public function __invoke(Request $request)
 {
     if ($this->container->hasParameter('partkeepr.auth.allow_password_change') && $this->container->getParameter('partkeepr.auth.allow_password_change') === false) {
         throw new PasswordChangeNotAllowedException();
     }
     $user = $this->userService->getUser();
     if (!$request->request->has('oldpassword') && !$request->request->has('newpassword')) {
         throw new \Exception('old password and new password need to be specified');
     }
     $FOSUser = $this->userManager->findUserByUsername($user->getUsername());
     if ($FOSUser !== null) {
         $encoder = $this->encoderFactory->getEncoder($FOSUser);
         $encoded_pass = $encoder->encodePassword($request->request->get('oldpassword'), $FOSUser->getSalt());
         if ($FOSUser->getPassword() != $encoded_pass) {
             throw new OldPasswordWrongException();
         }
         $this->userManipulator->changePassword($user->getUsername(), $request->request->get('newpassword'));
     } else {
         if ($user->isLegacy()) {
             if ($user->getPassword() !== md5($request->request->get('oldpassword'))) {
                 throw new OldPasswordWrongException();
             }
             $user->setNewPassword($request->request->get('newpassword'));
             $this->userService->syncData($user);
         } else {
             throw new \Exception('Cannot change password for LDAP users');
         }
     }
     $user->setPassword('');
     $user->setNewPassword('');
     return $user;
 }
 public function testGetEncoderConfiguredForConcreteClassWithClassName()
 {
     $factory = new EncoderFactory(array('Symfony\\Component\\Security\\Tests\\Core\\Encoder\\SomeUser' => new MessageDigestPasswordEncoder('sha1')));
     $encoder = $factory->getEncoder('Symfony\\Component\\Security\\Tests\\Core\\Encoder\\SomeChildUser');
     $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
     $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
 }
 public function testGetEncoderWithService()
 {
     $factory = new EncoderFactory(array('Symfony\\Component\\Security\\Core\\User\\UserInterface' => new MessageDigestPasswordEncoder('sha1')));
     $encoder = $factory->getEncoder($this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface'));
     $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
     $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
 }
Esempio n. 4
0
 /**
  * Is user password correct
  *
  * @param BackendUser $user
  * @param string      $password
  *
  * @return boolean $isValid
  */
 public function checkUserPassword(BackendUser $user, $password)
 {
     $encoder = $this->encoder->getEncoder($user);
     if (!$encoder) {
         return false;
     }
     $isValid = $encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt());
     return $isValid;
 }
Esempio n. 5
0
 /**
  * @param User $user
  */
 private function handleUserChange(User $user)
 {
     if (!($plainPassword = $user->getPlainPassword())) {
         return;
     }
     $encoder = $this->encoderFactory->getEncoder($user);
     $password = $encoder->encodePassword($plainPassword, $user->getSalt());
     $user->setPassword($password);
 }
Esempio n. 6
0
 /**
  * @param User $user
  */
 private function updatePassword(User $user)
 {
     $password = $user->getPlainPassword();
     if (0 !== strlen($password)) {
         $encoder = $this->encoder->getEncoder($user);
         $user->setPassword($encoder->encodePassword($password, $user->getSalt()));
         $user->eraseCredentials();
     }
 }
Esempio n. 7
0
 public function register(User $user)
 {
     $user->setSalt(md5(time()));
     $password = $this->securityEncoderFactory->getEncoder($user)->encodePassword($user->getPassword(), $user->getSalt());
     $user->setPassword($password);
     $this->em->persist($user);
     $this->em->flush();
     $token = new UsernamePasswordToken($user, $user->getPassword(), 'app', $user->getRoles());
     $this->securityContext->setToken($token);
 }
Esempio n. 8
0
 /**
  * Injects the password encoder into user resources
  *
  * @param ActionEvent $event
  * @throws AccessDeniedHttpException
  */
