public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $this->validateDigest($token->getAttribute('digest'), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user))) { $authenticatedToken = new Token($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; } throw new AuthenticationException('WSSE authentication failed.'); }
/** * @dataProvider userProvider * * @param UserInterface $user * @param $secret * @param string $salt */ public function testOverridesLogic(UserInterface $user, $secret, $salt = '') { $this->userProvider->expects($this->exactly(2))->method('loadUserByUsername')->will($this->returnValue($user)); $nonce = base64_encode(uniqid(self::TEST_NONCE)); $time = date('Y-m-d H:i:s'); $digest = $this->encoder->encodePassword(sprintf('%s%s%s', base64_decode($nonce), $time, $secret), $salt); $token = new Token(); $token->setAttribute('digest', $digest); $token->setAttribute('nonce', $nonce); $token->setAttribute('created', $time); $this->provider->authenticate($token); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); //find out if the current request contains any information by which the user might be authenticated if (!$request->headers->has('X-WSSE')) { return; } $ae_message = null; $this->wsseHeader = $request->headers->get('X-WSSE'); $wsseHeaderInfo = $this->parseHeader(); if ($wsseHeaderInfo !== false) { $token = new Token(); $token->setUser($wsseHeaderInfo['Username']); $token->setAttribute('digest', $wsseHeaderInfo['PasswordDigest']); $token->setAttribute('nonce', $wsseHeaderInfo['Nonce']); $token->setAttribute('created', $wsseHeaderInfo['Created']); try { $returnValue = $this->authenticationManager->authenticate($token); if ($returnValue instanceof TokenInterface) { return $this->securityContext->setToken($returnValue); } else { if ($returnValue instanceof Response) { return $event->setResponse($returnValue); } } } catch (AuthenticationException $ae) { $event->setResponse($this->authenticationEntryPoint->start($request, $ae)); } } }
/** * @test */ public function handleReturnResponse() { $token = new Token(); $token->setUser('admin'); $token->setAttribute('digest', 'admin'); $token->setAttribute('nonce', 'admin'); $token->setAttribute('created', '2010-12-12 20:00:00'); $response = new Response(); $this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->will($this->returnValue($response)); $this->responseEvent->expects($this->once())->method('setResponse')->with($response); $this->request->headers->add(array('X-WSSE' => 'UsernameToken Username="******", PasswordDigest="admin", Nonce="admin", Created="2010-12-12 20:00:00"')); $listener = new Listener($this->securityContext, $this->authenticationManager, $this->authenticationEntryPoint); $listener->handle($this->responseEvent); }
/** * @test */ public function getCredentials() { $token = new Token(); $this->assertEquals('', $token->getCredentials()); }
/** * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException */ public function testGetSecret() { $noApiKeyUser = $this->getMock('Oro\\Bundle\\UserBundle\\Entity\\User'); $noApiKeyUser->expects(static::exactly(2))->method('getApiKeys')->will(static::returnValue(new ArrayCollection())); $noApiKeyUser->expects(static::never())->method('getPassword'); $noApiKeyUser->expects(static::never())->method('getSalt'); $noApiKeyUser->expects(static::any())->method('getRoles')->will(static::returnValue([])); $this->userProvider->expects(static::exactly(2))->method('loadUserByUsername')->will(static::returnValue($noApiKeyUser)); $nonce = base64_encode(uniqid(self::TEST_NONCE)); $time = date('Y-m-d H:i:s'); $digest = $this->encoder->encodePassword(sprintf('%s%s%s', base64_decode($nonce), $time, ''), ''); $token = new Token(); $token->setAttribute('digest', $digest); $token->setAttribute('nonce', $nonce); $token->setAttribute('created', $time); $this->provider->authenticate($token); }
/** * @test * @depends validateDigestWithNonceDirExpectedException * @depends validateDigestWithNonceDir * @depends validateDigestWithoutNonceDir * @depends validateDigestExpireTime */ public function authenticate() { $this->user->expects($this->once())->method('getPassword')->will($this->returnValue('somesecret')); $this->user->expects($this->once())->method('getSalt')->will($this->returnValue('somesalt')); $this->user->expects($this->once())->method('getRoles')->will($this->returnValue(array())); $this->userProvider->expects($this->once())->method('loadUserByUsername')->will($this->returnValue($this->user)); $expected = new Token(); $expected->setUser($this->user); $expected->setAuthenticated(true); $time = date(DATE_ISO8601); $encoder = new MessageDigestPasswordEncoder('sha1', true, 1); $digest = $encoder->encodePassword(sprintf('%s%s%s', 'somenonce', $time, 'somesecret'), 'somesalt'); $token = new Token(); $token->setAttribute('digest', $digest); $token->setAttribute('nonce', base64_encode('somenonce')); $token->setAttribute('created', $time); $provider = new CustomProvider($this->userProvider, $this->encoder, $this->nonceCache); $result = $provider->authenticate($token); $this->assertEquals($expected, $result); }