/**
* Receive SendGrid Events
*
* @return mixed
*/
public function eventAction()
{
/**
* If Basic Auth is configured, authenticate the request
*/
if ($this->auth) {
$this->auth->setRequest($this->getRequest());
$this->auth->setResponse($this->getResponse());
$result = $this->auth->authenticate();
if (!$result->isValid()) {
return $this->appError('Authentication Failed', $this->getResponse()->getStatusCode(), 'auth_error');
}
}
/**
* All SendGrid Requests are POSTed
*/
if (!$this->getRequest()->isPost()) {
return $this->appError('Method Not Allowed', 405, 'general_error');
}
/**
* Trigger Events for Listeners
*/
$this->emitter->receiveRequest($this->getRequest());
/**
* Return an Empty 200 Response
*/
return $this->getResponse();
}
/**
* Attempt to authenticate the current request.
*
* @param Request $request
* @param Response $response
* @param MvcAuthEvent $mvcAuthEvent
* @return false|IdentityInterface False on failure, IdentityInterface
* otherwise
*/
public function authenticate(Request $request, Response $response, MvcAuthEvent $mvcAuthEvent)
{
$this->httpAuth->setRequest($request);
$this->httpAuth->setResponse($response);
$result = $this->authenticationService->authenticate($this->httpAuth);
$mvcAuthEvent->setAuthenticationResult($result);
if (! $result->isValid()) {
return false;
}
$resultIdentity = $result->getIdentity();
// Pass fully discovered identity to AuthenticatedIdentity instance
$identity = new Identity\AuthenticatedIdentity($resultIdentity);
// But determine the name separately
$name = $resultIdentity;
if (is_array($resultIdentity)) {
$name = isset($resultIdentity['username'])
? $resultIdentity['username']
: (string) array_shift($resultIdentity);
}
$identity->setName($name);
return $identity;
}
public function testNoResolvers()
{
// Stub request for Basic auth
$headers = new Headers();
$headers->addHeaderLine('Authorization', 'Basic <followed by a space character');
$request = new Request();
$request->setHeaders($headers);
$response = new Response();
// Once for Basic
try {
$a = new Adapter\Http($this->_basicConfig);
$a->setRequest($request)->setResponse($response);
$result = $a->authenticate();
$this->fail("Tried Basic authentication without a resolver.\n" . \Zend\Debug::dump($result->getMessages(), null, false));
} catch (Adapter\Exception\ExceptionInterface $e) {
// Good, it threw an exception
unset($a);
}
// Stub request for Digest auth, must be reseted (recreated)
$headers = new Headers();
$headers->addHeaderLine('Authorization', 'Digest <followed by a space character');
$request = new Request();
$request->setHeaders($headers);
// Once for Digest
try {
$a = new Adapter\Http($this->_digestConfig);
$a->setRequest($request)->setResponse($response);
$result = $a->authenticate();
$this->fail("Tried Digest authentication without a resolver.\n" . \Zend\Debug::dump($result->getMessages(), null, false));
} catch (Adapter\Exception\ExceptionInterface $e) {
// Good, it threw an exception
unset($a);
}
}
/**
* Acts like a client sending the given Authenticate header value.
*
* @param string $clientHeader Authenticate header value
* @param string $scheme Which authentication scheme to use
* @return array Containing the result, the response headers, and the status
*/
public function _doAuth($clientHeader, $scheme)
{
// Set up stub request and response objects
$response = new Response();
$response->setStatusCode(200);
$headers = new Headers();
$headers->addHeaderLine('Proxy-Authorization', $clientHeader);
$headers->addHeaderLine('User-Agent', 'PHPUnit');
$request = new Request();
$request->setUri('http://localhost/');
$request->setMethod('GET');
$request->setHeaders($headers);
// Select an Authentication scheme
switch ($scheme) {
case 'basic':
$use = $this->_basicConfig;
break;
case 'digest':
$use = $this->_digestConfig;
break;
case 'both':
default:
$use = $this->_bothConfig;
}
// Create the HTTP Auth adapter
$a = new \Zend\Authentication\Adapter\Http($use);
$a->setBasicResolver($this->_basicResolver);
$a->setDigestResolver($this->_digestResolver);
// Send the authentication request
$a->setRequest($request);
$a->setResponse($response);
$result = $a->authenticate();
$return = array('result' => $result, 'status' => $response->getStatusCode(), 'headers' => $response->getHeaders());
return $return;
}
/**
* Acts like a client sending the given Authenticate header value.
