/**
* Handles basic authentication.
*
* @param GetResponseEvent $event A GetResponseEvent instance
*/
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
if (false === ($username = $request->headers->get('PHP_AUTH_USER', false))) {
return;
}
if (null !== ($token = $this->securityContext->getToken())) {
if ($token instanceof OrganizationContextTokenInterface && $token->isAuthenticated() && $token->getUsername() === $username) {
return;
}
}
$this->logProcess($username);
try {
$organizationId = $request->headers->get('PHP_AUTH_ORGANIZATION');
if ($organizationId) {
$authToken = $this->tokenFactory->create($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey, $this->manager->getOrganizationById($organizationId));
} else {
$authToken = new UsernamePasswordToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey);
}
$this->securityContext->setToken($this->authenticationManager->authenticate($authToken));
} catch (AuthenticationException $failed) {
$token = $this->securityContext->getToken();
if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) {
$this->securityContext->setToken(null);
}
$this->logError($username, $failed->getMessage());
if ($this->ignoreFailure) {
return;
}
$event->setResponse($this->authenticationEntryPoint->start($request, $failed));
}
}
/**
* {@inheritdoc}
*/
public function authenticate(TokenInterface $token)
{
if (null === $this->tokenFactory) {
throw new AuthenticationException('Token Factory is not set in UsernamePasswordOrganizationAuthenticationProvider.');
}
$guesser = new UserOrganizationGuesser();
/** @var TokenInterface $token */
$authenticatedToken = parent::authenticate($token);
/** @var User $user */
$user = $authenticatedToken->getUser();
$organization = $guesser->guess($user, $token);
if (!$organization) {
throw new BadCredentialsException("You don't have active organization assigned.");
} elseif (!$user->getOrganizations(true)->contains($organization)) {
throw new BadCredentialsException(sprintf("You don't have access to organization '%s'", $organization->getName()));
}
$authenticatedToken = $this->tokenFactory->create($authenticatedToken->getUser(), $authenticatedToken->getCredentials(), $authenticatedToken->getProviderKey(), $organization, $authenticatedToken->getRoles());
return $authenticatedToken;
}