/**
* @param string $propertyPath
* @return string
*/
public function render($propertyPath = 'party.name')
{
$tokens = $this->securityContext->getAuthenticationTokens();
foreach ($tokens as $token) {
if ($token->isAuthenticated()) {
return (string) \TYPO3\Flow\Reflection\ObjectAccess::getPropertyPath($token->getAccount(), $propertyPath);
}
}
return '';
}
/**
* Renders <f:then> child if any account is currently authenticated, otherwise renders <f:else> child.
*
* @return string the rendered string
* @api
*/
public function render()
{
$activeTokens = $this->securityContext->getAuthenticationTokens();
/** @var $token TokenInterface */
foreach ($activeTokens as $token) {
if ($token->isAuthenticated()) {
return $this->renderThenChild();
}
}
return $this->renderElseChild();
}
/**
* Renders <f:then> child if any account is currently authenticated, otherwise renders <f:else> child.
*
* @param string $authenticationProviderName
* @return string the rendered string
* @api
*/
public function render($authenticationProviderName = 'Sandstorm.UserManagement:Login')
{
$activeTokens = $this->securityContext->getAuthenticationTokens();
/** @var $token TokenInterface */
foreach ($activeTokens as $token) {
if ($token->getAuthenticationProviderName() === $authenticationProviderName && $token->isAuthenticated()) {
return $this->renderThenChild();
}
}
return $this->renderElseChild();
}
/**
* @param AuthenticationRequiredException $exception
*/
protected function onAuthenticationFailure(AuthenticationRequiredException $exception = NULL)
{
/** @var $token TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
if ($token instanceof AbstractClientToken && $token->getAuthenticationStatus() === TokenInterface::WRONG_CREDENTIALS) {
$this->addFlashMessage('An error occurred during your log in. Please make sure you\'re granting all required permissions because this is need for the Instagram Client to run.', 'Wrong input', Message::SEVERITY_ERROR, array(), 1383817435);
$this->forward('login');
break;
}
}
$this->addFlashMessage('The e-mail address or the password have not been entered correctly.', 'Wrong input', Message::SEVERITY_ERROR, array(), 1371119714);
$this->forward('index');
}
/**
* Logout all active authentication tokens
*
* @return void
*/
public function logout()
{
if ($this->isAuthenticated() !== TRUE) {
return;
}
$this->isAuthenticated = NULL;
/** @var $token TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$token->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN);
}
$this->emitLoggedOut();
if ($this->session->isStarted()) {
$this->session->destroy('Logout through AuthenticationProviderManager');
}
}
/**
* Advices the dispatch method so that illegal action requests are blocked before
* invoking any controller.
*
* The "request" referred to within this method is an ActionRequest or some other
* dispatchable request implementing RequestInterface. Note that we don't deal
* with HTTP requests here.
*
* @Flow\Around("setting(TYPO3.Flow.security.enable) && method(TYPO3\Flow\Mvc\Dispatcher->dispatch())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed Result of the advice chain
* @throws \Exception|\TYPO3\Flow\Security\Exception\AccessDeniedException
* @throws \Exception|\TYPO3\Flow\Security\Exception\AuthenticationRequiredException
*/
public function blockIllegalRequestsAndForwardToAuthenticationEntryPoints(JoinPointInterface $joinPoint)
{
$request = $joinPoint->getMethodArgument('request');
if (!$request instanceof ActionRequest || $this->securityContext->areAuthorizationChecksDisabled()) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
try {
$this->firewall->blockIllegalRequests($request);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (AuthenticationRequiredException $exception) {
$response = $joinPoint->getMethodArgument('response');
$entryPointFound = FALSE;
/** @var $token \TYPO3\Flow\Security\Authentication\TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$entryPoint = $token->getAuthenticationEntryPoint();
if ($entryPoint !== NULL) {
$entryPointFound = TRUE;
if ($entryPoint instanceof WebRedirect) {
$this->securityLogger->log('Redirecting to authentication entry point', LOG_INFO, $entryPoint->getOptions());
} else {
$this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO);
}
$this->securityContext->setInterceptedRequest($request->getMainRequest());
$entryPoint->startAuthentication($request->getHttpRequest(), $response);
}
}
if ($entryPointFound === FALSE) {
$this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE);
throw $exception;
}
} catch (AccessDeniedException $exception) {
$this->securityLogger->log('Access denied', LOG_WARNING);
throw $exception;
}
return NULL;
}
/**
* @param Token $token
* @return void
*/
public function onetimeLoginAction(Token $token)
{
$username = $token->getMeta()['name'];
/** @var $account \TYPO3\Flow\Security\Account */
$account = NULL;
$providerName = $this->authenticationProviderName;
$accountRepository = $this->accountRepository;
$this->securityContext->withoutAuthorizationChecks(function () use($username, $providerName, $accountRepository, &$account) {
$account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($username, $providerName);
});
foreach ($this->securityContext->getAuthenticationTokens() as $authenticationToken) {
if ($authenticationToken->getAuthenticationProviderName() === $providerName) {
$authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL);
$authenticationToken->setAccount($account);
break;
}
}
$this->redirect('resetForm');
}
public function socialAuthenticateAction($name, $socialNetwork, $return_url = NULL)
{
$account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($name, $this->providerName);
if ($account instanceof \TYPO3\Flow\Security\Account) {
if ($account->getParty()->getSocialNetwork() == $socialNetwork) {
$tokens = $this->securityContext->getAuthenticationTokens();
foreach ($tokens as $token) {
$token->setAccount($account);
$token->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL);
}
$this->flashMessageContainer->addMessage(new Message($this->translator->translateById('login.login.success', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
if ($return_url != '') {
$this->redirectToUri($return_url);
} else {
$this->redirect('index', 'Standard');
}
} else {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.login.usernameExist', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
$this->redirect('index', 'Standard');
}
}
}