*
* @param string $clientHeader Authenticate header value
* @param string $scheme Which authentication scheme to use
* @return array Containing the result, the response headers, and the status
*/
public function _doAuth($clientHeader, $scheme)
{
// Set up stub request and response objects
$request = $this->getMock('Zend\\Controller\\Request\\Http');
$response = new HTTPResponse();
$response->setHttpResponseCode(200);
$response->headersSentThrowsException = false;
// Set stub method return values
$request->expects($this->any())->method('getRequestUri')->will($this->returnValue('/'));
$request->expects($this->any())->method('getMethod')->will($this->returnValue('GET'));
$request->expects($this->any())->method('getServer')->will($this->returnValue('PHPUnit'));
$request->expects($this->any())->method('getHeader')->will($this->returnValue($clientHeader));
// Select an Authentication scheme
switch ($scheme) {
case 'basic':
$use = $this->_basicConfig;
break;
case 'digest':
$use = $this->_digestConfig;
break;
case 'both':
default:
$use = $this->_bothConfig;
}
// Create the HTTP Auth adapter
$a = new \Zend\Authentication\Adapter\Http($use);
$a->setBasicResolver($this->_basicResolver);
$a->setDigestResolver($this->_digestResolver);
// Send the authentication request
$a->setRequest($request);
$a->setResponse($response);
$result = $a->authenticate();
$return = array('result' => $result, 'status' => $response->getHttpResponseCode(), 'headers' => $response->getHeaders());
return $return;
}
/**
*
* @param type $authService
* @param type $em
* @param \App\MvcEvent $e
* @return type
*/
public function tryHttpAuth($authService, $em, MvcEvent $e)
{
$resolver = new DoctrineResolver($em, '\\Aaa\\Entity\\User');
$adapter = new Http(['realm' => 'Max', 'accept_schemes' => 'basic']);
$adapter->setBasicResolver($resolver);
$adapter->setRequest($e->getRequest());
// zato da se ne poĊĦiljajo http auth challenge nastavimo novi response, ki
// ne vpliva na pravi response
$adapter->setResponse(new Response());
// shranim si doctrine adapter
$originalAdapter = $authService->getAdapter();
$authService->setAdapter($adapter);
/* @var $authService AuthenticationService */
$authResult = $authService->authenticate();
if ($authResult->isValid()) {
$identity = $authResult->getIdentity();
$authService->getStorage()->write($identity);
} else {
$authService->setAdapter($originalAdapter);
$identity = null;
}
return $identity;
}
public function testNoResolvers()
{
$request = $this->getMock('Zend\\Controller\\Request\\Http');
$response = $this->getMock('Zend\\Controller\\Response\\Http');
// Stub request for Basic auth
$request->expects($this->any())->method('getHeader')->will($this->returnValue('Basic <followed by a space caracter'));
// Once for Basic
try {
$a = new Adapter\Http($this->_basicConfig);
$a->setRequest($request)->setResponse($response);
$result = $a->authenticate();
$this->fail("Tried Basic authentication without a resolver.\n" . \Zend\Debug::dump($result->getMessages(), null, false));
} catch (Adapter\Exception $e) {
// Good, it threw an exception
unset($a);
}
// Stub request for Digest auth, must be reseted (recreated)
$request = $this->getMock('Zend\\Controller\\Request\\Http');
$request->expects($this->any())->method('getHeader')->will($this->returnValue('Digest <followed by a space caracter'));
// Once for Digest
try {
$a = new Adapter\Http($this->_digestConfig);
$a->setRequest($request)->setResponse($response);
$result = $a->authenticate();
$this->fail("Tried Digest authentication without a resolver.\n" . \Zend\Debug::dump($result->getMessages(), null, false));
} catch (Adapter\Exception $e) {
// Good, it threw an exception
unset($a);
}
}
protected function getAuthService()
