/** * {@inheritDoc} */ public function getSecurityIdentities(TokenInterface $token) { $sids = array(); // add user security identity $user = $token->getUser(); if ($user instanceof AccountInterface) { $sids[] = UserSecurityIdentity::fromAccount($user); } // add all reachable roles foreach ($this->roleHierarchy->getReachableRoles($token->getRoles()) as $role) { $sids[] = new RoleSecurityIdentity($role); } // add built-in special roles if ($this->authenticationTrustResolver->isFullFledged($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_FULLY); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } else { if ($this->authenticationTrustResolver->isRememberMe($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED); $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } else { if ($this->authenticationTrustResolver->isAnonymous($token)) { $sids[] = new RoleSecurityIdentity(AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY); } } } return $sids; }
/** * Refreshes the user by reloading it from the user provider * * @param TokenInterface $token * * @return TokenInterface|null */ protected function refreshUser(TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof AccountInterface) { return $token; } if (null !== $this->logger) { $this->logger->debug(sprintf('Reloading user from user provider.')); } foreach ($this->userProviders as $provider) { try { $cUser = $provider->loadUserByAccount($user); $token->setRoles($cUser->getRoles()); $token->setUser($cUser); if (false === $cUser->equals($user)) { $token->setAuthenticated(false); } return $token; } catch (UnsupportedAccountException $unsupported) { // let's try the next user provider } catch (UsernameNotFoundException $notFound) { return null; } } throw new \RuntimeException(sprintf('There is no user provider for user "%s".', get_class($user))); }
/** * Refreshes the user by reloading it from the user provider * * @param TokenInterface $token * @return TokenInterface|null */ protected function refreshUser(TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof AccountInterface) { return $token; } else { if (0 === strlen($username = (string) $token)) { return $token; } else { if (null === ($providerName = $token->getUserProviderName())) { return $token; } } } if (null !== $this->logger) { $this->logger->debug(sprintf('Reloading user from user provider "%s".', $providerName)); } foreach ($this->userProviders as $provider) { if (!$provider->isAggregate() && $provider->supports($providerName)) { try { $result = $provider->loadUserByUsername($username); if (!is_array($result) || 2 !== count($result)) { throw new \RuntimeException('Provider returned an invalid result.'); } list($cUser, $cProviderName) = $result; } catch (\Exception $ex) { if (null !== $this->logger) { $this->logger->debug(sprintf('An exception occurred while reloading the user: '******'User was loaded from different provider. Requested "%s", Used: "%s"', $providerName, $cProviderName)); } $token->setRoles($cUser->getRoles()); $token->setUser($cUser); if (false === $cUser->equals($user)) { $token->setAuthenticated(false); } return $token; } } throw new \RuntimeException(sprintf('There is no user provider named "%s".', $providerName)); }