 public function onActionEvent(ActionEvent $event)
 {
     if (!in_array($event->getId(), $this->validIds)) {
         return;
     }
     $resource = $event->getData()->getResource();
     if ($resource instanceof User) {
         $resource->setEncoder($this->encoderFactory->getEncoder($resource));
     }
 }
Esempio n. 9
0
 /**
  * returns int
  * 0 - success
  * 1 - wrong email
  * 2 - any error
  */
 public function editUser(User $user, \Symfony\Component\Security\Core\Encoder\EncoderFactory $ef)
 {
     $encoder = $ef->getEncoder($user);
     $password = $encoder->encodePassword($user->getPassword(), $user->getSalt());
     $user->setPassword($password);
     $user->setActive(true);
     $user->setBlocked(false);
     $this->em->persist($user);
     $this->em->flush();
     return $user->getId() > 0 ? 0 : 2;
 }
Esempio n. 10
0
 /**
  * Set userShop new password
  *
  * @param array|string $data
  * @return $this
  */
 public function setPassword($data)
 {
     $encoder = $this->securityFactory->getEncoder($this->usershop);
     if (!empty($data['password'])) {
         $existingPassword = $this->usershop->getPassword();
         $newPassword = $encoder->encodePassword($data['password'], $this->usershop->getSalt());
         if ($existingPassword != $newPassword) {
             $this->usershop->setPassword($newPassword);
         }
     }
     return $this;
 }
Esempio n. 11
0
 /**
  * @param LifecycleEventArgs $args
  */
 public function prePersist(LifeCycleEventArgs $args)
 {
     /** @var AdvancedUserInterface $object */
     $object = $args->getEntity();
     if ($object instanceof AdvancedUserInterface) {
         $salt = md5(uniqid(null, true));
         $object->setSalt($salt);
         $encoder = $this->encoder->getEncoder($object);
         $encodedPassword = $encoder->encodePassword($object->getPlainPassword(), $object->getSalt());
         $object->setPassword($encodedPassword);
         $object->setLastLogin(new \DateTime(date('Y-m-d H:i:s')));
     }
 }
Esempio n. 12
0
 /**
  * @param $username
  * @param $password
  * @return bool|mixed
  */
 public function checkUsernameAndPassword($username, $password)
 {
     $user = $this->getUserByUsername($username);
     if (!$user) {
         return false;
     }
     $encoder = $this->encoderFactory->getEncoder($user);
     $password = $encoder->encodePassword($password, $user->getSalt());
     if ($password == $user->getPassword()) {
         return $user;
     }
     return false;
 }
Esempio n. 13
0
 public function validate($value, Constraint $constraint)
 {
     $repo = $this->em->getRepository('UsuarioBundle:Clave');
     $user = $this->securityContext->getToken()->getUser();
     /* @var $user Usuario */
     $rawPassword = $value;
     $encoder = $this->encoderFactory->getEncoder($user);
     $encodedPassword = $encoder->encodePassword($rawPassword, $user->getSalt());
     $clave = $repo->findOneBy(array('usuario' => $user->getId(), 'clave' => $encodedPassword));
     if ($clave) {
         $this->context->addViolation($constraint->message, array("%string%" => $value));
     }
 }
Esempio n. 14
0
 public function testGetEncoderForEncoderAwareWithClassName()
 {
     $factory = new EncoderFactory(array('Symfony\\Component\\Security\\Core\\Tests\\Encoder\\EncAwareUser' => new MessageDigestPasswordEncoder('sha1'), 'encoder_name' => new MessageDigestPasswordEncoder('sha256')));
     $encoder = $factory->getEncoder('Symfony\\Component\\Security\\Core\\Tests\\Encoder\\EncAwareUser');
     $expectedEncoder = new MessageDigestPasswordEncoder('sha1');
     $this->assertEquals($expectedEncoder->encodePassword('foo', ''), $encoder->encodePassword('foo', ''));
 }
Esempio n. 15
0
 /**
  * @param User   $user
  * @param string $newPassword
  *
  * @return User
  */
 public function changePassword(User $user, $newPassword)
 {
     $encoder = $this->encoderFactory->getEncoder($user);
     $salt = bin2hex($this->secureRandom->nextBytes(16));
     $encodedPassword = $encoder->encodePassword($newPassword, $salt);
     $user->setSalt($salt);
     $user->setPassword($encodedPassword);
     return $user;
 }
Esempio n. 16
0
 public function __construct($security_config)
