/** * Validate a client. If strictly validating an ID and secret are required. * * @param bool $strict * @return \Dingo\OAuth2\Entity\Client * @throws \Dingo\OAuth2\Exception\ClientException */ protected function validateClient($strict = false) { // Grab the redirection URI from the post data if there is one. This is // sent along when validating a client for some grant types. It doesn't // matter if we send along a "null" value though. $redirectUri = $this->request->get('redirect_uri'); $id = $this->request->getUser() ?: $this->request->get('client_id'); $secret = $this->request->getPassword() ?: $this->request->get('client_secret'); // If we have a client ID and secret we'll attempt to verify the client by // grabbing its details from the storage adapter. if ((!$strict or $strict and $id and $secret) and $client = $this->storage('client')->get($id, $secret, $redirectUri)) { return $client; } throw new ClientException('client_authentication_failed', 'The client failed to authenticate.', 401); }
/** * Generates new token action. * * @param Request $request The request * @param string $userClass Extra parameter that contains the user type * * @return \Symfony\Component\HttpFoundation\JsonResponse */ public function newTokenAction(Request $request, $userClass) { try { $this->get('bengor_user.' . $userClass . '.command_bus')->handle(new LogInUserCommand($request->getUser(), $request->getPassword())); } catch (UserDoesNotExistException $exception) { return new JsonResponse('', 400); } catch (UserEmailInvalidException $exception) { return new JsonResponse('', 400); } catch (UserInactiveException $exception) { return new JsonResponse('Inactive user', 400); } catch (UserPasswordInvalidException $exception) { return new JsonResponse('', 400); } $token = $this->get('lexik_jwt_authentication.encoder')->encode(['email' => $request->getUser()]); return new JsonResponse(['token' => $token]); }
public function PartnerIndexAction(Request $request) { $user = $request->getUser(); $em = $this->getDoctrine()->getManager(); $absences = $em->getRepository('UserBundle:AbsenceType')->findAll(); $presences = $em->getRepository('UserBundle:PresenceType')->findAll(); return $this->render('UserBundle:Default:collaborateur.html.twig', array('user' => $user, 'absences' => $absences, 'presences' => $presences)); }
/** * Realiza ateste por local * * @param Request $request */ public function indexAction(Request $request) { $em = $this->getDoctrine()->getManager(); $logger = $this->get('logger'); $locale = $request->getLocale(); $form = $this->createForm(new LogPesquisaType()); $ateste = $this->createForm(new AtesteType()); if ($request->isMethod('POST')) { $data = $request->get('log_pesquisa'); $ateste_data = $request->get('Ateste'); $listaRedes = $request->get('redes'); $filtroLocais = array(); // Inicializa array com locais a pesquisar if (array_key_exists('idLocal', $data)) { foreach ($data['idLocal'] as $locais) { array_push($filtroLocais, $locais); } } // Só grava os dados se tiver lista de redes no formulário if (!empty($listaRedes)) { // Pega usuário da requisição $usuario = $request->getUser(); // Cria objeto do ateste $ateste_obj = new Ateste(); // Pega valores do formulário $ateste_obj->setData(new \DateTime()); $ateste_obj->setUsuario($usuario); $ateste_obj->setDescricao($ateste_data['descricao']); $ateste_obj->setAtestado($ateste_data['atestado']); $ateste_obj->setDetalhes($ateste_data['detalhes']); $ateste_obj->setQualidadeServico($ateste_data['qualidade_servico']); // Grava dados no banco $em->persist($ateste_obj); $em->flush(); // Agora relaciona redes foreach ($listaRedes as $rede) { // Pega número de computadores para a rede $estacoes = $request->get("rede_{$rede}"); // Armazena relação entre ateste e redes $ateste_rede = new AtesteRedes(); $ateste_rede->setRede($em->getRepository('CacicCommonBundle:Rede')->find($rede)); $ateste_rede->setAteste($ateste_obj); $ateste_rede->setEstacoes($estacoes); $em->persist($ateste_rede); } // COMMIT $em->flush(); $this->get('session')->getFlashBag()->add('success', 