public function checkout(AbstractClassContent $content, BBUserToken $token) { $revision = new Revision(); $revision->setAccept($content->getAccept()); $revision->setContent($content); $revision->setData($content->getDataToObject()); $revision->setLabel($content->getLabel()); $maxEntry = (array) $content->getMaxEntry(); $minEntry = (array) $content->getMinEntry(); $revision->setMaxEntry($maxEntry); $revision->setMinEntry($minEntry); $revision->setOwner($token->getUser()); foreach ($content->getAllParams() as $key => $value) { if (null !== $content->getParamValue($key)) { $revision->setParam($key, $content->getParamValue($key)); } } $revision->setRevision($content->getRevision() ? $content->getRevision() : 0); $revision->setState($content->getRevision() ? Revision::STATE_MODIFIED : Revision::STATE_ADDED); return $revision; }
/** * @Rest\RequestParam(name="username", requirements={@Assert\NotBlank}) * @Rest\RequestParam(name="password", requirements={@Assert\NotBlank}) */ public function authenticateAction(Request $request) { $created = date('Y-m-d H:i:s'); $token = new BBUserToken(); $token->setUser($request->request->get('username')); $token->setCreated($created); $token->setNonce(md5(uniqid('', true))); $token->setDigest(md5($token->getNonce() . $created . md5($request->request->get('password')))); $tokenAuthenticated = $this->getApplication()->getSecurityContext()->getAuthenticationManager()->authenticate($token); if (!$tokenAuthenticated->getUser()->getApiKeyEnabled()) { throw new DisabledException('API access forbidden'); } $this->getApplication()->getSecurityContext()->setToken($tokenAuthenticated); return $this->createJsonResponse(null, 201, array('X-API-KEY' => $tokenAuthenticated->getUser()->getApiKeyPublic(), 'X-API-SIGNATURE' => $tokenAuthenticated->getNonce())); }
protected function setUp() { $this->initAutoload(); $bbapp = $this->getBBApp(); $this->initDb($bbapp); $this->initAcl(); $this->getBBApp()->setIsStarted(true); // save user $group = new Group(); $group->setName('groupName'); $bbapp->getEntityManager()->persist($group); // valid user $this->user = new User(); $this->user->addGroup($group); $this->user->setLogin('user123'); $this->user->setEmail('*****@*****.**'); $this->user->setPassword('password123'); $this->user->setActivated(true); $bbapp->getEntityManager()->persist($this->user); // inactive user $user = new User(); $user->addGroup($group); $user->setLogin('user123inactive'); $user->setEmail('*****@*****.**'); $user->setPassword('password123'); $user->setActivated(false); $bbapp->getEntityManager()->persist($user); $bbapp->getEntityManager()->flush(); // login user $created = date('Y-m-d H:i:s'); $token = new BBUserToken(); $token->setUser($this->user); $token->setCreated($created); $token->setNonce(md5(uniqid('', true))); $token->setDigest(md5($token->getNonce() . $created . md5($this->user->getPassword()))); $this->getSecurityContext()->setToken($token); // set up permissions $aclManager = $this->getBBApp()->getContainer()->get('security.acl_manager'); $aclManager->insertOrUpdateClassAce(new ObjectIdentity('all', get_class($this->user)), UserSecurityIdentity::fromAccount($this->user), MaskBuilder::MASK_IDDQD); }
public function checkIdentity($username, $password) { $created = date('Y-m-d H:i:s'); $token = new BBUserToken(); $token->setUser($request->request->get('username')); $token->setCreated($created); $token->setNonce(md5(uniqid('', true))); $token->setDigest(md5($token->getNonce() . $created . md5($password))); $tokenAuthenticated = $this->getApplication()->getSecurityContext()->getAuthenticationManager()->authenticate($token); $this->getApplication()->getSecurityContext()->setToken($tokenAuthenticated); }
/** * @codeCoverageIgnore * {@inheritdoc} */ public function eraseCredentials() { parent::eraseCredentials(); $this->_credentials = null; }
/** * Create a signature for a given user. * * @param BackBee\Security\Token\BBUserToken the token we want to generate API signature key * * @return string the generated signature */ public function createSignature(BBUserToken $token) { return md5($token->getUser()->getApiKeyPublic() . $token->getUser()->getApiKeyPrivate() . $token->getNonce()); }
/** * Creates a user for the specified group, and authenticates a BBUserToken. * * @param string $groupId * * @return \BackBee\Security\Token\BBUserToken */ protected function createAuthUser($groupId, $roles = array('ROLE_API_USER')) { $token = new BBUserToken($roles); $user = new User(); $user->setEmail('*****@*****.**')->setLogin('admin')->setPassword('pass')->setApiKeyPrivate(uniqid("PRIVATE", true))->setApiKeyPublic(uniqid("PUBLIC", true))->setApiKeyEnabled(true); $group = $this->getBBApp()->getEntityManager()->getRepository('BackBee\\Security\\Group')->findOneBy(array('_name' => $groupId)); if (!$group) { $group = new Group(); $group->setName($groupId); $this->getBBApp()->getEntityManager()->persist($group); $this->getBBApp()->getEntityManager()->flush($group); } $user->addGroup($group); $token->setAuthenticated(true); $token->setUser($user)->setCreated(new \DateTime())->setLifetime(300); $this->getSecurityContext()->setToken($token); return $user; }
/** * Updates the nonce value. * * @param string $nonce */ protected function writeNonceValue(BBUserToken $token) { $now = strtotime($token->getCreated()); $nonce = $token->getNonce(); $signature_generator = new RequestSignatureEncoder(); $signature = $signature_generator->createSignature($token); if (null === $this->registryRepository) { file_put_contents($this->nonceDir . DIRECTORY_SEPARATOR . $nonce, "{$now};{$signature}"); } else { $registry = $this->getRegistry($nonce)->setValue("{$now};{$signature}"); $this->registryRepository->save($registry); } }