/**
* Inserts a minimalistic user document into the database.
*
* @param string $dbConn Database connection string
* @param string $username Login name
* @param string $password Credential
* @param string $email Email
*
* @return bool
*
* @codeCoverageIgnore Untestable due to missing test database
*/
public function process($dbConn, $username, $password, $email)
{
$m = @new \MongoClient($dbConn);
$dbName = $this->databaseNameExtractor->filter($dbConn);
$credential = $this->credentialFilter->filter($password);
$db = $m->selectDB($dbName);
$collection = $db->selectCollection('users');
$document = array('isDraft' => false, 'role' => 'admin', 'login' => $username, 'credential' => $credential, 'info' => ['email' => $email]);
$result = $collection->insert($document);
return isset($result['ok']) && 1 === $result['ok'];
}
public function authenticate()
{
if (!in_array($this->getApplicationKey(), $this->getApplicationKeys())) {
return new Result(Result::FAILURE, $this->getIdentity(), array('Invalid application key'));
}
$identity = $this->getIdentity();
$applicationId = '@' . $this->getApplicationIdentifier();
$applicationIdIndex = strrpos($identity, $applicationId);
//$login = (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex)?substr($identity, 0, $applicationIdIndex):$identity;
$login = $identity;
$users = $this->getRepository();
$user = $users->findByLogin($login);
$filter = new CredentialFilter();
$credential = $this->getCredential();
$loginSuccess = False;
$loginResult = array();
if (0 < $applicationIdIndex && strlen($identity) - strlen($applicationId) == $applicationIdIndex) {
$this->serviceManager->get('Log/Core/Cam')->debug('User ' . $login . ', login with correct suffix: ');
// the login ends with the applicationID, therefore use the secret key
// the external login must be the form 'xxxxx@yyyy' where yyyy is the matching suffix to the external application key
if (isset($user)) {
if ($user->secret == $filter->filter($credential)) {
$loginSuccess = True;
} else {
$loginSuccess = False;
$this->serviceManager->get('Log/Core/Cam')->info('User ' . $login . ', secret: ' . $user->secret . ' != loginPassword: '******' (' . $credential . ')');
}
} else {
$user = $users->create(array('login' => $login, 'password' => $credential, 'secret' => $filter->filter($credential), 'role' => 'recruiter'));
$users->store($user);
$loginSuccess = True;
$loginResult = array('firstLogin' => True);
}
} elseif (isset($user)) {
$this->serviceManager->get('Log/Core/Cam')->debug('User ' . $login . ', login with noncorrect suffix: ');
if ($user->credential == $filter->filter($credential)) {
$this->serviceManager->get('Log/Core/Cam')->debug('User ' . $login . ', credentials are equal');
$loginSuccess = True;
} elseif (!empty($applicationId)) {
$this->serviceManager->get('Log/Core/Cam')->debug('User ' . $login . ', credentials are not equal');
// TODO: remove this code as soon as the secret key has been fully established
// basically this does allow an external login with an applicationIndex match against the User-Password
// the way it had been used in the start
if ($user->credential == $filter->filter($credential)) {
$this->serviceManager->get('Log/Core/Cam')->debug('User ' . $login . ', credentials2 test');
$loginSuccess = True;
}
}
}
if (!$loginSuccess) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
}
return new Result(Result::SUCCESS, $user->id, $loginResult);
}
/**
* Performs an authentication attempt
*
* {@inheritDoc}
*
*/
public function authenticate()
{
/* @var $users \Auth\Repository\User */
$identity = $this->getIdentity();
$users = $this->getRepository();
$user = $users->findByLogin($identity);
$filter = new CredentialFilter();
$credential = $this->getCredential();
if (!$user || $user->getCredential() != $filter->filter($credential)) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
}
return new Result(Result::SUCCESS, $user->getId());
}
public function authenticate()
{
$identity = $this->getIdentity();
$users = $this->getRepository();
$user = $users->findByLogin($identity);
$filter = new CredentialFilter();
$credential = $this->getCredential();
if (!$user) {
if (!$this->defaultUser || $identity != $this->defaultUser[0]) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, $identity, array('User not known or invalid credential'));
}
$password = $this->defaultUser[1];
$user = $users->create(array('login' => $identity, 'password' => $password));
$users->getDocumentManager()->persist($user);
}
if ($user->credential != $filter->filter($credential)) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, $identity, array('User not known or invalid credential'));
}
return new Result(Result::SUCCESS, $user->id);
}
/** {@inheritdoc} */
public function setPassword($password)
{
$filter = new Filter\CredentialFilter();
$credential = $filter->filter($password);
return $this->setCredential($credential);
}