'Ateste realizado com sucesso!'); } $logs = $this->getDoctrine()->getRepository('CacicCommonBundle:LogAcesso')->pesquisar($data['dtAcaoInicio'], $data['dtAcaoFim'], $filtroLocais); //convertando a string em formato pt-BR para en-EN $dtAcaoInicio = $data['dtAcaoInicio']; $dtAcaoInicio = substr($dtAcaoInicio, 6, 4) . "-" . substr($dtAcaoInicio, 3, 2) . "-" . substr($dtAcaoInicio, 0, 2); $dtAcaoFim = $data['dtAcaoInicio']; $dtAcaoFim = substr($dtAcaoFim, 6, 4) . "-" . substr($dtAcaoFim, 3, 2) . "-" . substr($dtAcaoFim, 0, 2); } return $this->render('CacicCommonBundle:Ateste:index.html.twig', array('locale' => $locale, 'form' => $form->createView(), 'ateste' => $ateste->createView(), 'logs' => isset($logs) ? $logs : null, 'dtAcaoInicio' => $dtAcaoInicio, 'dtAcaoFim' => $dtAcaoFim)); }
public function createContexts(Request $request) { $map = array('request_method' => $request->getMethod(), 'request_uri' => $request->getRequestUri(), 'request_route' => $request->attributes->get('_route'), 'request_host' => $request->getHost(), 'request_port' => $request->getPort(), 'request_scheme' => $request->getScheme(), 'request_client_ip' => $request->getClientIp(), 'request_content_type' => $request->getContentType(), 'request_acceptable_content_types' => $request->getAcceptableContentTypes(), 'request_etags' => $request->getETags(), 'request_charsets' => $request->getCharsets(), 'request_languages' => $request->getLanguages(), 'request_locale' => $request->getLocale(), 'request_auth_user' => $request->getUser(), 'request_auth_has_password' => !is_null($request->getPassword())); // Attributes from newer versions. if (method_exists($request, 'getEncodings')) { $map['request_encodings'] = $request->getEncodings(); } if (method_exists($request, 'getClientIps')) { $map['request_client_ips'] = $request->getClientIps(); } return $map; }
/** * @param Request $request * * @return ApiClientInterface * * @throws BadClientCredentialsHttpException * @throws ClientNonTrustedHttpException * @throws ClientBlockedHttpException */ protected function getClient(Request $request) { $client = $this->apiClientRepository->findOneByKeyAndSecret($request->getUser(), $request->getPassword()); if (!$client instanceof ApiClientInterface) { throw new BadClientCredentialsHttpException(); } elseif ($client->isBlocked()) { throw new ClientBlockedHttpException(); } elseif (!$client->isTrusted()) { throw new ClientNonTrustedHttpException(); } return $client; }
protected function logRequest(Request $request) { $msg = 'Request "{request_method} {request_uri}"'; $map = array('request_method' => $request->getMethod(), 'request_uri' => $request->getRequestUri(), 'request_host' => $request->getHost(), 'request_port' => $request->getPort(), 'request_scheme' => $request->getScheme(), 'request_client_ip' => $request->getClientIp(), 'request_content_type' => $request->getContentType(), 'request_acceptable_content_types' => $request->getAcceptableContentTypes(), 'request_etags' => $request->getETags(), 'request_charsets' => $request->getCharsets(), 'request_languages' => $request->getLanguages(), 'request_locale' => $request->getLocale(), 'request_auth_user' => $request->getUser(), 'request_auth_has_password' => !is_null($request->getPassword())); // Attributes from newer versions. if (method_exists($request, 'getEncodings')) { $map['request_encodings'] = $request->getEncodings(); } if (method_exists($request, 'getClientIps')) { $map['request_client_ips'] = $request->getClientIps(); } $this->logger->log($this->logLevel, $msg, $map); }
/** * @Route("/api/tokens", name="post_token") * @Method("POST") */ public function createAction(Request $request) { $user = $this->getDoctrine()->getRepository('AppBundle:User')->findOneBy(['username' => $request->getUser()]); if (!$user) { throw $this->createNotFoundException(); } $isValid = $this->get('security.password_encoder')->isPasswordValid($user, $request->getPassword()); if (!$isValid) { throw new BadCredentialsException(); } $token = $this->get('lexik_jwt_authentication.encoder')->encode(['username' => $user->getUsername()]); return new JsonResponse(['token' => $token]); }
