/** * @param string $propertyPath * @return string */ public function render($propertyPath = 'party.name') { $tokens = $this->securityContext->getAuthenticationTokens(); foreach ($tokens as $token) { if ($token->isAuthenticated()) { return (string) \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($token->getAccount(), $propertyPath); } } return ''; }
/** * Renders <f:then> child if any account is currently authenticated, otherwise renders <f:else> child. * * @return string the rendered string * @api */ public function render() { $activeTokens = $this->securityContext->getAuthenticationTokens(); /** @var $token TokenInterface */ foreach ($activeTokens as $token) { if ($token->isAuthenticated()) { return $this->renderThenChild(); } } return $this->renderElseChild(); }
/** * Renders <f:then> child if any account is currently authenticated, otherwise renders <f:else> child. * * @param string $authenticationProviderName * @return string the rendered string * @api */ public function render($authenticationProviderName = 'Sandstorm.UserManagement:Login') { $activeTokens = $this->securityContext->getAuthenticationTokens(); /** @var $token TokenInterface */ foreach ($activeTokens as $token) { if ($token->getAuthenticationProviderName() === $authenticationProviderName && $token->isAuthenticated()) { return $this->renderThenChild(); } } return $this->renderElseChild(); }
/** * @param AuthenticationRequiredException $exception */ protected function onAuthenticationFailure(AuthenticationRequiredException $exception = NULL) { /** @var $token TokenInterface */ foreach ($this->securityContext->getAuthenticationTokens() as $token) { if ($token instanceof AbstractClientToken && $token->getAuthenticationStatus() === TokenInterface::WRONG_CREDENTIALS) { $this->addFlashMessage('An error occurred during your log in. Please make sure you\'re granting all required permissions because this is need for the Instagram Client to run.', 'Wrong input', Message::SEVERITY_ERROR, array(), 1383817435); $this->forward('login'); break; } } $this->addFlashMessage('The e-mail address or the password have not been entered correctly.', 'Wrong input', Message::SEVERITY_ERROR, array(), 1371119714); $this->forward('index'); }
/** * Logout all active authentication tokens * * @return void */ public function logout() { if ($this->isAuthenticated() !== TRUE) { return; } $this->isAuthenticated = NULL; /** @var $token TokenInterface */ foreach ($this->securityContext->getAuthenticationTokens() as $token) { $token->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN); } $this->emitLoggedOut(); if ($this->session->isStarted()) { $this->session->destroy('Logout through AuthenticationProviderManager'); } }
/** * Advices the dispatch method so that illegal action requests are blocked before * invoking any controller. * * The "request" referred to within this method is an ActionRequest or some other * dispatchable request implementing RequestInterface. Note that we don't deal * with HTTP requests here. * * @Flow\Around("setting(TYPO3.Flow.security.enable) && method(TYPO3\Flow\Mvc\Dispatcher->dispatch())") * @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint * @return mixed Result of the advice chain * @throws \Exception|\TYPO3\Flow\Security\Exception\AccessDeniedException * @throws \Exception|\TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function blockIllegalRequestsAndForwardToAuthenticationEntryPoints(JoinPointInterface $joinPoint) { $request = $joinPoint->getMethodArgument('request'); if (!$request instanceof ActionRequest || $this->securityContext->areAuthorizationChecksDisabled()) { return $joinPoint->getAdviceChain()->proceed($joinPoint); } try { $this->firewall->blockIllegalRequests($request); return $joinPoint->getAdviceChain()->proceed($joinPoint); } catch (AuthenticationRequiredException $exception) { $response = $joinPoint->getMethodArgument('response'); $entryPointFound = FALSE; /** @var $token \TYPO3\Flow\Security\Authentication\TokenInterface */ foreach ($this->securityContext->getAuthenticationTokens() as $token) { $entryPoint = $token->getAuthenticationEntryPoint(); if ($entryPoint !== NULL) { $entryPointFound = TRUE; if ($entryPoint instanceof WebRedirect) { $this->securityLogger->log('Redirecting to authentication entry point', LOG_INFO, $entryPoint->getOptions()); } else { $this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO); } $this->securityContext->setInterceptedRequest($request->getMainRequest()); $entryPoint->startAuthentication($request->getHttpRequest(), $response); } } if ($entryPointFound === FALSE) { $this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE); throw $exception; } } catch (AccessDeniedException $exception) { $this->securityLogger->log('Access denied', LOG_WARNING); throw $exception; } return NULL; }
/** * @param Token $token * @return void */ public function onetimeLoginAction(Token $token) { $username = $token->getMeta()['name']; /** @var $account \TYPO3\Flow\Security\Account */ $account = NULL; $providerName = $this->authenticationProviderName; $accountRepository = $this->accountRepository; $this->securityContext->withoutAuthorizationChecks(function () use($username, $providerName, $accountRepository, &$account) { $account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($username, $providerName); }); foreach ($this->securityContext->getAuthenticationTokens() as $authenticationToken) { if ($authenticationToken->getAuthenticationProviderName() === $providerName) { $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $authenticationToken->setAccount($account); break; } } $this->redirect('resetForm'); }
public function socialAuthenticateAction($name, $socialNetwork, $return_url = NULL) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($name, $this->providerName); if ($account instanceof \TYPO3\Flow\Security\Account) { if ($account->getParty()->getSocialNetwork() == $socialNetwork) { $tokens = $this->securityContext->getAuthenticationTokens(); foreach ($tokens as $token) { $token->setAccount($account); $token->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); } $this->flashMessageContainer->addMessage(new Message($this->translator->translateById('login.login.success', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); if ($return_url != '') { $this->redirectToUri($return_url); } else { $this->redirect('index', 'Standard'); } } else { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.login.usernameExist', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard'); } } }