/** * @inheritdoc */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new CustomUserMessageAuthenticationException('Invalid username or password'); } $username = $token->getUsername(); $password = $token->getCredentials(); $sessionCreationResult = null; try { $sessionCreationResult = $this->userSessionRepository->createSessionIdByCredentials($username, $password); } catch (\InvalidArgumentException $e) { throw new CustomUserMessageAuthenticationException('Invalid username or password'); } catch (RepositoryInfrastructureException $e) { throw new CustomUserMessageAuthenticationException('Cannot connect to Revive service'); } $passwordValid = $sessionCreationResult !== null && UserSessionCreationAuthenticationResult::isSuccess($sessionCreationResult->getSessionCreationAuthenticationResult()); if ($passwordValid) { $sessionId = $sessionCreationResult->getSessionId(); $roles = []; $roles[] = 'USER'; if (UserSessionCreationAuthorizationSessionCreationResult::isSuccess($sessionCreationResult->getSessionCreationAuthorizationSessionCreation())) { $roles[] = 'ADMIN'; } $token = new ReviveAuthenticationToken($user, $sessionId, $providerKey, $roles); return $token; } throw new CustomUserMessageAuthenticationException('Invalid username or password'); }
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $user = $userProvider->loadUserByUsername($token->getUsername()); if (!$user) { throw new AuthenticationException('User not found'); } return new PreAuthenticatedToken($user, $token->getUsername(), $providerKey, $user->getRoles()); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && ($token->isAuthenticated() || $this->crowd->isauthenticationvalid($token->getUsername(), $token->getCredentials()))) { $authenticatedToken = new CrowdToken($user->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; } throw new AuthenticationException('The Crowd authentication failed.'); }
/** * @param TokenInterface $token * @return WsseToken|TokenInterface */ public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $this->validateDigest($token->getAttribute('digest'), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user), $user)) { $authenticatedToken = new WsseToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; } $this->logger->error(sprintf('Attempt of unauthorized access for user: %s', $token->getUsername())); throw new AuthenticationException(' Incorrect email or password.'); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @throw AuthenticationException * @thorw BadCredentialsException * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new AuthenticationException(sprintf('Can\'t find user by "%s" username', $token->getUsername())); } if (true === $this->pamAuth($token->getUsername(), $token->getCredentials())) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, in_array($user->getUsername(), $this->rootUsers) ? ['ROLE_USER', 'ROLE_ADMIN'] : ['ROLE_USER']); } throw new BadCredentialsException('Bad credentials', 403); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user) { if ($this->validateDigest((string) $token->digest, $token->getUsername(), $token->nonce, $token->created, $user->getAuthSecret())) { $authenticatedToken = new WsseUserToken(array('IS_AUTHENTICATED')); $authenticatedToken->setUser($user); $authenticatedToken->setAuthenticated(TRUE); return $authenticatedToken; } } throw new AuthenticationException('The WSSE authentication failed.'); }
/** * {@inheritdoc} */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { if ($request->isXmlHttpRequest()) { return new JsonResponse(['success' => true, 'username' => $token->getUsername()]); } return parent::onAuthenticationSuccess($request, $token); }
/** * Function used for user authentication based on token object * * @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token * @param \Symfony\Component\Security\Core\User\UserProviderInterface $userProvider * @param string $providerKey * @return \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken * @throws BadCredentialsException */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $passwordValid = false; // Load user object try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new BadCredentialsException('Invalid username or password', 0, $e); } try { $this->userChecker->checkPreAuth($user); // Call the correct authentication method if (null !== $this->ldapManager && $user->isLdapEnabled()) { $passwordValid = $this->checkAuthenticationLdap($user, $token); } else { $passwordValid = $this->checkAuthentication($user, $token); } $this->userChecker->checkPostAuth($user); } catch (BadCredentialsException $e) { if ($this->hideUserNotFoundExceptions) { throw new BadCredentialsException('Invalid username or password', 0, $e); } throw $e; } // Set the authenticated token if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new BadCredentialsException('Invalid username or password'); }
/** * * @param Request $request * @param Response $response * @param TokenInterface $token * @return void */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { //trigger_error(var_export($token->getUsername() , 1)); $this->em->getRepository('SportnetzwerkSpnBundle:Player')->updateOnlineFlag($token->getUsername(), 1); //kdos: must have when using an ajax login return new JsonResponse(array('data' => 'Credentials ok'), 200); }
