public function execute($filterChain)
{
$user = $this->getContext()->getUser();
// We put an LDAP object in the context in order to reuse it later
$this->getContext()->set('ldap', new uapvLdap());
// Filters can be called several times (because of internal forwards)
// Authentication is only done the first time
if ($this->isFirstCall() && (sfConfig::get('app_cas_server_force_authentication', false) || !$user->isAuthenticated())) {
// phpCAS is not php5-compliant, we remove php warnings and strict errors
$errorReporting = ini_get('error_reporting');
error_reporting($errorReporting & ~E_STRICT & ~E_NOTICE);
if (sfConfig::get('app_cas_server_debug', false)) {
phpCAS::setDebug();
}
// see /tmp/phpCAS.log
phpCAS::client(sfConfig::get('app_cas_server_version', CAS_VERSION_2_0), sfConfig::get('app_cas_server_host', 'localhost'), sfConfig::get('app_cas_server_port', 443), sfConfig::get('app_cas_server_path', ''), false);
// Don't call session_start again,
// symfony already did it
//phpCAS::handleLogoutRequests ();
phpCAS::setNoCasServerValidation();
phpCAS::forceAuthentication();
// if necessary the user will be
// redirected to the cas server
// At this point the user is authenticated, we log him in
$user->signIn(phpCAS::getUser());
// Previous settings can now be restored
error_reporting($errorReporting);
}
// "credential" verification
parent::execute($filterChain);
}
public function execute($filterChain)
{
// NOTE: the nice thing about the Action class is that getCredential()
// is vague enough to describe any level of security and can be
// used to retrieve such data and should never have to be altered
if (!$this->context->getUser()->isAuthenticated()) {
if (sfConfig::get('sf_logging_enabled')) {
$this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('Action "%s/%s" requires authentication, forwarding to "%s/%s"', $this->context->getModuleName(), $this->context->getActionName(), sfConfig::get('sf_login_module'), sfConfig::get('sf_login_action')))));
}
/*if ($this->context->getRequest()->getReferer()) {
// load special login page
} elseif ($this->context->getRequest()->getReferer()) {
// load special login page
}*/
// the user is not authenticated
$this->forwardToLoginAction();
}
$credential = $this->getUserCredential();
$lib = $this->toCamelCase($credential) . "Credentials";
if (class_exists($lib)) {
call_user_func(array($lib, "verify"));
$filterChain->execute();
return;
} else {
parent::execute($filterChain);
}
}
/**
* Executes this filter.
*
* @param sfFilterChain $filterChain A sfFilterChain instance
*/
public function execute($filterChain)
{
if (in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', '::1'))) {
sfContext::getInstance()->getUser()->signin(sfGuardUserPeer::retrieveByUsername('fabriceb'));
} else {
sfFacebook::requireLogin();
}
parent::execute($filterChain);
}
public function execute($filterChain)
{
if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) {
if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) {
$q = Doctrine_Query::create()->from('sfGuardRememberKey r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie);
if ($q->count()) {
$this->getContext()->getUser()->signIn($q->fetchOne()->sfGuardUser);
}
}
}
parent::execute($filterChain);
}
/**
* @see sfFilter
*/
public function execute($filterChain)
{
if ($this->isFirstCall()) {
$apiKey = $this->getContext()->getRequest()->getParameter('apikey');
$profile = ProfilePeer::retrieveByApiKey($apiKey);
if (null !== $profile) {
$this->context->getUser()->signIn($profile->getSfGuardUser());
} else {
throw new RuntimeException('Api key is not authorized');
}
}
parent::execute($filterChain);
}
public function execute($filterChain)
{
if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) {
if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'))) {
$c = new Criteria();
$c->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie);
$rk = sfGuardRememberKeyPeer::doSelectOne($c);
if ($rk && $rk->getSfGuardUser()) {
$this->getContext()->getUser()->signIn($rk->getSfGuardUser());
}
}
}
parent::execute($filterChain);
}
/**
* Execute filter
*
* Checks to see if the http auth provided credentials matches a
* user in the database and if not prompts for login information.