/** * Get all headers that have to be send with the error response * @return array Array with header values */ public function getHttpHeaders() { $headers = []; switch ($this->httpStatusCode) { case 401: $headers[] = 'HTTP/1.1 401 Unauthorized'; break; case 500: $headers[] = 'HTTP/1.1 500 Internal Server Error'; break; case 501: $headers[] = 'HTTP/1.1 501 Not Implemented'; break; case 400: default: $headers[] = 'HTTP/1.1 400 Bad Request'; break; } // Add "WWW-Authenticate" header // // RFC 6749, section 5.2.: // "If the client attempted to authenticate via the 'Authorization' // request header field, the authorization server MUST // respond with an HTTP 401 (Unauthorized) status code and // include the "WWW-Authenticate" response header field // matching the authentication scheme used by the client. // @codeCoverageIgnoreStart if ($this->errorType === 'invalid_client') { $authScheme = null; $request = new Request(); if ($request->getUser() !== null) { $authScheme = 'Basic'; } else { $authHeader = $request->headers->get('Authorization'); if ($authHeader !== null) { if (strpos($authHeader, 'Bearer') === 0) { $authScheme = 'Bearer'; } elseif (strpos($authHeader, 'Basic') === 0) { $authScheme = 'Basic'; } } } if ($authScheme !== null) { $headers[] = 'WWW-Authenticate: ' . $authScheme . ' realm=""'; } } // @codeCoverageIgnoreEnd return $headers; }
/** * @param \Symfony\Component\HttpFoundation\Request $request * @param int $grantTypeFlow * @param \Atrauzzi\Oauth2Server\Domain\Entity\Oauthable $oauthable * @return array * @throws \Atrauzzi\Oauth2Server\Exception\InvalidClient * @throws \Atrauzzi\Oauth2Server\Exception\InvalidCredentials * @throws \Atrauzzi\Oauth2Server\Exception\InvalidRefresh * @throws \Atrauzzi\Oauth2Server\Exception\InvalidRequest * @throws \Atrauzzi\Oauth2Server\Exception\InvalidScope * @throws \Atrauzzi\Oauth2Server\Exception\UnsupportedFlow */ public function doFlow(Request $request, $grantTypeFlow, Oauthable $oauthable = null) { if ($grantTypeFlow != self::FLOW_DEFAULT) { throw new UnsupportedFlow(get_class(), $grantTypeFlow); } if (!($clientId = $request->get('client_id', $request->getUser()))) { throw new InvalidRequest('client_id'); } if (!($clientSecret = $request->get('client_secret', $request->getPassword()))) { throw new InvalidRequest('client_secret'); } if (!($oldRefreshTokenParam = $request->get('refresh_token', null))) { throw new InvalidRequest('refresh_token'); } if (!($client = $this->clientRepository->find($clientId, $clientSecret, $this->getIdentifier()))) { throw new InvalidClient(); } if (!($originalRefreshToken = $this->refreshTokenRepository->find($oldRefreshTokenParam))) { throw new InvalidRefresh(); } if ($originalRefreshToken->isExpired()) { throw new InvalidRefresh(); } // // $originalScopes = $originalRefreshToken->getScopeNames(); $requestedScopes = array_keys($this->scopeService->findValid($request->get('scope'), null, $client->getId(), $this->getIdentifier())); $disallowedScopes = array_diff($requestedScopes, $originalScopes); if (count($disallowedScopes)) { throw new InvalidScope($disallowedScopes); } $scopes = count($requestedScopes) ? $requestedScopes : $originalScopes; $accessToken = $this->accessTokenRepository->create(SecureKey::generate(), $this->config->getAccessTokenTtl() + time(), $originalRefreshToken->getOauthableId(), $originalRefreshToken->getOauthableType(), $client->getId(), $scopes); $tokenStrategy = $this->config->getTokenStrategy(); if ($this->config->shouldRotateRefreshTokens()) { $newRefreshToken = $this->refreshTokenRepository->create(SecureKey::generate(), $this->config->getRefreshTokenTtl() + time(), $originalRefreshToken->getOauthableId(), $originalRefreshToken->getOauthableType(), $client->getId(), $scopes); $this->refreshTokenRepository->delete($originalRefreshToken); unset($originalRefreshToken); $this->refreshTokenRepository->persist($newRefreshToken); $accessToken->setRefreshTokenId($newRefreshToken->getId()); // ToDo: Should we try to convey refresh token expiry? $tokenStrategy->setParam('refresh_token', $newRefreshToken->getId()); } $this->accessTokenRepository->persist($accessToken); $tokenStrategy->setParam('access_token', $accessToken->getId()); $tokenStrategy->setParam('expires_in', $this->config->getAccessTokenTtl()); return $tokenStrategy->generateResponse(); }