 {
     $encoder['plaintext'] = new PlaintextPasswordEncoder();
     $encoder['sha512'] = new MessageDigestPasswordEncoder('sha512', false, 1);
     $encoders = array();
     foreach ($security_config['encoders'] as $prov => $enco) {
         $encoders[$prov] = $encoder[$enco];
     }
     return parent::__construct($encoders);
 }
Esempio n. 17
0
 public function changePassword(User $User)
 {
     if (null == $User->getPlainPassword()) {
         throw new UserException('Nie ustawiono nowego hasła!');
     }
     $encoder = $this->encoderFactory->getEncoder($User);
     $encoderPassword = $encoder->encodePassword($User->getPlainPassword(), $User->getSalt());
     $User->setPassword($encoderPassword);
     $em = $this->doctrine->getManager();
     $em->persist($User);
     $em->flush();
     return true;
 }
Esempio n. 18
0
 /**
  * @param  User $user
  * @param $password
  * @param  bool $old_password
  * @return bool
  */
 public function changePassword(User &$user, $password, $old_password = false)
 {
     if (empty($password)) {
         return false;
     }
     $encoder = $this->encoderFactory->getEncoder($user);
     if ($old_password) {
         if (!$encoder->isPasswordValid($user->getPassword(), $old_password, $user->getSalt())) {
             return false;
         }
     }
     $user->setPassword($password);
     $password = $encoder->encodePassword($user->getPassword(), $user->getSalt());
     $user->setPassword($password);
     return true;
 }
Esempio n. 19
0
 /**
  * Create/update user from authentication plugins.
  *
  * @param User      $user
  * @param bool|true $createIfNotExists
  *
  * @return User
  */
 public function saveUser(User $user, $createIfNotExists = true)
 {
     $isNew = !$user->getId();
     if ($isNew) {
         // Check if user exists and create one if applicable
         try {
             $user = $this->loadUserByUsername($user->getUsername(), $user->getEmail());
         } catch (UsernameNotFoundException $exception) {
             if (!$createIfNotExists) {
                 throw new BadCredentialsException();
             }
         }
     }
     // Validation for User objects returned by a plugin
     if (!$user->getRole()) {
         throw new AuthenticationException('mautic.integration.sso.error.no_role');
     }
     if (!$user->getUsername()) {
         throw new AuthenticationException('mautic.integration.sso.error.no_username');
     }
     if (!$user->getEmail()) {
         throw new AuthenticationException('mautic.integration.sso.error.no_email');
     }
     if (!$user->getFirstName() || !$user->getLastName()) {
         throw new AuthenticationException('mautic.integration.sso.error.no_name');
     }
     // Check for plain password
     $plainPassword = $user->getPlainPassword();
     if ($plainPassword) {
         // Encode plain text
         $user->setPassword($this->encoder->getEncoder($user)->encodePassword($plainPassword, $user->getSalt()));
     } elseif (!($password = $user->getPassword())) {
         // Generate and encode a random password
         $user->setPassword($this->encoder->getEncoder($user)->encodePassword(EncryptionHelper::generateKey(), $user->getSalt()));
     }
     $event = new UserEvent($user, $isNew);
     if ($this->dispatcher->hasListeners(UserEvents::USER_PRE_SAVE)) {
         $event = $this->dispatcher->dispatch(UserEvents::USER_PRE_SAVE, $event);
     }
     $this->userRepository->saveEntity($user);
     if ($this->dispatcher->hasListeners(UserEvents::USER_POST_SAVE)) {
         $this->dispatcher->dispatch(UserEvents::USER_POST_SAVE, $event);
     }
     return $user;
 }
Esempio n. 20
0
 /**
  *   Reset and send password by email
  */
 public function resetPassword($user)
 {
     if ($user) {
         $utility = new PasswordUtility();
         $password = $utility->generatePassword();
         $encoder = $this->encoder->getEncoder($user);
         $encodedPassword = $encoder->encodePassword($password, $user->getSalt());
         $user->setPassword($encodedPassword);
         // Send password via email
         try {