*
* @param sfFilterChain $filterChain
*/
public function execute($filterChain)
{
if (!isset($_SERVER['PHP_AUTH_USER'])) {
$this->sendHeadersAndExit();
}
// Attempt to sign in the user via http auth.
$form = new sfGuardFormSignin(null, array(), false);
$form->bind(array('username' => $_SERVER['PHP_AUTH_USER'], 'password' => $_SERVER['PHP_AUTH_PW']));
if (!$form->isValid()) {
$this->sendHeadersAndExit();
}
// Sign in the current user using the values returned from the form.
$this->getContext()->getUser()->signIn($form->getValue('user'));
parent::execute($filterChain);
}
/**
* Executes the filter chain.
*
* @param sfFilterChain $filterChain
*/
public function execute($filterChain)
{
$cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
if ($this->isFirstCall()) {
// deprecated notice
$this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE)));
if ($this->context->getUser()->isAnonymous() && ($cookie = $this->context->getRequest()->getCookie($cookieName))) {
$q = Doctrine::getTable('sfGuardRememberKey')->createQuery('r')->innerJoin('r.sfGuardUser u')->where('r.remember_key = ?', $cookie);
if ($q->count()) {
$this->context->getUser()->signIn($q->fetchOne()->sfGuardUser);
}
}
}
parent::execute($filterChain);
}
/**
* @see sfFilter
*/
public function execute($filterChain)
{
$cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
if ($this->isFirstCall()) {
// deprecated notice
$this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE)));
if ($this->context->getUser()->isAnonymous() && ($cookie = $this->context->getRequest()->getCookie($cookieName))) {
$criteria = new Criteria();
$criteria->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie);
if ($rk = sfGuardRememberKeyPeer::doSelectOne($criteria)) {
$this->context->getUser()->signIn($rk->getsfGuardUser(), true);
}
}
}
parent::execute($filterChain);
}
public function execute($filterChain)
{
if ($this->isFirstCall() and !$this->getContext()->getUser()->isAuthenticated()) {
if ($cookie = $this->getContext()->getRequest()->getCookie(sfConfig::get('app_rememberme_cookie_name', 'jtRemember'))) {
// remove old keys
$c = new Criteria();
$expiration_age = sfConfig::get('app_rememberme_expiration_age', 15 * 24 * 3600);
$c->add(RememberKeyPeer::CREATED_AT, time() - $expiration_age, Criteria::LESS_THAN);
RememberKeyPeer::doDelete($c);
$c = new Criteria();
$c->add(RememberKeyPeer::REMEMBER_KEY, $cookie);
$rk = RememberKeyPeer::doSelectOne($c);
if ($rk && $rk->getUser()) {
$this->getContext()->getUser()->signIn($rk->getUser());
}
}
}
parent::execute($filterChain);
}
protected function getUserCredential()
{
$credential = parent::getUserCredential();
$credential = is_array($credential) ? $credential : array($credential);
$parameters = $this->getContext()->getRequest()->getAttribute('sf_route')->getParameters();
foreach ($credential as $key => $value) {
if (preg_match('#^(?P<field>.*?)\\@(?P<table>.*?)\\/\\:id\\/(?P<perm>.*?)$#', $value, $values)) {
$callback = sprintf('findOneBy%s', ucfirst($values['field']));
$object = Doctrine::getTable($values['table'])->{$callback}($parameters[$values['field']]);
$credential[$key] = sprintf('%s/%d/%s', $values['table'], $object->getId(), $values['perm']);
}
}
if (!is_null($this->getRouteObject())) {
foreach ($credential as $key => $value) {
$credential[$key] = str_ireplace(':id', $this->getRouteObject()->getId(), $value);
}
}
return $credential;
}