public function authenticate(TokenInterface $token) { if (strlen($token->getOAuthToken()) === 0) { $url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_id=" . $this->remoteApiId . "&client_secret=" . $this->remoteApiSecret . "&grant_type=password" . "&username="******"&password=" . $token->getPassword(); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $apiResponse = json_decode(curl_exec($ch)); curl_close($ch); if (isset($apiResponse->access_token)) { $user = $this->userManager->createUser(); $user->setUsername($token->getUsername()); $authenticatedToken = new OAuthUserToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setOAuthToken($apiResponse->access_token); $authenticatedToken->setRefreshToken($apiResponse->refresh_token); $authenticatedToken->setTokenType($apiResponse->token_type); // We take 3 minutes less (180 seconds) just to be sure. $authenticatedToken->setExpireTime(time() + $apiResponse->expires_in - 180); return $authenticatedToken; } elseif (isset($apiResponse->error_description)) { throw new AuthenticationException($apiResponse->error_description); } else { throw new AuthenticationException('The OAuth authentication failed.'); } } else { return $token; } }
/** * Attempt to authenticate the provided token using the provided user provider. * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param string $providerKey * @return UsernamePasswordToken * @throws BadCredentialsException */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { if (($user = $userProvider->loadUserByUsername($token->getUsername())) && $user->getPassword() == $token->getCredentials()) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new BadCredentialsException('The presented password is invalid.'); }
/** * {@inheritDoc} */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { if ($request->isXmlHttpRequest()) { $json = array('ok' => true, 'username' => $token->getUsername()); return new \Symfony\Component\HttpFoundation\JsonResponse($json); } return parent::onAuthenticationSuccess($request, $token); }
public function authenticate(TokenInterface $token) { if ($token->getUsername() == 'new_user_registration') { return $token; } else { $this->user = $this->userProvider->loadUserByUsername(array($token->getUsername())); if ($this->user) { $plainUserPassword = base64_decode($token->encryptedPass); if ($this->_hash_equals(crypt($plainUserPassword, $this->user->getSalt()), $this->user->getPassword())) { $authenticatedToken = new CustomAuthToken($this->user->getRoles()); $authenticatedToken->setUser($this->user); return $authenticatedToken; } } } throw new AuthenticationException('Authentication failed.'); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $user = $userProvider->loadUserByUsername($token->getUsername()); $params = ["client_id" => $this->config['client_id'], "client_secret" => $this->config['client_secret'], "email" => $token->getUsername(), "password" => $token->getCredentials()]; try { $storage = $this->emailTokenProvider->authentificate($this->config['endpoint'], $params, $this->config['grant']); } catch (BadAuthentificationException $e) { // CAUTION: this message will be returned to the client // (so don't put any un-trusted messages / error strings here) throw new CustomUserMessageAuthenticationException('Invalid credentials'); } $emailToken = new EmailToken($user, $user->getPassword(), $providerKey, $user->getRoles()); $emailToken->setAccessToken($storage['accessToken']); $emailToken->setRefreshToken($storage['refreshToken']); $emailToken->setExpiresIn($storage['expiresIn']); return $emailToken; }
/** * Function used for user authentication based on token object * * @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token * @param \Symfony\Component\Security\Core\User\UserProviderInterface $userProvider * @param type $providerKey * @return \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken * @throws BadCredentialsException */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $passwordValid = false; // Loda user object try { $user = $userProvider->loadUserByUsername($token->getUsername()); } catch (UsernameNotFoundException $e) { throw new BadCredentialsException('Invalid username or password', 0, $e); } // Check if ldap extension is enabled and user's ldap flag is set. if (null !== $this->ldapManager && $user->isLdapEnabled()) { try { $this->ldapManager->bind($token->getUsername(), $token->getCredentials()); $passwordValid = (bool) $this->ldapManager->getBoundUser(); if (null !== $this->logger && !$token->isAuthenticated()) { $this->logger->info("[LdapAuthenticator] Ldap authentication successful.", array('user' => $this->ldapManager->getBoundUser())); } } catch (\Zend\Ldap\Exception\LdapException $e) { throw new BadCredentialsException('Invalid username or password', 0, $e); } } else { $currentUser = $token->getUser(); if ($currentUser instanceof UserInterface) { if ($currentUser->getPassword() !== $user->getPassword()) { throw new BadCredentialsException('The credentials were changed from another session.'); } else { $passwordValid = true; } } else { if ("" === ($presentedPassword = $token->getCredentials())) { throw new BadCredentialsException('Invalid username or password.'); } if (!($passwordValid = $this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt()))) { throw new BadCredentialsException('Invalid username or password.'); } } if (null !== $this->logger && !$token->isAuthenticated()) { $this->logger->info("[LdapAuthenticator] Local authentication successful.", array('user' => $user->getUsername())); } } // Set the authenticated token if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new BadCredentialsException('Invalid username or password'); }