/** * Lista de notificações para o usuário no formato JSON * * @param Request $request * @return JsonResponse */ public function getAction(Request $request) { $em = $this->getDoctrine()->getManager(); $logger = $this->get('logger'); $limit = $request->get('limit'); $offset = $request->get('offset'); if ($this->get('security.context')->isGranted('ROLE_ADMIN')) { // Nesse caso podem ser listadas todas as notificações $notifications = $em->getRepository("CacicCommonBundle:Notifications")->getNotifications($limit, $offset, null, true); } else { $user = $request->getUser(); // Pega somente as notificações atribuídas a esse usuário $notifications = $em->getRepository("CacicCommonBundle:Notifications")->getNotifications($limit, $offset, $user->getEmail(), true); } // Serialize objects to JSON $serializer = $this->get('jms_serializer'); $jsonContent = $serializer->serialize($notifications, 'json'); $response = new JsonResponse(); $response->setStatusCode(200); $response->setContent($jsonContent); return $response; }
/** * Conducts the checks and operations necessary for the flow indicated in the request. * * @param \Symfony\Component\HttpFoundation\Request $request * @param int $grantTypeFlow * @param \Atrauzzi\Oauth2Server\Domain\Entity\Oauthable $oauthable * @return array * @throws \Atrauzzi\Oauth2Server\Exception\InvalidClient * @throws \Atrauzzi\Oauth2Server\Exception\InvalidRequest */ public function doFlow(Request $request, $grantTypeFlow, Oauthable $oauthable = null) { if (!($clientId = $request->get('client_id', $request->getUser()))) { throw new InvalidRequest('client_id'); } if (!($clientSecret = $request->get('client_secret', $request->getPassword()))) { throw new InvalidRequest('client_secret'); } if (!($client = $this->clientRepository->find($clientId, $clientSecret, $this->getIdentifier()))) { throw new InvalidClient(); } $scopes = $this->scopeService->findValid($request->get('scope')); // // $accessToken = $this->accessTokenRepository->create(SecureKey::generate(), $this->config->getAccessTokenTtl() + time(), $oauthable->getId(), $oauthable->getType(), $client->getId(), array_keys($scopes)); // ToDo: Do we do refresh tokens for this grant type? $this->accessTokenRepository->persist($accessToken); $tokenStrategy = $this->config->getTokenStrategy(); $tokenStrategy->setParam('access_token', $accessToken->getId()); $tokenStrategy->setParam('expires_in', $this->config->getAccessTokenTtl()); return $tokenStrategy->generateResponse(); }
/** * @param \Symfony\Component\HttpFoundation\Request $request * @param int $grantTypeFlow * @param \Atrauzzi\Oauth2Server\Domain\Entity\Oauthable $oauthable * @return mixed * @throws \Atrauzzi\Oauth2Server\Exception\InvalidClient * @throws \Atrauzzi\Oauth2Server\Exception\InvalidCredentials * @throws \Atrauzzi\Oauth2Server\Exception\InvalidRequest * @throws \Atrauzzi\Oauth2Server\Exception\InvalidScope * @throws \Atrauzzi\Oauth2Server\Exception\ServerError */ public function doFlow(Request $request, $grantTypeFlow, Oauthable $oauthable = null) { if (!$oauthable instanceof Oauthable) { throw new InvalidCredentials(); } if ($clientId = $request->get('client_id', $request->getUser())) { throw new InvalidRequest('client_id'); } if ($clientSecret = $request->get('client_secret', $request->getPassword())) { throw new InvalidRequest('client_secret'); } if (!($client = $this->clientRepository->find($clientId, $clientSecret, $this->getIdentifier()))) { throw new InvalidClient(); } if (!