Esempio n. 1
5
 /**
  * {@inheritDoc}
  */
 public function authenticate(TokenInterface $token)
 {
     if (!$this->supports($token)) {
         return;
     }
     /* @var OAuthToken $token */
     $resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
     $userResponse = $resourceOwner->getUserInformation($token->getRawToken());
     try {
         $user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
     } catch (OAuthAwareExceptionInterface $e) {
         $e->setToken($token);
         $e->setResourceOwnerName($token->getResourceOwnerName());
         throw $e;
     }
     if (!$user instanceof UserInterface) {
         throw new AuthenticationServiceException('loadUserByOAuthUserResponse() must return a UserInterface.');
     }
     try {
         $this->userChecker->checkPreAuth($user);
         $this->userChecker->checkPostAuth($user);
     } catch (BadCredentialsException $e) {
         if ($this->hideUserNotFoundExceptions) {
             throw new BadCredentialsException('Bad credentials', 0, $e);
         }
         throw $e;
     }
     $token = new OAuthToken($token->getRawToken(), $user->getRoles());
     $token->setResourceOwnerName($resourceOwner->getName());
     $token->setUser($user);
     $token->setAuthenticated(true);
     return $token;
 }
Esempio n. 2
0
 /**
  * {@inheritDoc}
  */
 protected function attemptAuthentication(Request $request)
 {
     $this->handleOAuthError($request);
     /* @var ResourceOwnerInterface $resourceOwner */
     list($resourceOwner, $checkPath) = $this->resourceOwnerMap->getResourceOwnerByRequest($request);
     if (!$resourceOwner) {
         throw new AuthenticationException('No resource owner match the request.');
     }
     if (!$resourceOwner->handles($request)) {
         throw new AuthenticationException('No oauth code in the request.');
     }
     // If resource owner supports only one url authentication, call redirect
     if ($request->query->has('authenticated') && $resourceOwner->getOption('auth_with_one_url')) {
         $request->attributes->set('service', $resourceOwner->getName());
         return new RedirectResponse(sprintf('%s?code=%s&authenticated=true', $this->httpUtils->generateUri($request, 'hwi_oauth_connect_service'), $request->query->get('code')));
     }
     $resourceOwner->isCsrfTokenValid($request->get('state'));
     try {
         $accessToken = $resourceOwner->getAccessToken($request, $this->httpUtils->createRequest($request, $checkPath)->getUri());
     } catch (HttpTransportException $e) {
         throw new AuthenticationException('Cannot retrieve access token.');
     }
     $token = new OAuthToken($accessToken);
     $token->setResourceOwnerName($resourceOwner->getName());
     return $this->authenticationManager->authenticate($token);
 }
 /**
  * {@inheritDoc}
  */
 protected function attemptAuthentication(Request $request)
 {
     list($resourceOwner, $checkPath) = $this->resourceOwnerMap->getResourceOwnerByRequest($request);
     $accessToken = $resourceOwner->getAccessToken($request->query->get('code'), $this->httpUtils->createRequest($request, $checkPath)->getUri());
     $token = new OAuthToken($accessToken);
     $token->setResourceOwnerName($resourceOwner->getName());
     return $this->authenticationManager->authenticate($token);
 }
 /**
  * {@inheritDoc}
  */
 protected function attemptAuthentication(Request $request)
 {
     $this->handleOAuthError($request);
     list($resourceOwner, $checkPath) = $this->resourceOwnerMap->getResourceOwnerByRequest($request);
     if (!$resourceOwner->handles($request)) {
         throw new AuthenticationException('No oauth code in the request.');
     }
     $accessToken = $resourceOwner->getAccessToken($request, $this->httpUtils->createRequest($request, $checkPath)->getUri());
     $token = new OAuthToken($accessToken);
     $token->setResourceOwnerName($resourceOwner->getName());
     return $this->authenticationManager->authenticate($token);
 }
Esempio n. 5
0
 /**
  * {@inheritDoc}
  */
 protected function attemptAuthentication(Request $request)
 {
     list($resourceOwner, $checkPath) = $this->resourceOwnerMap->getResourceOwnerByRequest($request);
     if (!$resourceOwner->handles($request)) {
         // Can't use AuthenticationException below, as it leads to infinity loop
         throw new \RuntimeException('No oauth code in the request.');
     }
     $accessToken = $resourceOwner->getAccessToken($request, $this->httpUtils->createRequest($request, $checkPath)->getUri());
     $token = new OAuthToken($accessToken);
     $token->setResourceOwnerName($resourceOwner->getName());
     return $this->authenticationManager->authenticate($token);
 }
 /**
  * {@inheritDoc}
  */
 public function authenticate(TokenInterface $token)
 {
     $resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
     $userResponse = $resourceOwner->getUserInformation($token->getCredentials());
     try {
         $user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
     } catch (OAuthAwareExceptionInterface $e) {
         $e->setAccessToken($token->getCredentials());
         $e->setResourceOwnerName($token->getResourceOwnerName());
         throw $e;
     }
     $token = new OAuthToken($token->getCredentials(), $user->getRoles());
     $token->setUser($user);
     $token->setAuthenticated(true);
