/**
     * Handles channel management.
     *
     * @param Event $event An Event instance
     */
    public function handle(Event $event)
    {
        $request = $event->get('request');

        list($attributes, $channel) = $this->map->getPatterns($request);

        if ('https' === $channel && !$request->isSecure()) {
            if (null !== $this->logger) {
                $this->logger->debug('Redirecting to HTTPS');
            }

            $event->setReturnValue($this->authenticationEntryPoint->start($request));

            return true;
        }

        if ('http' === $channel && $request->isSecure()) {
            if (null !== $this->logger) {
                $this->logger->debug('Redirecting to HTTP');
            }

            $event->setReturnValue($this->authenticationEntryPoint->start($request));

            return true;
        }
    }
 /**
  * Handles security.
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) {
         return;
     }
     $request = $event->get('request');
     // disconnect all listeners from core.security to avoid the overhead
     // of most listeners having to do this manually
     $this->dispatcher->disconnect('core.security');
     // ensure that listeners disconnect from wherever they have connected to
     foreach ($this->currentListeners as $listener) {
         $listener->unregister($this->dispatcher);
     }
     // register listeners for this firewall
     list($listeners, $exception) = $this->map->getListeners($request);
     if (null !== $exception) {
         $exception->register($this->dispatcher);
     }
     foreach ($listeners as $listener) {
         $listener->register($this->dispatcher);
     }
     // save current listener instances
     $this->currentListeners = $listeners;
     $this->currentListeners[] = $exception;
     // initiate the listener chain
     $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request)));
     if ($e->isProcessed()) {
         $event->setReturnValue($e->getReturnValue());
         return true;
     }
     return;
 }
 /**
  * Handles basic authentication.
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     $request = $event->getParameter('request');
     if (false === ($username = $request->server->get('PHP_AUTH_USER', false))) {
         return;
     }
     if (null !== ($token = $this->securityContext->getToken())) {
         if ($token->isImmutable()) {
             return;
         }
         if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $username) {
             return;
         }
     }
     if (null !== $this->logger) {
         $this->logger->debug(sprintf('Basic Authentication Authorization header found for user "%s"', $username));
     }
     try {
         $token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->server->get('PHP_AUTH_PW')));
         $this->securityContext->setToken($token);
     } catch (AuthenticationException $failed) {
         $this->securityContext->setToken(null);
         if (null !== $this->logger) {
             $this->logger->debug(sprintf('Authentication request failed: %s', $failed->getMessage()));
         }
         if ($this->ignoreFailure) {
             return;
         }
         $event->setReturnValue($this->authenticationEntryPoint->start($request, $failed));
         return true;
     }
 }
Exemple #4
0
 public function handle(Event $event)
 {
     if (HttpKernelInterface::MASTER_REQUEST !== $event->getParameter('request_type')) {
         return false;
     }
     $exception = $event->getParameter('exception');
     $request = $event->getParameter('request');
     if (null !== $this->logger) {
         $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage()));
     } else {
         error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine()));
     }
     $logger = null !== $this->logger ? $this->logger->getDebugLogger() : null;
     $attributes = array('_controller' => $this->controller, 'exception' => FlattenException::create($exception), 'logger' => $logger, 'format' => 0 === strncasecmp(PHP_SAPI, 'cli', 3) ? 'txt' : $request->getRequestFormat());
     $request = $request->duplicate(null, null, $attributes);
     try {
         $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true);
     } catch (\Exception $e) {
         if (null !== $this->logger) {
             $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
         }
         // re-throw the exception as this is a catch-all
         throw new \RuntimeException('Exception thrown when handling an exception.', 0, $e);
     }
     $event->setReturnValue($response);
     return true;
 }
 public function handle(Event $event)
 {
     if (HttpKernelInterface::MASTER_REQUEST !== $event->getParameter('request_type')) {
         return false;
     }
     $exception = $event->getParameter('exception');
     if (null !== $this->logger) {
         $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage()));
     } else {
         error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine()));
     }
     $class = $this->container->getParameter('exception_manager.class');
     $logger = $this->container->has('logger.debug') ? $this->container->get('logger.debug') : null;
     $attributes = array('_controller' => $this->controller, 'manager' => new $class($exception, $event->getParameter('request'), $logger));
     $request = $event->getParameter('request')->duplicate(null, null, $attributes);
     try {
         $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true);
     } catch (\Exception $e) {
         if (null !== $this->logger) {
             $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
         }
         return false;
     }
     $event->setReturnValue($response);
     return true;
 }
    /**
     * Handles security.
     *
     * @param Event $event An Event instance
     */
    public function handle(Event $event)
    {
        if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) {
            return;
        }

        $request = $event->get('request');

        $this->dispatcher->disconnect('core.security');
        list($listeners, $exception) = $this->map->getListeners($request);
        if (null !== $exception) {
            $exception->register($this->dispatcher);
        }
        foreach ($listeners as $listener) {
            $listener->register($this->dispatcher);
        }