($username = $request->get('username'))) { throw new InvalidRequest('username'); } if ($password = $request->get('password')) { throw new InvalidRequest('password'); } // // $scopes = $this->scopeService->findValid($request->get('scopes'), $this->getIdentifier(), $client->getId()); $accessToken = $this->accessTokenRepository->create(SecureKey::generate(), $this->config->getAccessTokenTtl() + time(), $oauthable->getId(), $oauthable->getType(), $client->getId(), array_keys($scopes)); $tokenStrategy = $this->config->getTokenStrategy(); if ($this->config->hasGrantType('refresh_token')) { $refreshToken = $this->refreshTokenRepository->create(SecureKey::generate(), $this->config->getRefreshTokenTtl() + time(), $oauthable->getId(), $oauthable->getType(), $client->getId(), array_keys($scopes)); $this->refreshTokenRepository->persist($refreshToken); $accessToken->setRefreshTokenId($refreshToken->getId()); $tokenStrategy->setParam('refresh_token', $refreshToken->getId()); } $this->accessTokenRepository->persist($accessToken); $tokenStrategy->setParam('access_token', $accessToken->getId()); $tokenStrategy->setParam('expires_in', $this->config->getAccessTokenTtl()); return $tokenStrategy->generateResponse(); }
public function createSidebarMenu(Request $request, $voci) { $this->addVoci($voci); $this->request = $request->getUser(); $menu = $this->factory->createItem('root'); $menu->setAttribute('id', 'menu_sidebar')->setAttribute('class', 'navigation bordered'); $this->buildSidebarMenu($menu, $voci, $request->get('_route')); return $menu; }
/** * Exchange an oauth code for an access and optionally a refresh token. * * @param \Symfony\Component\HttpFoundation\Request $request * @return array * @throws \Atrauzzi\Oauth2Server\Exception\InvalidClient * @throws \Atrauzzi\Oauth2Server\Exception\InvalidRequest */ protected function doExchangeFlow(Request $request) { if (!($clientId = $request->get('client_id', $request->getUser()))) { throw new InvalidRequest('client_id'); } if (!($clientSecret = $request->get('client_secret', $request->getPassword()))) { throw new InvalidRequest('client_secret'); } if (!($redirectUri = $request->request->get('redirect_uri', null))) { throw new InvalidRequest('redirect_uri'); } $client = $this->clientRepository->find($clientId, $clientSecret, $this->getIdentifier(), $redirectUri); if (!$client instanceof Client) { throw new InvalidClient(); } $authCode = $this->authorizationCodeRepository->find($request->get('code')); if (!$authCode instanceof AuthorizationCodeEntity) { throw new InvalidRequest('code'); } if ($authCode->isExpired()) { throw new InvalidRequest('code'); } if ($authCode->getRedirectUri() != $redirectUri) { throw new InvalidRequest('redirect_uri'); } // // $ttl = $this->config->getAccessTokenTtl(); $accessToken = $this->accessTokenRepository->create(SecureKey::generate(), $ttl + time(), $authCode->getOauthableId(), $authCode->getOauthableType(), $authCode->getClientId(), $authCode->getScopeNames()); $this->authorizationCodeRepository->delete($authCode); unset($authCode); $tokenStrategy = $this->config->getTokenStrategy(); if ($this->config->hasGrantType('refresh_token')) { $refreshToken = $this->refreshTokenRepository->create(SecureKey::generate(), $this->config->getRefreshTokenTtl() + time(), $accessToken->getOauthableId(), $accessToken->getOauthableType(), $accessToken->getClientId(), $accessToken->getScopeNames()); $this->refreshTokenRepository->persist($refreshToken); $accessToken->setRefreshTokenId($refreshToken->getId()); $tokenStrategy->setParam('refresh_token', $refreshToken->getId()); } $this->accessTokenRepository->persist($accessToken); $tokenStrategy->setParam('access_token', $accessToken->getId()); $tokenStrategy->setParam('expires_in', $ttl); return $tokenStrategy->generateResponse(); }
/** * @param Request $request * * @return boolean */ public function supportRequestToken(Request $request) { $clientExist = $request->getUser() && $request->getPassword(); $oauthParams = $request->get('grant_type') === 'password' && $request->headers->get('username') && $request->headers->get('password'); return $oauthParams && $clientExist; }
