getCredentials() public method

public getCredentials ( )
 /**
  * {@inheritdoc}
  */
 protected function retrieveUser($username, UsernamePasswordToken $token)
 {
     $user = $token->getUser();
     if ($user instanceof UserInterface) {
         return $user;
     }
     try {
         if ($this->getAuthService()->hasPartnerAuth()) {
             try {
                 $user = $this->userProvider->loadUserByUsername($username);
                 $bind = $this->getUserService()->getUserBindByTypeAndUserId($this->getAuthService()->getPartnerName(), $user['id']);
                 if ($bind) {
                     $partnerUser = $this->getAuthService()->checkPartnerLoginById($bind['fromId'], $token->getCredentials());
                     if ($partnerUser) {
                         $user = $this->syncEmailAndPassword($user, $partnerUser, $token);
                     }
                 }
             } catch (UsernameNotFoundException $notFound) {
                 if (filter_var($username, FILTER_VALIDATE_EMAIL)) {
                     $partnerUser = $this->getAuthService()->checkPartnerLoginByEmail($username, $token->getCredentials());
                 } else {
                     $partnerUser = $this->getAuthService()->checkPartnerLoginByNickname($username, $token->getCredentials());
                 }
                 if (empty($partnerUser)) {
                     throw $notFound;
                 }
                 $bind = $this->getUserService()->getUserBindByTypeAndFromId($this->getAuthService()->getPartnerName(), $partnerUser['id']);
                 if ($bind) {
                     $user = $this->getUserService()->getUser($bind['toId']);
                     $user = $this->syncEmailAndPassword($user, $partnerUser, $token);
                 } else {
                     $setting = $this->getSettingService()->get('user_partner', array());
                     $email_filter = explode("\n", $setting['email_filter']);
                     if (in_array($partnerUser['email'], $email_filter)) {
                         $partnerUser['email'] = $partnerUser['id'] . '_dz_' . $this->getRandomString(5) . '@edusoho.net';
                     }
                     $registration = array();
                     $registration['nickname'] = $partnerUser['nickname'];
                     $registration['email'] = $partnerUser['email'];
                     $registration['password'] = $token->getCredentials();
                     $registration['createdIp'] = $partnerUser['createdIp'];
                     $registration['token'] = array('userId' => $partnerUser['id']);
                     $this->getUserService()->register($registration, $this->getAuthService()->getPartnerName());
                     $user = $this->userProvider->loadUserByUsername($username);
                 }
             }
         } else {
             $user = $this->userProvider->loadUserByUsername($username);
         }
         if (!$user instanceof UserInterface) {
             throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
         }
         return $user;
     } catch (UsernameNotFoundException $notFound) {
         $notFound->setUsername($username);
         throw $notFound;
     } catch (\Exception $repositoryProblem) {
         $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
         $ex->setToken($token);
         throw $ex;
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof UserInterface) {
         if ($currentUser->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if ($user instanceof User) {
             $encoder = $this->encoderFactory->getEncoder($user);
             if (!$encoder->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
                 throw new BadCredentialsException('The presented password is invalid.');
             }
         } else {
             $ldap = new Ldap($this->params['host'], $this->params['port'], $this->params['version']);
             $bind = $ldap->bind($user->getUsername(), $presentedPassword);
             $this->logger->debug(sprintf('LDAP bind with username "%s" and password "%s" yielded: %s', $user->getUsername(), $presentedPassword, print_r($bind, true)));
             if (!$bind) {
                 throw new BadCredentialsException('The presented password is invalid.');
             }
             // There's likely more data in the LDAP result now after a successful bind
             $this->userProvider->refreshUser($user);
         }
     }
 }
 public function authUserFromRedmine(UsernamePasswordToken $token)
 {
     $pass = $token->getCredentials();
     $username = $token->getUser();
     try {
         $response = $this->client->redmineLogin($username, $pass);
         $q = json_decode($response);
         $em = $this->em;
         $user = $em->getRepository("RedmineAppBundle:RedmineUser")->findOneBy(['redmineToken' => $q->user->api_key, 'redmineUserID' => $q->user->id]);
         if ($user) {
             return $user->getUsername();
         } else {
             $user = new RedmineUser();
             $user->setUsername($q->user->login)->setEmail($q->user->mail)->setPassword($this->encoder->encodePassword($user, md5(uniqid())))->setName($q->user->firstname)->setSurname($q->user->lastname)->setRedmineUserID($q->user->id)->setRedmineToken($q->user->api_key);
             $settings = new Settings();
             $settings->setSms(false)->setPush(false)->setCheckFirst(Carbon::createFromTime(17, 45))->setCheckSecond(Carbon::createFromTime(20, 0))->setCheckThird(Carbon::createFromTime(9, 30))->setUser($user);
             $this->em->persist($user);
             $this->em->persist($settings);
             $this->em->flush();
             return $user->getUsername();
         }
     } catch (\Exception $e) {
         return null;
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof UserInterface) {
         if ($currentUser->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         $client = $this->clientFactory->build('en');
