コード例 #1
0
 protected function getStoredQuery($path)
 {
     $session = $this->request->session();
     if (isset($session)) {
         if ($session->check('Alaxos.Filter')) {
             $stored_alaxos_filter = $session->read('Alaxos.Filter');
             if (isset($stored_alaxos_filter[$path])) {
                 return $stored_alaxos_filter[$path];
             }
         }
     }
     return null;
 }
コード例 #2
0
 /**
  * Get user's credentials (username and password) from either session or request data
  *
  * @param Request $request Request instance
  * @return array|bool
  */
 protected function _getCredentials(Request $request)
 {
     $credentials = [];
     foreach (['username', 'password'] as $field) {
         if (!($credentials[$field] = $request->data($this->_config['fields'][$field]))) {
             $credentials[$field] = $this->_decrypt($request->session()->read('TwoFactorAuth.credentials.' . $field));
         }
         if (empty($credentials[$field]) || !is_string($credentials[$field])) {
             return false;
         }
     }
     return $credentials;
 }
コード例 #3
0
 /**
  * Authenticate callback
  *
  * @param Request $request Cake request object.
  * @param Response $response Cake response object.
  * @return bool|mixed
  */
 public function authenticate(Request $request, Response $response)
 {
     $data = $request->session()->read(Configure::read('Users.Key.Session.social'));
     if (empty($data)) {
         return false;
     }
     $socialMail = Hash::get((array) $data->info, Configure::read('Users.Key.Data.email'));
     if (!empty($socialMail)) {
         $data->email = $socialMail;
         $data->validated = true;
     } else {
         $data->email = $request->data(Configure::read('Users.Key.Data.email'));
         $data->validated = false;
     }
     $user = $this->_findOrCreateUser($data);
     return $user;
 }
コード例 #4
0
 /**
  * Component startup. All security checking happens here.
  *
  * @param Event $event An Event instance
  * @return mixed
  */
 public function startup(Event $event)
 {
     $controller = $event->subject();
     $this->session = $this->request->session();
     $this->_action = $this->request->params['action'];
     $this->_secureRequired($controller);
     $this->_authRequired($controller);
     $isPost = $this->request->is(['post', 'put']);
     $isNotRequestAction = !isset($controller->request->params['requested']) || $controller->request->params['requested'] != 1;
     if ($this->_action === $this->_config['blackHoleCallback']) {
         return $this->blackHole($controller, 'auth');
     }
     if (!in_array($this->_action, (array) $this->_config['unlockedActions']) && $isPost && $isNotRequestAction) {
         if ($this->_config['validatePost'] && $this->_validatePost($controller) === false) {
             return $this->blackHole($controller, 'auth');
         }
     }
     $this->generateToken($controller->request);
     if ($isPost && is_array($controller->request->data)) {
         unset($controller->request->data['_Token']);
     }
 }
コード例 #5
0
 /**
  * Initialize HybridAuth and this authenticator.
  *
  * @param \Cake\Network\Request $request Request instance.
  * @return void
  * @throws \RuntimeException Incase case of unknown error.
  */
 protected function _init(Request $request)
 {
     if ($this->_initDone) {
         return;
     }
     $this->_userModel = TableRegistry::get($this->_config['userModel']);
     $this->_profileModel = TableRegistry::get($this->_config['profileModel']);
     $request->session()->start();
     $hybridConfig = Configure::read('HybridAuth');
     if (empty($hybridConfig['base_url'])) {
         $hybridConfig['base_url'] = Router::url(['plugin' => 'ADmad/HybridAuth', 'controller' => 'HybridAuth', 'action' => 'endpoint', 'prefix' => false], true);
     }
     try {
         Hybrid_Auth::initialize($hybridConfig);
     } catch (\Exception $e) {
         if ($e->getCode() < 5) {
             throw new \RuntimeException($e->getMessage());
         } else {
             $this->_registry->Auth->flash($e->getMessage());
             Hybrid_Auth::initialize($hybridConfig);
         }
     }
 }
コード例 #6
0
 /**
  * Authenticates the identity contained in the cookie.  Will use the
  * `userModel` config, and `fields` config to find COOKIE data that is used
  * to find a matching record in the model specified by `userModel`. Will return
  * false if there is no cookie data, either username or password is missing,
  * or if the scope conditions have not been met.
  *
  * @param Request $request The unused request object.
  * @return mixed False on login failure. An array of User data on success.
  * @throws \RuntimeException If CookieComponent is not loaded.
