Subclasses likely have to implement the following: - an TokenInterface to hold authentication related data - an AuthenticationProvider to perform the actual authentication of the token, retrieve the UserInterface implementation from a database, and perform the specific account checks using the UserChecker By default, this listener only is active for a specific path, e.g. login_check. If you want to change this behavior, you can overwrite the requiresAuthentication() method.
Author: Fabien Potencier (fabien@symfony.com)
Author: Johannes M. Schmitt (schmittjoh@gmail.com)
Inheritance: implements Symfony\Component\Security\Http\Firewall\ListenerInterface
 /**
  * {@inheritdoc}
  */
 protected function requiresAuthentication(Request $request)
 {
     if (false == parent::requiresAuthentication($request)) {
         return false;
     }
     return $this->getRelyingParty()->supports($request);
 }
 /**
  * {@inheritdoc}
  */
 protected function requiresAuthentication(Request $request)
 {
     if ($this->options['post_only'] && !$request->isMethod('POST')) {
         return false;
     }
     return parent::requiresAuthentication($request);
 }
 protected function attemptAuthentication(Request $request)
 {
     $config = array_merge(array('callback_url' => $this->options['check_path'], 'callback_transport' => 'post'), $this->options['opauth']);
     if (parent::requiresAuthentication($request)) {
         if (!isset($_POST['opauth'])) {
             throw new AuthenticationException('opauth post parameter is missing');
         }
         // check_path
         $opauth = new Opauth($config, false);
         $response = unserialize(base64_decode($_POST['opauth']));
         $failureReason = null;
         /**
          * Check if it's an error callback
          */
         if (array_key_exists('error', $response)) {
             throw new AuthenticationException($response['error']);
         } else {
             if (empty($response['auth']) || empty($response['timestamp']) || empty($response['signature']) || empty($response['auth']['provider']) || empty($response['auth']['uid'])) {
                 throw new AuthenticationException('Missing key auth response components');
             } elseif (!$opauth->validate(sha1(print_r($response['auth'], true)), $response['timestamp'], $response['signature'], $failureReason)) {
                 throw new AuthenticationException($failureReason);
             } else {
                 $token = new OpauthToken(new OpauthResult($response['auth']));
                 return $this->authenticationManager->authenticate($token);
             }
         }
     } else {
         // this should redirect or print, it's an opauth thing...
         new Opauth($config);
         // we need to exit now unfortunately...
         exit;
     }
 }
 public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null)
 {
     if (null !== $csrfTokenManager && !$csrfTokenManager instanceof CsrfTokenManagerInterface) {
         throw new InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.');
     }
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, $options, $logger, $dispatcher);
 }
 public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null)
 {
     if ($csrfTokenManager instanceof CsrfProviderInterface) {
         $csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager);
     } elseif (null !== $csrfTokenManager && !$csrfTokenManager instanceof CsrfTokenManagerInterface) {
         throw new InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.');
     }
     parent::__construct($tokenStorage, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, array_merge(array('username_parameter' => '_username', 'password_parameter' => '_password', 'csrf_parameter' => '_csrf_token', 'intention' => 'authenticate', 'post_only' => true), $options), $logger, $dispatcher);
     $this->csrfTokenManager = $csrfTokenManager;
 }
    /**
     * {@inheritdoc}
     */
    public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null, CsrfProviderInterface $csrfProvider = null)
    {
        parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $providerKey, array_merge(array(
            'username_parameter' => '_username',
            'password_parameter' => '_password',
            'csrf_parameter'     => '_csrf_token',
            'csrf_page_id'       => 'form_login',
            'post_only'          => true,
        ), $options), $successHandler, $failureHandler, $logger, $eventDispatcher);

        $this->csrfProvider = $csrfProvider;
    }
 /**
  * Constructor.
  *
  * @param SecurityContextInterface               $securityContext
  * @param AuthenticationManagerInterface         $authenticationManager
  * @param SessionAuthenticationStrategyInterface $sessionStrategy
  * @param HttpUtils                              $httpUtils
  * @param string                                 $providerKey
  * @param OAuthServiceRegistry                   $registry
  * @param AuthenticationSuccessHandlerInterface  $successHandler
  * @param AuthenticationFailureHandlerInterface  $failureHandler
  * @param array                                  $options
  * @param LoggerInterface                        $logger
  * @param EventDispatcherInterface               $dispatcher
  * @param mixed                                  $csrfTokenManager
  */
 public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, OAuthServiceRegistry $registry, AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null)
 {
     if ($csrfTokenManager instanceof CsrfProviderInterface) {
         $csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager);
     } elseif (null !== $csrfTokenManager && !$csrfTokenManager instanceof CsrfTokenManagerInterface) {
         throw new InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.');
     }
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, array_merge(array('login_route' => '_auth_service', 'check_route' => '_auth_service_check', 'csrf_parameter' => '_csrf_token', 'intention' => 'oauth', 'post_only' => false), $options), $logger, $dispatcher);
     $this->registry = $registry;
     $this->csrfTokenManager = $csrfTokenManager;
     $this->dispatcher = $dispatcher;
 }
 public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, CsrfProviderInterface $csrfProvider = null)
 {
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, $options, $logger, $dispatcher);
     $this->csrfProvider = $csrfProvider;
 }
 /**
  * @param \Symfony\Component\Security\Core\SecurityContextInterface $securityContext
  * @param \Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface $authenticationManager
  * @param \SessionAuthenticationStrategyInterface $sessionStrategy
  * @param \Symfony\Component\Security\Http\HttpUtils $httpUtils
  * @param string $providerKey
  * @param \Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface $successHandler
  * @param \Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface $failureHandler
  * @param array $options
  * @param \Psr\Log\LoggerInterface $logger
  * @param \Symfony\Component\EventDispatcher\EventDispatcherInterface $dispatcher
  * @throws \InvalidArgumentException
  */
 public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
 {
     // this needs to be disabled because Facebook authentication can be started almost anywhere, anytime
     $options['require_previous_session'] = false;
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, $options, $logger, $dispatcher);
 }
 public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $logger, $options = array(), $httpKernel)
 {
     $options = array();
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, "user", new DefaultAuthenticationSuccessHandler($httpUtils, $options), new DefaultAuthenticationFailureHandler($httpKernel, $httpUtils, $options), array_merge(array('username_parameter' => '_username', 'password_parameter' => '_password', 'intention' => 'authenticate', 'post_only' => true), $options));
     $this->authenticationManager = $authenticationManager;
 }
 protected function requiresAuthentication(Request $request)
 {
     return parent::requiresAuthentication($request);
 }
 /**
  * {@inheritdoc}
  */
 public function __construct(SecurityContext $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null)
 {
     parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $providerKey, array_merge(array('username_parameter' => '_username', 'password_parameter' => '_password', 'post_only' => true), $options), $successHandler, $failureHandler, $logger);
 }