             $message = \Swift_Message::newInstance()->setSubject('Password reset')->setFrom($this->websiteEmail)->setTo($user->getEmail())->setBody($this->templating->render('AiselFrontendUserBundle:Email:newPassword.txt.twig', array('username' => $user->getUsername(), 'password' => $password)));
             $response = $this->mailer->send($message);
         } catch (\Swift_TransportException $e) {
             $response = $e->getMessage();
         }
         $this->em->persist($user);
         $this->em->flush();
         return $response;
     } else {
         return false;
     }
 }
Esempio n. 21
0
 /**
  * @param User $user
  * @param $password
  */
 private function encodeUserPassword(User $user, $password)
 {
     $encoder = $this->encoderFactory->getEncoder($user);
     $encPassword = $encoder->encodePassword($password, $user->getSalt());
     $user->setPassword($encPassword);
 }
 /**
  * Get object
  *
  * @return mixed
  */
 public function get()
 {
     $encoders = [SecurityUser::class => ['class' => PlaintextPasswordEncoder::class, 'argument' => [false]], User::class => ['class' => MessageDigestPasswordEncoder::class, 'arguments' => ['sha1', 'true', '5000']]];
     $factory = new EncoderFactory($encoders);
     return $factory->getEncoder(new User());
 }
Esempio n. 23
0
 public function setPlainPassword($plainPassword, \Symfony\Component\Security\Core\Encoder\EncoderFactory $encoderFactory = null)
 {
     $this->plainPassword = $plainPassword;
     if ($encoderFactory) {
         $encoder = $encoderFactory->getEncoder($this);
         $password = $encoder->encodePassword($this->getPlainPassword(), $this->getSalt());
         $this->setPassword($password);
     }
     return $this;
 }
 /**
  * @param string         $plainPassword
  * @param EncoderFactory $encoderFactory
  *
  * @return UserEntity
  */
 public function setPlainPassword($plainPassword, EncoderFactory $encoderFactory = null)
 {
     $this->plainPassword = $plainPassword;
     if ($encoderFactory) {
         $encoder = $encoderFactory->getEncoder($this);
         $password = $encoder->encodePassword($this->getPlainPassword(), $this->getSalt());
         $this->setPassword($password);
     }
     return $this;
 }
Esempio n. 25
0
 /**
  * Encodes the given password, for the given passwort, with he given salt and returns the result.
  *
  * @param UserInterface $user
  * @param string        $password
  * @param string        $salt
  *
  * @return string
  */
 private function encodePassword(UserInterface $user, $password, $salt)
 {
     $encoder = $this->encoderFactory->getEncoder($user);
     return $encoder->encodePassword($password, $salt);
 }
 /**
  * Encode password
  *
  * @param User $user
  * @param $plainPassword
  * @return string
  */
 private function encodePassword(User $user, $plainPassword)
 {
     $encoder = $this->encoderFactory->getEncoder($user);
     return $encoder->encodePassword($plainPassword, $user->getSalt());
 }
 /**
  * @param User $user
  * @return \Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface
  */
 public function getEncoder(User $user)
 {
     return $this->encoderFactory->getEncoder($user);
 }
Esempio n. 28
0
 /**
  * @param UserInterface $user
  * @param string $plaintextPassword
  */
 public function setUserPassword(UserInterface $user, $plaintextPassword)
 {
     $hash = $this->encoderFactory->getEncoder($user)->encodePassword($plaintextPassword, $user->getSalt());
     return $hash;
 }
Esempio n. 29
0
 /**
  * Test a users password
  *
  * @param User   $user
  * @param string $password
  * @return bool
  */
 public function testLogin(User $user, $password)
 {
     $encoder = $this->encoder_factory->getEncoder($user);
     return $encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt());
 }
 /**
  * @param array         $credentials
  * @param UserInterface $user
  *
  * @return bool
  */
 public function checkCredentials($credentials, UserInterface $user)
 {
     $plainPassword = $credentials['password'];
     $encoder = $this->encoder->getEncoder($user);
     $password = $encoder->encodePassword($plainPassword, $user->getSalt());
     if ($password != $user->getPassword()) {
         throw new BadCredentialsException();
     }
     return true;
 }