  */
 public function getUser(Request $request)
 {
     if (!isset($this->_registry->Cookie) || !$this->_registry->Cookie instanceof CookieComponent) {
         throw new \RuntimeException('CookieComponent is not loaded');
     }
     $cookieConfig = $this->_config['cookie'];
     $cookieName = $this->_config['cookie']['name'];
     unset($cookieConfig['name']);
     $this->_registry->Cookie->configKey($cookieName, $cookieConfig);
     $data = $this->_registry->Cookie->read($cookieName);
     if (empty($data)) {
         return false;
     }
     extract($this->_config['fields']);
     if (empty($data[$username]) || empty($data[$password])) {
         return false;
     }
     $user = $this->_findUser($data[$username], $data[$password]);
     if ($user) {
         $request->session()->write($this->_registry->Auth->sessionKey, $user);
         return $user;
     }
     return false;
 }
コード例 #7
0
ファイル: SecurityComponent.php プロジェクト: nrother/cakephp
 /**
  * Component startup. All security checking happens here.
  *
  * @param \Cake\Event\Event $event An Event instance
  * @return mixed
  */
 public function startup(Event $event)
 {
     $controller = $event->subject();
     $this->session = $this->request->session();
     $this->_action = $this->request->params['action'];
     $hasData = !empty($this->request->data);
     try {
         $this->_secureRequired($controller);
         $this->_authRequired($controller);
         $isNotRequestAction = !isset($controller->request->params['requested']) || $controller->request->params['requested'] != 1;
         if ($this->_action === $this->_config['blackHoleCallback']) {
             throw new AuthSecurityException(sprintf('Action %s is defined as the blackhole callback.', $this->_action));
         }
         if (!in_array($this->_action, (array) $this->_config['unlockedActions']) && $hasData && $isNotRequestAction && $this->_config['validatePost']) {
             $this->_validatePost($controller);
         }
     } catch (SecurityException $se) {
         $this->blackHole($controller, $se->getType(), $se);
     }
     $this->generateToken($controller->request);
     if ($hasData && is_array($controller->request->data)) {
         unset($controller->request->data['_Token']);
     }
 }
コード例 #8
0
 /**
  * Set the authenticate attempted session flag.
  *
  * @param \Cake\Network\Request $request Request to get session from.
  */
 private function setAuthenticateAttemptedThisSession(Request $request)
 {
     $session = $request->session();
     $session->write('CookieTokenAuth.attempted', true);
 }
コード例 #9
0
 /**
  * Tests getting the sessions from the request
  *
  * @return void
  */
 public function testSession()
 {
     $session = new Session();
     $request = new Request(['session' => $session]);
     $this->assertSame($session, $request->session());
     $request = Request::createFromGlobals();
     $this->assertEquals($session, $request->session());
 }
コード例 #10
0
ファイル: SocialAuthenticate.php プロジェクト: GF-TIC/users
 /**
  * Get a user based on information in the request.
  *
  * @param \Cake\Network\Request $request Request object.
  * @return mixed Either false or an array of user information
  * @throws \RuntimeException If the `CakeDC/Users/OAuth2.newUser` event is missing or returns empty.
  */
 public function getUser(Request $request)
 {
     $data = $request->session()->read(Configure::read('Users.Key.Session.social'));
     $requestDataEmail = $request->data('email');
     if (!empty($data) && (!empty($data['email']) || !empty($requestDataEmail))) {
         if (!empty($requestDataEmail)) {
             $data['email'] = $requestDataEmail;
         }
         $user = $data;
         $request->session()->delete(Configure::read('Users.Key.Session.social'));
     } else {
         if (empty($data) && !($rawData = $this->_authenticate($request))) {
             return false;
         }
         if (empty($rawData)) {
             $rawData = $data;
         }
         $provider = $this->_getProviderName($request);
         $user = $this->_mapUser($provider, $rawData);
         if ($user['provider'] === SocialAccountsTable::PROVIDER_TWITTER) {
             $request->session()->write(Configure::read('Users.Key.Session.social'), $user);
         }
     }
     if (!$user || !$this->config('userModel')) {
         return false;
     }
     if (!($result = $this->_touch($user))) {
         return false;
     }
     if ($request->session()->check(Configure::read('Users.Key.Session.social'))) {
         $request->session()->delete(Configure::read('Users.Key.Session.social'));
     }
     return $result;
 }
コード例 #11
0
 /**
  * Initialize hybrid auth
  *
  * @param \Cake\Network\Request $request Request instance.
  * @return void
  * @throws \RuntimeException Incase case of unknown error.
