PHP Cowtent\RestBundle\Security\Authentication\Token WsseUserToken Examples

Programming Language: PHP

Namespace/Package Name: Cowtent\RestBundle\Security\Authentication\Token

Class/Type: WsseUserToken

Examples at hotexamples.com: 2

PHP Cowtent\RestBundle\Security\Authentication\Token WsseUserToken - 2 examples found. These are the top rated real world PHP examples of Cowtent\RestBundle\Security\Authentication\Token\WsseUserToken extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

setUser(2)

Example #1

Show file

File: WsseProvider.php Project: cowtent/cowtent-application

 /**
  * @param TokenInterface $token
  *
  * @return WsseUserToken
  */
 public function authenticate(TokenInterface $token)
 {
     /** @var WsseUserToken $token */
     $user = $this->userProvider->loadUserByUsername($token->getUsername());
     $secret = $user->getApiKey() . '{' . $user->getSalt() . '}';
     if ($this->validateDigest($token->digest, $token->nonce, $token->created, $secret)) {
         $authenticatedToken = new WsseUserToken($user->getRoles());
         $authenticatedToken->setUser($user);
         return $authenticatedToken;
     }
     throw new AuthenticationException('The WSSE authentication failed.');
 }

Example #2

Show file

File: WsseListener.php Project: smalot/cowtent-application

 public function handle(GetResponseEvent $event)
 {
     $request = $event->getRequest();
     $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/';
     if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) {
         throw new AccessDeniedHttpException('Missing WSSE headers.');
         $response = new Response();
         $response->setStatusCode(Response::HTTP_FORBIDDEN);
         $response->setContent('Missing WSSE headers.');
         $event->setResponse($response);
         return;
     }
     $token = new WsseUserToken();
     $token->setUser($matches[1]);
     $token->digest = $matches[2];
     $token->nonce = $matches[3];
     $token->created = $matches[4];
     try {
         $authToken = $this->authenticationManager->authenticate($token);
         $this->tokenStorage->setToken($authToken);
         return;
     } catch (AuthenticationException $failed) {
         throw new AccessDeniedHttpException('WSSE Login failed.');
         // ... you might log something here
         $failedMessage = 'WSSE Login failed for ' . $token->getUsername() . '. Why ? ' . $failed->getMessage();
         $this->logger->err($failedMessage);
         // To deny the authentication clear the token. This will redirect to the login page.
         // Make sure to only clear your token, not those of other authentication listeners.
         // $token = $this->tokenStorage->getToken();
         // if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) {
         //     $this->tokenStorage->setToken(null);
         // }
         // return;
         // Deny authentication with a '403 Forbidden' HTTP response
         $response = new Response();
         $response->setStatusCode(Response::HTTP_FORBIDDEN);
         $response->setContent($failedMessage);
         $event->setResponse($response);
         return;
     }
     // By default deny authorization
     $response = new Response();
     $response->setStatusCode(Response::HTTP_FORBIDDEN);
     $event->setResponse($response);
 }