/**
* Set user data using shibboleth heders as data source
*
* @param \FOS\UserBundle\Entity\User $user
* @param \KULeuven\ShibbolethBundle\Security\ShibbolethUserToken $token
*/
private function setUserData(BaseUser $user, ShibbolethUserToken $token)
{
if ($user instanceof User) {
$user->setGivenName($token->getGivenName());
$user->setSurname($token->getSurname());
}
$user->setPlainPassword('no_passwd');
if (null != $token->getMail()) {
$user->setEmail($token->getMail());
} else {
$user->setEmail($token->getUsername() . '@kuleuven.be');
}
if ($token->isStudent()) {
$user->addRole('ROLE_STUDENT');
} elseif ($token->isStaff()) {
$user->addRole('ROLE_STAFF');
} else {
$user->addRole('ROLE_GUEST');
}
$user->addRole('ROLE_USER');
$user->setEnabled(true);
$this->userManager->updateUser($user);
}
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return null;
}
if (!($user = $token->getUser())) {
throw new BadCredentialsException('No pre-authenticated shibboleth principal found in request.');
}
try {
$user = $this->retrieveUser($token);
$this->checkAuthentication($user, $token);
if ($user instanceof UserInterface) {
$this->userChecker->checkPostAuth($user);
}
$authenticatedToken = new ShibbolethUserToken($user, $token->getAttributes());
$authenticatedToken->setAuthenticated(true);
if (null !== $this->logger) {
$this->logger->debug(sprintf('ShibbolethAuthProvider: authenticated token: %s', $authenticatedToken));
}
return $authenticatedToken;
} catch (UsernameNotFoundException $notFound) {
throw $notFound;
}
}