{
$config = array('accept_schemes' => 'basic', 'realm' => 'ref-pays-admin');
// if (null == $this->authService){
$httpAuthAdapter = new Http($config);
$authService = new AuthenticationService();
$basicResolver = new FileResolver();
$basicResolver->setFile(dirname(dirname(dirname(dirname(dirname(__DIR__))))) . '\\public\\files\\basicPasswd.txt');
$httpAuthAdapter->setBasicResolver($basicResolver);
$httpAuthAdapter->setRequest($this->getRequest());
$httpAuthAdapter->setResponse($this->getResponse());
$result = $httpAuthAdapter->authenticate();
if (!$result->isValid()) {
die(var_dump($result->getMessages()));
}
die('654645');
$authService->setAdapter($httpAuthAdapter);
$this->authService = $authService;
// }
return $this->authService;
}
/**
* Listen to the authentication event
*
* @param MvcAuthEvent $mvcAuthEvent
* @return mixed
*/
public function __invoke(MvcAuthEvent $mvcAuthEvent)
{
$mvcEvent = $mvcAuthEvent->getMvcEvent();
$request = $mvcEvent->getRequest();
$response = $mvcEvent->getResponse();
if (!$request instanceof HttpRequest || $request->isOptions()) {
return;
}
$type = false;
if ($this->httpAdapter instanceof HttpAuth) {
$this->httpAdapter->setRequest($request);
$this->httpAdapter->setResponse($response);
}
$authHeader = $request->getHeader('Authorization');
if ($authHeader) {
$headerContent = trim($authHeader->getFieldValue());
// we only support headers in the format: Authorization: xxx yyyyy
if (strpos($headerContent, ' ') === false) {
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
list($type, $credential) = preg_split('# #', $headerContent, 2);
}
if (!$type && !in_array($request->getMethod(), $this->requestsWithoutBodies) && $request->getHeaders()->has('Content-Type') && $request->getHeaders()->get('Content-Type')->match('application/x-www-form-urlencoded') && $request->getPost('access_token')) {
$type = 'oauth2';
}
if (!$type && null !== $request->getQuery('access_token')) {
$type = 'oauth2';
}
if (!$type) {
if ($this->httpAdapter instanceof HttpAuth) {
$this->httpAdapter->challengeClient();
}
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
switch (strtolower($type)) {
case 'basic':
case 'digest':
if (!$this->httpAdapter instanceof HttpAuth) {
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
$auth = $mvcAuthEvent->getAuthenticationService();
$result = $auth->authenticate($this->httpAdapter);
$mvcAuthEvent->setAuthenticationResult($result);
if ($result->isValid()) {
$resultIdentity = $result->getIdentity();
// Pass full discovered identity to AuthenticatedIdentity object
$identity = new Identity\AuthenticatedIdentity($resultIdentity);
// But determine name separately
$name = $resultIdentity;
if (is_array($resultIdentity)) {
$name = isset($resultIdentity['username']) ? $resultIdentity['username'] : (string) $resultIdentity;
}
$identity->setName($name);
// Set in MvcEvent
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
case 'oauth2':
case 'bearer':
if (!$this->oauth2Server instanceof OAuth2Server) {
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
$content = $request->getContent();
$oauth2request = new OAuth2Request($_GET, $_POST, array(), $_COOKIE, $_FILES, $_SERVER, $content);
if ($this->oauth2Server->verifyResourceRequest($oauth2request)) {
$token = $this->oauth2Server->getAccessTokenData($oauth2request);
$identity = new Identity\AuthenticatedIdentity($token);
$identity->setName($token['user_id']);
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
}
$identity = new Identity\GuestIdentity();
$mvcEvent->setParam('ZF\\MvcAuth\\Identity', $identity);
return $identity;
case 'token':
throw new \Exception('zf-mvc-auth has not yet implemented a "token" authentication adapter');
}
}
