/** * Removes an account * * @param object $object The account to remove * @return void * @throws IllegalObjectTypeException */ public function remove($object) { parent::remove($object); /** @var Account $object */ $tag = 'TYPO3-Flow-Security-Account-' . md5($object->getAccountIdentifier()); $this->sessionManager->destroySessionsByTag($tag, sprintf('The account %s (%s) was deleted', $object->getAccountIdentifier(), $object->getAuthenticationProviderName())); }
/** * Logs a user in if a session identifier is available under the given token in the token cache. * * @param string $token * @return void */ public function tokenLoginAction($token) { $newSessionId = $this->loginTokenCache->get($token); $this->loginTokenCache->remove($token); if ($newSessionId === false) { $this->systemLogger->log(sprintf('Token-based login failed, non-existing or expired token %s', $token), LOG_WARNING); $this->redirect('index'); } $this->systemLogger->log(sprintf('Token-based login succeeded, token %s', $token), LOG_DEBUG); $newSession = $this->sessionManager->getSession($newSessionId); if ($newSession->canBeResumed()) { $newSession->resume(); } if ($newSession->isStarted()) { $newSession->putData('lastVisitedNode', null); } else { $this->systemLogger->log(sprintf('Failed resuming or starting session %s which was referred to in the login token %s.', $newSessionId, $token), LOG_ERR); } $this->replaceSessionCookie($newSessionId); $this->redirect('index', 'Backend\\Backend'); }
/** * Convert a session identifier from $source to a Session object * * @param string $source * @param string $targetType * @param array $convertedChildProperties * @param PropertyMappingConfigurationInterface $configuration * @return object the target type * @throws InvalidTargetException * @throws \InvalidArgumentException */ public function convertFrom($source, $targetType, array $convertedChildProperties = [], PropertyMappingConfigurationInterface $configuration = null) { return $this->sessionManager->getSession($source); }
/** * Merges the session and manager tokens. All manager tokens types will be in the result array * If a specific type is found in the session this token replaces the one (of the same type) * given by the manager. * * @param array $managerTokens Array of tokens provided by the authentication manager * @param array $sessionTokens Array of tokens restored from the session * @return array Array of Authentication\TokenInterface objects */ protected function mergeTokens($managerTokens, $sessionTokens) { $resultTokens = []; if (!is_array($managerTokens)) { return $resultTokens; } /** @var $managerToken TokenInterface */ foreach ($managerTokens as $managerToken) { $noCorrespondingSessionTokenFound = true; if (!is_array($sessionTokens)) { continue; } /** @var $sessionToken TokenInterface */ foreach ($sessionTokens as $sessionToken) { if ($sessionToken->getAuthenticationProviderName() === $managerToken->getAuthenticationProviderName()) { $session = $this->sessionManager->getCurrentSession(); $this->securityLogger->log(sprintf('Session %s contains auth token %s for provider %s. Status: %s', $session->getId(), get_class($sessionToken), $sessionToken->getAuthenticationProviderName(), $this->tokenStatusLabels[$sessionToken->getAuthenticationStatus()]), LOG_INFO, null, 'Flow'); $resultTokens[$sessionToken->getAuthenticationProviderName()] = $sessionToken; $noCorrespondingSessionTokenFound = false; } } if ($noCorrespondingSessionTokenFound) { $resultTokens[$managerToken->getAuthenticationProviderName()] = $managerToken; } } return $resultTokens; }