  */
 protected function _init(Request $request)
 {
     $request->session()->start();
     $hybridConfig = Configure::read('HybridAuth');
     if (empty($hybridConfig['base_url'])) {
         $hybridConfig['base_url'] = Router::url(['plugin' => 'ADmad/HybridAuth', 'controller' => 'HybridAuth', 'action' => 'endpoint'], true);
     }
     try {
         $this->hybridAuth = new \Hybrid_Auth($hybridConfig);
     } catch (\Exception $e) {
         if ($e->getCode() < 5) {
             throw new \RuntimeException($e->getMessage());
         } else {
             $this->_registry->Auth->flash($e->getMessage());
             $this->hybridAuth = new \Hybrid_Auth($hybridConfig);
         }
     }
 }
コード例 #12
0
ファイル: LdapAuthenticate.php プロジェクト: ssswang/CakeLDAP
 /**
  * Get a user based on information in the request.
  * Used by cookie-less auth for stateless clients.
  *
  * @param \Cake\Network\Request $request
  *        	Request object.
  * @return mixed Either false or an array of user information
  */
 public function getUser(Request $request)
 {
     if (!isset($request->data['username']) || !isset($request->data['password'])) {
         return false;
     }
     set_error_handler(function ($errorNumber, $errorText, $errorFile, $errorLine) {
         throw new \ErrorException($errorText, 0, $errorNumber, $errorFile, $errorLine);
     }, E_ALL);
     $bindAccount = $this->_config['bindAccount'];
     $bindPassword = $this->_config['bindPassword'];
     try {
         // bind with service account first
         if (!empty($bindAccount)) {
             $ldapBind = ldap_bind($this->ldapConnection, $bindAccount, $bindPassword);
             if ($ldapBind === true) {
                 $filter = $this->_config['filter']($request->data['username']);
                 $searchResults = ldap_search($this->ldapConnection, $this->_config['baseDN'], $filter, $this->_config['return']);
                 $results = ldap_get_entries($this->ldapConnection, $searchResults);
                 $entry = ldap_first_entry($this->ldapConnection, $searchResults);
                 // get login user dn
                 $dn = ldap_get_dn($this->ldapConnection, $entry);
             }
         } else {
             $dn = 'CN=' . $request->data['username'] . ',' . $this->_config['baseDN'];
         }
         // bind with login id
         $ldapBind = ldap_bind($this->ldapConnection, $dn, $request->data['password']);
         if ($ldapBind === true) {
             return ldap_get_attributes($this->ldapConnection, $entry);
         }
     } catch (\ErrorException $e) {
         $this->log($e->getMessage());
         if (ldap_get_option($this->ldapConnection, LDAP_OPT_DIAGNOSTIC_MESSAGE, $extendedError)) {
             if (!empty($extendedError)) {
                 foreach ($this->_config['errors'] as $error => $errorMessage) {
                     if (strpos($extendedError, $error) !== false) {
                         $messages[] = ['message' => $errorMessage, 'key' => $this->_config['flash']['key'], 'element' => $this->_config['flash']['element'], 'params' => $this->_config['flash']['params']];
                     }
                 }
             }
         }
     }
     restore_error_handler();
     if (!empty($messages)) {
         $request->session()->write('Flash.' . $this->_config['flash']['key'], $messages);
     }
     return false;
 }
コード例 #13
0
 /**
  * Get a user based on information in the request.
  *
  * @param \Cake\Network\Request $request Request object.
  * @return mixed Either false or an array of user information
  * @throws \RuntimeException If the `Muffin/OAuth2.newUser` event is missing or returns empty.
  */
 public function getUser(Request $request)
 {
     $data = $request->session()->read(Configure::read('Users.Key.Session.social'));
     if (!empty($data) && !empty($data['email'] || !empty($request->data('email')))) {
         if (!empty($request->data('email'))) {
             $data['email'] = $request->data('email');
         }
         $user = $data;
         $request->session()->delete(Configure::read('Users.Key.Session.social'));
     } else {
         if (empty($data) && !($rawData = $this->_authenticate($request))) {
             return false;
         }
         if (empty($rawData)) {
             $rawData = $data;
         }
         $provider = $this->_getProviderName($request);
         $user = $this->_mapUser($provider, $rawData);
     }
     if (!$user || !$this->config('userModel')) {
         return false;
     }
     if (!($result = $this->_touch($user))) {
         return false;
     }
     return $result;
 }
コード例 #14
0
 /**
  * Constructor.
  *
  * @param \Cake\Network\Request $request Request instance.
  * @param \Cake\Network\Response $response Response instance.
  * @param array $config Configuration list.
  */
 public function __construct(Request $request, Response $response, array $config = [])
 {
     $this->_session = $request->session();
     $this->config($config);
 }