         $request = CustomerLoginRequest::ofEmailAndPassword($token->getUser(), $presentedPassword);
         $response = $request->executeWithClient($client);
         if ($response->isError()) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
         $result = $request->mapResponse($response);
         $customer = $result->getCustomer();
         if ($currentUser !== $customer->getEmail()) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
         $this->session->set('customer.id', $customer->getId());
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $password = $token->getCredentials();
     if ($password === null || $password === '') {
         throw new BadCredentialsException('The presented password is invalid.');
     }
     return parent::checkAuthentication($user, $token);
 }
 public function authenticate(TokenInterface $token)
 {
     if ($this->code != $token->getCredentials()) {
         throw new AuthenticationException("Authentication code does not match");
     }
     $user = $token->getUser();
     // TODO: Provide a mechanism to get the real user object, and set user roles in token
     $token = new UsernamePasswordToken($user, $token->getCredentials(), $this->name, ['ROLE_USER']);
     return $token;
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $password = $token->getCredentials();
     try {
         $username = $user->getUsername();
         $this->ldap->bind($username, $password);
     } catch (ConnectionException $e) {
         throw new BadCredentialsException('The presented password is invalid.');
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function retrieveUser($username, UsernamePasswordToken $token)
 {
     $repository = $this->getRepository();
     try {
         $apiUser = $repository->getUserService()->loadUserByCredentials($username, $token->getCredentials());
         $repository->setCurrentUser($apiUser);
         return new User($apiUser);
     } catch (NotFoundException $e) {
         throw new AuthenticationException('Authentication to eZ Publish failed', $e->getCode(), $e);
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $username = $token->getUsername();
     $password = $token->getCredentials();
     try {
         $username = $this->ldap->escape($username, '', LDAP_ESCAPE_DN);
         $dn = str_replace('{username}', $username, $this->dnString);
         $this->ldap->bind($dn, $password);
     } catch (ConnectionException $e) {
         throw new BadCredentialsException('The presented password is invalid.');
     }
 }
Esempio n. 10
0
 public function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $connector = new Connector($user->getUsername(), $token->getCredentials());
     if (!$connector->isSignedIn()) {
         throw new BadCredentialsException();
     }
     $student = $connector->getStudent();
     $user->fromStudent($student);
     $user->setLastConnectionAt(new \DateTime());
     if ($user->getId() == null || $user->getAccount() == null) {
         $user->setAccount(new Account());
     }
     $this->em->persist($user);
     $this->em->flush();
 }
Esempio n. 11
0
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof UserInterface) {
         if ($currentUser->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if ('' === ($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function retrieveUser($username, UsernamePasswordToken $token)
 {
     $user = $token->getUser();
     if ($user instanceof UserInterface) {
         return $user;
     }
     try {
         $user = $this->userProvider->loadUserByUsernameAndPassword($username, $token->getCredentials());
         if (!$user instanceof UserInterface) {
             throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
         }
         return $user;
     } catch (UsernameNotFoundException $notFound) {
         throw $notFound;
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(AccountInterface $account, UsernamePasswordToken $token)
 {
     $user = $token->getUser();
     if ($user instanceof AccountInterface) {
         if ($account->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!($presentedPassword = (string) $token->getCredentials())) {
             throw new BadCredentialsException('Bad credentials');
         }
         if (!$this->encoderFactory->getEncoder($account)->isPasswordValid($account->getPassword(), $presentedPassword, $account->getSalt())) {
             throw new BadCredentialsException('Bad credentials');
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 public function handle(Request $request, ClientInterface $client)
 {
     $username = $request->request->get('username');
     $password = $request->request->get('password');
     $scope = $request->request->get('scope');
     if (empty($username)) {
         throw new OAuthInvalidRequestException('Missing username parameter.');
     }
     if (empty($password)) {
         throw new OAuthInvalidRequestException('Missing password parameter.');
     }
     $user = $this->userProvider->loadUserByUsername($username);
     $token = new UsernamePasswordToken($username, $password, $this->providerKey);
     if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $token->getCredentials(), $user->getSalt())) {
         throw new OAuthInvalidRequestException('Bad credentials.');
     }
     $accessToken = $this->accessTokenProvider->create($user, $client, $scope);
     $data = ['access_token' => $accessToken->getId(), 'token_type' => 'bearer', 'expires_in' => $accessToken->getExpires()];
     return new Response(json_encode($data), 200, ['Content-Type' => 'application/json;charset=UTF-8', 'Cache-Control' => 'no-store', 'Pragma' => 'no-cache']);
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     $presentedPassword = $token->getCredentials();
     if ($currentUser instanceof UserInterface) {
         if ('' === $presentedPassword) {