     return $token;
 }
Esempio n. 7
0
 /**
  * @param string $name
  *
  * @return ResourceOwnerInterface
  *
  * @throws \RuntimeException
  */
 protected function getResourceOwner($name)
 {
     $resourceOwner = $this->ownerMap->getResourceOwnerByName($name);
     if (!$resourceOwner instanceof ResourceOwnerInterface) {
         throw new \RuntimeException(sprintf("No resource owner with name '%s'.", $name));
     }
     return $resourceOwner;
 }
 /**
  * {@inheritDoc}
  */
 public function authenticate(TokenInterface $token)
 {
     if (!$this->supports($token)) {
         return null;
     }
     /* @var OAuthToken $token */
     $resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
     if ($token->getUser()) {
         $user = $this->userProvider->refreshUser($token->getUser());
     } else {
         try {
             $userResponse = $resourceOwner->getUserInformation($token->getRawToken());
         } catch (HttpTransportException $e) {
             $token = new AnonymousToken($token->getRawToken(), 'anon.');
             $token->setAuthenticated(true);
             return $token;
         } catch (RequestException $e) {
             $token = new AnonymousToken($token->getRawToken(), 'anon.');
             $token->setAuthenticated(true);
             return $token;
         }
         try {
             $user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
         } catch (OAuthAwareExceptionInterface $e) {
             $e->setToken($token);
             $e->setResourceOwnerName($token->getResourceOwnerName());
             throw $e;
         }
     }
     if (!$user instanceof UserInterface) {
         throw new AuthenticationServiceException('loadUserByOAuthUserResponse() must return a UserInterface.');
     }
     try {
         $this->userChecker->checkPreAuth($user);
         $this->userChecker->checkPostAuth($user);
     } catch (BadCredentialsException $e) {
         throw $e;
     }
     $token = new OAuthToken($token->getRawToken(), $user->getRoles());
     $token->setResourceOwnerName($resourceOwner->getName());
     $token->setUser($user);
     $token->setAuthenticated(true);
     return $token;
 }
Esempio n. 9
0
 /**
  * Attempts to authenticate a TokenInterface object.
  *
  * @param OAuthToken $token The TokenInterface instance to authenticate
  *
  * @return TokenInterface An authenticated TokenInterface instance, never null
  *
  * @throws AuthenticationException if the authentication fails
  */
 public function authenticate(TokenInterface $token)
 {
     $resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName($token->getResourceOwnerName());
     try {
         $userResponse = $resourceOwner->getUserInformation($token->getRawToken());
         $user = $this->userProvider->loadUserByOAuthUserResponse($userResponse);
     } catch (OAuthAwareExceptionInterface $e) {
         $e->setToken($token);
         $e->setResourceOwnerName($token->getResourceOwnerName());
         throw $e;
     }
     $organization = $this->guessOrganization($user, $token);
     $token = new OAuthToken($token->getRawToken(), $user->getRoles());
     $token->setResourceOwnerName($resourceOwner->getName());
     $token->setOrganizationContext($organization);
     $token->setUser($user);
     $token->setAuthenticated(true);
     $this->userChecker->checkPostAuth($user);
     return $token;
 }
Esempio n. 10
0
 public function testTokenShouldBeAuthenticated()
 {
     $this->oauthProvider->setTokenFactory($this->tokenFactory);
     $token = new OAuthToken('token');
     $token->setResourceOwnerName('google');
     $organization = new Organization();
     $organization->setEnabled(true);
     $token->setOrganizationContext($organization);
     $userResponse = $this->getMock('HWI\\Bundle\\OAuthBundle\\OAuth\\Response\\UserResponseInterface');
     $resourceOwner = $this->getMock('HWI\\Bundle\\OAuthBundle\\OAuth\\ResourceOwnerInterface');
     $resourceOwner->expects($this->any())->method('getName')->will($this->returnValue('google'));
     $resourceOwner->expects($this->any())->method('getUserInformation')->will($this->returnValue($userResponse));
     $this->resourceOwnerMap->expects($this->any())->method('getResourceOwnerByName')->will($this->returnValue($resourceOwner));
     $user = new User();
     $user->addOrganization($organization);
     $this->userProvider->expects($this->any())->method('loadUserByOAuthUserResponse')->with($userResponse)->will($this->returnValue($user));
     $resultToken = $this->oauthProvider->authenticate($token);
     $this->assertInstanceOf('Oro\\Bundle\\SSOBundle\\Security\\OAuthToken', $resultToken);
     $this->assertSame($user, $resultToken->getUser());
     $this->assertEquals('google', $resultToken->getResourceOwnerName());
     $this->assertTrue($resultToken->isAuthenticated());
 }
 /**
  * @param string $accessToken
  *
  * @return PathUserResponse
  */
 public function getUserInfo($accessToken)
 {
     $resourceOwner = $this->resourceOwnerMap->getResourceOwnerByName(self::RESOURCE_OWNER_GOOGLE);
     return $resourceOwner->getUserInformation(['access_token' => $accessToken]);
 }
Esempio n. 12
0
 /**
  * {@inheritDoc}
  */
 public function supports(TokenInterface $token)
 {
     return $token instanceof OAuthToken && $this->resourceOwnerMap->hasResourceOwnerByName($token->getResourceOwnerName());
 }