/** * Merges the session and manager tokens. All manager tokens types will be in the result array * If a specific type is found in the session this token replaces the one (of the same type) * given by the manager. * * @param array $managerTokens Array of tokens provided by the authentication manager * @param array $sessionTokens Array of tokens restored from the session * @return array Array of Authentication\TokenInterface objects */ protected function mergeTokens($managerTokens, $sessionTokens) { $resultTokens = []; if (!is_array($managerTokens)) { return $resultTokens; } /** @var $managerToken TokenInterface */ foreach ($managerTokens as $managerToken) { $noCorrespondingSessionTokenFound = true; if (!is_array($sessionTokens)) { continue; } /** @var $sessionToken TokenInterface */ foreach ($sessionTokens as $sessionToken) { if ($sessionToken->getAuthenticationProviderName() === $managerToken->getAuthenticationProviderName()) { $session = $this->sessionManager->getCurrentSession(); $this->securityLogger->log(sprintf('Session %s contains auth token %s for provider %s. Status: %s', $session->getId(), get_class($sessionToken), $sessionToken->getAuthenticationProviderName(), $this->tokenStatusLabels[$sessionToken->getAuthenticationStatus()]), LOG_INFO, null, 'Flow'); $resultTokens[$sessionToken->getAuthenticationProviderName()] = $sessionToken; $noCorrespondingSessionTokenFound = false; } } if ($noCorrespondingSessionTokenFound) { $resultTokens[$managerToken->getAuthenticationProviderName()] = $managerToken; } } return $resultTokens; }
/** * Logs calls and result of isPrivilegeTargetGranted() * * @Flow\After("method(Neos\Flow\Security\Authorization\PrivilegeManager->isPrivilegeTargetGranted())") * @param JoinPointInterface $joinPoint * @return void */ public function logPrivilegeAccessDecisions(JoinPointInterface $joinPoint) { $decision = $joinPoint->getResult() === true ? 'GRANTED' : 'DENIED'; $message = sprintf('Decided "%s" on privilege "%s".', $decision, $joinPoint->getMethodArgument('privilegeTargetIdentifier')); $this->securityLogger->log($message, \LOG_INFO); }