Token pour l'utilisateur
      */
     $token = new WsseUserToken();
     $token->setUser($matches[1]);
     $token->digest = $matches[2];
     $token->nonce = $matches[3];
     $token->created = $matches[4];
     try {
         $authToken = $this->authenticationManager->authenticate($token);
         // association au contexte du token associé à l(utilostayr
         $this->securityContext->setToken($authToken);
     } catch (AuthenticationException $failed) {
         // ... you might log something here
         // To deny the authentication clear the token. This will redirect to the login page.
         // $this->securityContext->setToken(null);
         // return;
         // Deny authentication with a '403 Forbidden' HTTP response
         $response = new Response();
         $response->setStatusCode(403);
         $event->setResponse($response);
     }
 }
Beispiel #2
0
 /**
  * @param TokenInterface $token
  * AUthentification via le token
  * @return WsseUserToken
  */
 public function authenticate(TokenInterface $token)
 {
     $user = $this->userProvider->loadUserByUsername($token->getUsername());
     if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
         $authenticatedToken = new WsseUserToken($user->getRoles());
         $authenticatedToken->setUser($user);
         return $authenticatedToken;
     }
     throw new AuthenticationException('The WSSE authentication failed.');
 }