/**
  * {@inheritdoc}
  */
 public function authenticate(TokenInterface $token)
 {
     if (false === $this->supports($token)) {
         return;
     }
     $publicKey = $token->getUsername();
     if (null === ($nonce = $this->readNonceValue($token->getNonce()))) {
         $this->onInvalidAuthentication();
     }
     $user = $this->userProvider->loadUserByPublicKey($publicKey);
     if (null === $user) {
         $this->onInvalidAuthentication();
     }
     $token->setUser($user);
     $signature_encoder = new RequestSignatureEncoder();
     if (false === $signature_encoder->isApiSignatureValid($token, $nonce[1])) {
         $this->onInvalidAuthentication();
     }
     if (time() > $nonce[0] + $this->lifetime) {
         $this->removeNonce($token->getNonce());
         throw new SecurityException('Prior authentication expired', SecurityException::EXPIRED_AUTH);
     }
     $authenticatedToken = new PublicKeyToken($this->getRoles($user));
     $authenticatedToken->setUser($user)->setNonce($token->getNonce())->setCreated(new \DateTime())->setLifetime($this->lifetime);
     $this->writeNonceValue($authenticatedToken);
     return $authenticatedToken;
 }
Esempio n. 2
0
 /**
  * @access public
  */
 public function generateKeyAction(Request $request)
 {
     $values = $request->request->get('generator');
     $signature = null;
     if ('POST' === $request->getMethod()) {
         $encoder = new RequestSignatureEncoder();
         $requestToBeSigned = Request::create($values['url'], $values['method']);
         $signature = $encoder->createSignature($requestToBeSigned, $values['private_key']);
     }
     return $this->render('Rest/test.html.twig', array('form' => $values, 'signature' => $signature));
 }
 /**
  * Updates the nonce value.
  *
  * @param string $nonce
  */
 protected function writeNonceValue(BBUserToken $token)
 {
     $now = strtotime($token->getCreated());
     $nonce = $token->getNonce();
     $signature_generator = new RequestSignatureEncoder();
     $signature = $signature_generator->createSignature($token);
     if (null === $this->registryRepository) {
         file_put_contents($this->nonceDir . DIRECTORY_SEPARATOR . $nonce, "{$now};{$signature}");
     } else {
         $registry = $this->getRegistry($nonce)->setValue("{$now};{$signature}");
         $this->registryRepository->save($registry);
     }
 }