/** * @param Request $request * * @return boolean */ public function supportRequestToken(Request $request) { $client = $request->getUser() && $request->getPassword(); $token = 'refresh_token' == $request->get('grant_type') && $request->get('refresh_token'); return $client && $token; }
/** * Request のログを出力する. * * @param Request $request * @return string Request のログ */ protected function logRequest(Request $request) { $log = ''; $log .= $this->logKeyValuePair('REMOTE_ADDR', $request->getClientIp()); $log .= $this->logKeyValuePair('SCRIPT_NAME', $request->getScriptName()); $log .= $this->logKeyValuePair('PATH_INFO', $request->getPathInfo()); $log .= $this->logKeyValuePair('BASE_PATH', $request->getBasePath()); $log .= $this->logKeyValuePair('BASE_URL', $request->getBaseUrl()); $log .= $this->logKeyValuePair('SCHEME', $request->getScheme()); $log .= $this->logKeyValuePair('REMOTE_USER', $request->getUser()); $log .= $this->logKeyValuePair('HTTP_HOST', $request->getSchemeAndHttpHost()); $log .= $this->logKeyValuePair('REQUEST_URI', $request->getRequestUri()); $log .= $this->logKeyValuePair('METHOD', $request->getRealMethod()); $log .= $this->logKeyValuePair('LOCALE', $request->getLocale()); // $log .= $this->logArray($request->server->all(), '[server]'); // 大量にログ出力される... $log .= $this->logArray($request->headers->all(), '[header]'); $log .= $this->logArray($request->query->all(), '[get]'); $log .= $this->logArray($request->request->all(), '[post]'); $log .= $this->logArray($request->attributes->all(), '[attributes]'); $log .= $this->logArray($request->cookies->all(), '[cookie]'); $log .= $this->logArray($request->files->all(), '[files]'); return $log; }
/** * @param Request $request * * @return boolean */ public function supportRequestToken(Request $request) { $clientExist = $request->getUser() && $request->getPassword(); $oauthParams = $request->get('grant_type') === 'client_credentials'; return $oauthParams && $clientExist; }
/** * Authenticates a user by basic authentication * * @param Request $request * @return Session|null */ private function authBasic(Request $request) { $user = $this->findUser($request->getUser()); if ($user !== null && $this->verifyUser($user, $request->getPassword())) { $session = $this->findSession($user); if ($session === null) { $session = $this->createSession($user); } $this->authenticated = true; return $session; } return null; }
/** * Get the credential array for a HTTP Basic request. * * @param \Symfony\Component\HttpFoundation\Request $request * @param string $field * @return array */ protected function getBasicCredentials(Request $request, $field) { return array($field => $request->getUser(), 'password' => $request->getPassword()); }
/** * @param Request $request * @Route("/profile/participant/remove", name="user_remove_participant", options = {"expose"=true}) * @return response * @throws NotFoundHttpException */ function removeParticipantAction(Request $request) { if ($request->isXmlHttpRequest()) { if (null == $this->getUser()) { throw new NotFoundHttpException("L'Utilisateur n'existe pas."); } $em = $this->getDoctrine()->getManager(); $participant = $em->getRepository('MCBundle:Participant')->findBy(array("user" => $request->get('participant'), "seance" => $request->get('id'))); if (null === $participant[0]) { throw new NotFoundHttpException("L'Participation dont la séance ID: " . $request->get('id') . " et User ID: " . $request->getUser()->getId() . " n'existe pas."); } $message = ucfirst($participant[0]->getUser()->getUsername()) . " a été retiré de la séance:" . $participant[0]->getSeance()->getFilm()->getTitle() . " - " . $participant[0]->getSeance()->getTypeView(); $participant[0]->setDisable(false); $em->remove($participant); $em->flush(); $participants = $em->getRepository('MCBundle:Participant')->findParticipant($this->getUser()->getId()); $request->getSession()->set('COUNT_PARTICIPANT', COUNT($participants)); return new Response(json_encode(array('result' => 'success', 'message' => $message, 'count' => $request->getSession()->get('COUNT_PARTICIPANT')))); } return new response(json_encode(array('result' => 'error', "message" => "Error: isXmlHttpRequest"))); }