/** * First step in the Google authentication process. * @return Redirection */ private function getStartGoogleAuthenticationResponse() { $response = new Redirection($this->getRequest()); $currentUser = Users::getCurrent(); try { // Set up the redirection to Google's authentication URL. $identityProvider = new GoogleIdentityProvider(); $response->setNextUrl($identityProvider->getAuthenticationUrl()); } catch (AuthenticationException $exception) { $response->setErrorMessage('Google authentication did not succeed.'); $response->setNextUrl($this->getRequest()->getCurrentUrl()); } return $response; }
/** * The default behaviour consists of executing a function named after the * HTTP method and the eventual action contained in the request, to produce * a Response object. * * @return \Eix\Core\Response * @throws \Eix\Core\Exception */ public final function getResponse() { if (empty($this->response)) { $httpMethod = $this->getRequest() ? strtoupper($this->getRequest()->getMethod()) : 'GET'; if ($this->isHttpMethodSupported($httpMethod)) { $functionName = $this->getFunctionName($httpMethod); Logger::get()->debug("Running responder method '{$functionName}'..."); // If the responder is a restricted one... if ($this instanceof \Eix\Core\Responders\Restricted) { // ... ensure the user is allowed to use that function. Users::getCurrent()->checkAuthorisation($this, $functionName); } // The response is the result of executing the appropriate // responder function. $this->response = $this->{$functionName}(); } else { throw new \Eix\Services\Net\Http\MethodNotAllowedException("This responder does not support {$httpMethod} requests."); } } return $this->response; }
/** * Generates an ID for a new user. * * @return string */ private static function getNewUserId() { // Get an Eix-compliant user ID from a unique ID. return Users::getUserId(array(uniqid())); }
/** * Use the specified identity provider to establish an authenticated * user. */ public static function getFromIdentityProvider(Provider $identityProvider) { // Have the identity provider authenticate the current identity. $identityProvider->authenticate(); // The identity is valid according to the provider, so authentication is // passed. $userId = $identityProvider->getUserId(); // Check for authorisation. try { Logger::get()->debug(sprintf('Checking OpenID user %s...', $userId)); $user = Users::getInstance()->findEntity($userId); // The user is valid according to our records. Keep it in the session. $user->authenticate($identityProvider); } catch (NotFoundException $exception) { Logger::get()->warning(sprintf('OpenID user %s is not known.', $userId)); throw new NotAuthorisedException('OpenID user is not authorised.'); } return $user; }