        $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request)));
        if ($e->isProcessed()) {
            $event->setReturnValue($e->getReturnValue());

            return true;
        }

        return;
    }
Exemple #7
0
 /**
  * 
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     $request = $event->getParameter('request');
     if ($this->logoutPath !== $request->getPathInfo()) {
         return;
     }
     $this->securityContext->setToken(null);
     $request->getSession()->invalidate();
     $response = new Response();
     $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302);
     $event->setReturnValue($response);
     return true;
 }
 /**
  * Handles form based authentication.
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     $request = $event->getParameter('request');
     if ($this->options['check_path'] !== $request->getPathInfo()) {
         return;
     }
     try {
         if (null === ($token = $this->attemptAuthentication($request))) {
             return;
         }
         $response = $this->onSuccess($request, $token);
     } catch (AuthenticationException $failed) {
         $response = $this->onFailure($request, $failed);
     }
     $event->setReturnValue($response);
     return true;
 }
 /**
  * Checks for a NoUserForPrincipalException and unauthenticates the user
  * locally and then remotely by redirecting to the CAS logout URL.
  *
  * @param Symfony\Component\EventDispatcher\Event $event
  */
 public function handle(Event $event)
 {
     if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) {
         return;
     }
     if ($this->container->has('simplecas')) {
         $exception = $event->get('exception');
         if ($exception instanceof NoUserForPrincipalException) {
             if (null !== $this->logger) {
                 $this->logger->err(sprintf('Redirecting to CAS logout page (%s)', $exception->getMessage()));
             }
             $simplecas = $this->container->get('simplecas');
             $simplecas->unauthenticate();
             $response = $this->container->get('response');
             $response->setStatusCode(302);
             $response->headers->set('Location', $simplecas->getLogoutUrl());
             $event->setReturnValue($response);
             return true;
         }
     }
 }
Exemple #10
0
 /**
  * Handles digest authentication.
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     $request = $event->getParameter('request');
     if (!$request->get($this->usernameParameter)) {
         return;
     }
     if ('_exit' === $request->get($this->usernameParameter)) {
         $this->securityContext->setToken($this->attemptExitUser($request));
     } else {
         try {
             $this->securityContext->setToken($this->attemptSwitchUser($request));
         } catch (AuthenticationException $e) {
             if (null !== $this->logger) {
                 $this->logger->debug(sprintf('Switch User failed: "%s"', $e->getMessage()));
             }
         }
     }
     $response = new Response();
     $request->server->set('QUERY_STRING', '');
     $response->setRedirect($request->getUri(), 302);
     $event->setReturnValue($response);
     return true;
 }
Exemple #11
0
 /**
  * Handles security related exceptions.
  *
  * @param Event $event An Event instance
  */
 public function handleException(Event $event)
 {
     $exception = $event->getParameter('exception');
     $request = $event->getParameter('request');
     if ($exception instanceof AuthenticationException) {
         if (null !== $this->logger) {
             $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage()));
         }
         try {
             $response = $this->startAuthentication($request, $exception);
         } catch (\Exception $e) {
             $event->setParameter('exception', $e);
             return;
         }
     } elseif ($exception instanceof AccessDeniedException) {
         $token = $this->context->getToken();
         if (null === $token || $token instanceof AnonymousToken) {
             if (null !== $this->logger) {
                 $this->logger->info('Access denied (user is anonymous); redirecting to authentication entry point');
             }
             try {
                 $response = $this->startAuthentication($request, new InsufficientAuthenticationException('Full authentication is required to access this resource.', $token, 0, $exception));
             } catch (\Exception $e) {
                 $event->setParameter('exception', $e);
                 return;
             }
         } else {
             if (null !== $this->logger) {
                 $this->logger->info('Access is denied (and user is not anonymous)');
             }
             if (null === $this->errorPage) {
                 return;
             }
             $subRequest = Request::create($this->errorPage);
             $subRequest->attributes->set(SecurityContext::ACCESS_DENIED_ERROR, $exception->getMessage());
             try {
                 $response = $event->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true);
             } catch (\Exception $e) {
                 if (null !== $this->logger) {
                     $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()));
                 }
                 $event->setParameter('exception', new \RuntimeException('Exception thrown when handling an exception.', 0, $e));
                 return;
             }
             $response->setStatusCode(403);
         }
     } else {
         return;
     }
     $event->setReturnValue($response);
     return true;
 }
Exemple #12
0
 /**
  * Performs the logout if requested
  *
  * @param Event $event An Event instance
  */
 public function handle(Event $event)
 {
     $request = $event->get('request');
     if ($this->logoutPath !== $request->getPathInfo()) {
         return;
     }
     $response = new Response();
     $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302);
     $token = $this->securityContext->getToken();
     foreach ($this->handlers as $handler) {
         $handler->logout($request, $response, $token);
     }
     $this->securityContext->setToken(null);
     $event->setReturnValue($response);
     return true;
 }
Exemple #13
0
 public function handle(Event $event)
 {
     static $handling;
     if (true === $handling) {
         return false;
     }
     $handling = true;
     $exception = $event->get('exception');
     $request = $event->get('request');
     if (null !== $this->logger) {
         $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage()));
     } else {
         error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine()));
     }
     $logger = null !== $this->logger ? $this->logger->getDebugLogger() : null;
     $attributes = array('_controller' => $this->controller, 'exception' => FlattenException::create($exception), 'logger' => $logger, 'format' => 0 === strncasecmp(PHP_SAPI, 'cli', 3) ? 'txt' : $request->getRequestFormat());
     $request = $request->duplicate(null, null, $attributes);
     try {
         $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true);
     } catch (\Exception $e) {
         $message = sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage());
         if (null !== $this->logger) {
             $this->logger->err($message);
         } else {
             error_log($message);
         }
         throw $exception;
     }
     $event->setReturnValue($response);
     $handling = false;
     return true;
 }