             throw new BadCredentialsException('The password in the token is empty. You may forgive turn off `erase_credentials` in your `security.yml`');
         }
         if (!$this->ldapManager->bind($currentUser, $presentedPassword)) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if ('' === $presentedPassword) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->ldapManager->bind($user, $presentedPassword)) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof UserInterface) {
         if ($currentUser->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
             $this->userProvider->handleWrongPassword($user);
             throw new BadCredentialsException('The presented password is invalid.');
         } else {
             $this->userProvider->handleGoodPassword($user);
         }
         if (!$user->isAccountNonLocked()) {
             throw new LockedException(strtr('User account is locked%until%.', array('%until%' => $user->getLockedUntil() ? sprintf(' until %s', $user->getLockedUntil()->format('Y-m-d H:i:s')) : '')), $user);
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof LdapUserInterface) {
         if (!$this->ldapManager->bind($currentUser, $currentUser->getPassword())) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if (!$user->getDn()) {
             $userLdap = $this->ldapManager->findUserByUsername($user->getUsername());
             if (!$userLdap) {
                 throw new BadCredentialsException(sprintf('User "%s" not found', $user->getUsername()));
             }
             $user->setDn($userLdap->getDn());
         }
         if (!($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->ldapManager->bind($user, $presentedPassword)) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
 }
 /**
  * {@inheritdoc}
  */
 public function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $connector = new \EpitechAPI\Connector();
     try {
         $connector->authenticate(\EpitechAPI\Connector::SIGN_IN_METHOD_CREDENTIALS, $user->getUsername(), $token->getCredentials());
     } catch (\Exception $ex) {
         throw new \Exception("The Epitech's Intranet is not responding");
     }
     if (!$connector->isSignedIn()) {
         throw new BadCredentialsException();
     }
     $user->updateFromIntranet($connector->getUser());
     $user->setLastConnectionDate(new \DateTime());
     $roles = $user->getRoles();
     foreach (array_keys($roles, 'ROLE_SUPER_ADMIN') as $key) {
         unset($roles[$key]);
     }
     if (in_array($user->getLogin(), $this->superAdminsLogin)) {
         $roles[] = 'ROLE_SUPER_ADMIN';
     }
     $user->setRoles($roles);
     $this->entityManager->persist($user);
     $this->entityManager->flush();
 }
 /**
  * @param UserInterface $user
  * @param UsernamePasswordToken $token
  */
 protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     if ($currentUser instanceof UserInterface) {
         // this happens if we were already logged in
         if ($currentUser->getPassword() !== $user->getPassword()) {
             throw new BadCredentialsException('The credentials were changed from another session.');
         }
     } else {
         if ("" === ($presentedPassword = $token->getCredentials())) {
             throw new BadCredentialsException('The presented password cannot be empty.');
         }
         if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
             throw new BadCredentialsException('The presented password is invalid.');
         }
     }
     if ($token->hasAttribute('desired_user')) {
         $roles = $user->getRoles();
         if (!in_array('ROLE_ALLOWED_TO_SWITCH', $roles)) {
             throw new BadCredentialsException('You are not allowed to login as other users.');
         }
     }
 }
Esempio n. 20
0
 public function testEraseCredentials()
 {
     $token = new UsernamePasswordToken('foo', 'bar', 'key');
     $token->eraseCredentials();
     $this->assertEquals('', $token->getCredentials());
 }
 /**
  * {@inheritdoc}
  */
 protected function retrieveUser($username, UsernamePasswordToken $token)
 {
     $user = $token->getUser();
     if ($user instanceof UserInterface) {
         return $user;
     }
     try {
         $user = $this->userProvider->loadUserByUsername($username, $token->getAsn(), $token->getCredentials());
         if (!$user instanceof UserInterface) {
             throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
         }
         return $user;
     } catch (UsernameNotFoundException $notFound) {
         $notFound->setUsername($username);
         throw $notFound;
     } catch (\Exception $repositoryProblem) {
         $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
         $ex->setToken($token);
         throw $ex;
     }
 }
Esempio n. 22
0
 /**
  * Authenticates the user via ldap
  *
  * @param \Symfony\Component\Security\Core\User\UserInterface $user
  * @param \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken $token
  * @return boolean $passwordValid
  * @throws BadCredentialsException
  */
 protected function checkAuthenticationLdap(UserInterface $user, UsernamePasswordToken $token)
 {
     $currentUser = $token->getUser();
     // Due to ldap restrinctions we expect a user authenticated once the token
     // contains a user object
     if ($currentUser instanceof UserInterface) {
         return true;
     }
     try {
         $this->ldapManager->bind($token->getUsername(), $token->getCredentials());
         $passwordValid = (bool) $this->ldapManager->getBoundUser();
         if (null !== $this->logger && !$token->isAuthenticated()) {
             $this->logger->info("[LdapAuthenticator] Ldap authentication successful.", array('user' => $this->ldapManager->getBoundUser()));
         }
         return $passwordValid;
     } catch (\Zend\Ldap\Exception\LdapException $e) {
         throw new BadCredentialsException('Ldap authentication failed', 0, $e);
     }
 }