/** * @param TokenInterface $token * @param UserProviderInterface $userProvider * @param $providerKey * @return UsernamePasswordToken */ public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { try { if ($userProvider instanceof IsidoreApiUserProvider) { $user = $userProvider->loadUser($token->getUsername(), $token->getCredentials()); } else { $user = $userProvider->loadUserByUsername($token->getUsername()); } } catch (UsernameNotFoundException $e) { throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer."); } $passwordValid = $this->encoder->isPasswordValid($user, $token->getCredentials()); if ($passwordValid) { return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); } throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer."); }
/** * @param TokenInterface $token * * @return TokenInterface */ public function authenticate(TokenInterface $token) { $now = new \DateTime(); /** @var ApiUnauthenticatedUserToken $token */ $clientTokenInfos = $this->validateClientToken($token->getClientTokenInfos(), $now); $userTokenInfos = $this->validateUserToken($token->getUserTokenInfos(), $now); $username = $token->getUsername(); if ($token->isImpersonating()) { /** @var ApiUser $sudoer */ $sudoer = $this->userProvider->loadUserByUsername($token->getUsername()); if (!$sudoer->isAllowedToSwitch()) { throw new MissingSudoPrivilegeException(); } $username = $token->getImpersonatedUserInfos()['id']; } return new ApiAuthenticatedUserToken($clientTokenInfos, $userTokenInfos, $this->userProvider->loadUserByUsername($username)); }
/** * {@inheritDoc} */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { if ($request->isXmlHttpRequest() || $request->getRequestFormat() !== 'html') { $json = array('username' => $token->getUsername(), 'redirectUrl' => $this->determineTargetUrl($request)); return new Response(json_encode($json)); } return parent::onAuthenticationSuccess($request, $token); }
/** * {@inheritDoc} */ public function onAuthenticationSuccess(Request $request, TokenInterface $token) { if ($request->isXmlHttpRequest()) { $response = new JsonResponse(array('code' => 200, 'username' => $token->getUsername())); } else { $response = parent::onAuthenticationSuccess($request, $token); } return $response; }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $this->validateDigest($token->getCredentials(), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user))) { $authenticatedToken = new Token($user, $token->getCredentials(), $this->providerKey, $user->getRoles()); return $authenticatedToken; } throw new AuthenticationException('WSSE authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $user->isAuthenticated()) { $authenticatedToken = new MinisterioUserBridgeToken($user->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; } throw new AuthenticationException('The Ministerio User Bridge authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) { $authenticatedToken = new WsseUserToken($user->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; } throw new AuthenticationException('The WSSE authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user) { $authenticatedToken = new FbUserToken($user->getRoles()); $authenticatedToken->setUser($user); return $authenticatedToken; } throw new AuthenticationException('The Facebook authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); $newToken = new UserToken($token->getUser(), $token->getCredentials(), "secured_area", $user->getRoles()); $username = $newToken->getUser(); if (empty($username)) { throw new BadCredentialsException('Bad credentials :)'); } return $newToken; }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); die("XXX"); if ($user && $this->validateLdapUser($user)) { $token->setUser($user); return $token; } throw new AuthenticationException('The LDAP authentication failed.'); }
/** * @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token * @return bool * @throws \Laelaps\Bundle\FacebookAuthentication\Exception\InvalidUser */ public function authenticate(TokenInterface $token) { $user = $this->getUserProvider()->loadUserByUsername($token->getUsername()); if (!$user instanceof UserInterface) { throw new InvalidUserException($user); } $authenticatedToken = new FacebookUserToken($user); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; }
/** * {@inheritdoc} */ public function extractRoles(TokenInterface $token) { $user_roles = array(); foreach ($this->_roles as $role => $users) { if (is_array($users) && in_array($token->getUsername(), $users)) { $user_roles[] = new Role($role); } } return $user_roles; }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user) { $authencatedToken = new FacebookUserToken(['ROLE_FACEBOOK_USER']); $authencatedToken->setUser($user); return $authencatedToken; } throw new AuthenticationException('Facebook authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if (empty($user) || $user->checkToken($token->token) === false) { throw new AuthenticationException('Token authentication failed.'); } $token->setAuthenticated(true); $token->setUser($user); return $token; }
protected function onSuccess(GetResponseEvent $event, Request $request, TokenInterface $token) { if (null !== $this->logger) { $this->logger->info(sprintf('User "%s" has retrieved a JWT', $token->getUsername())); } $response = $this->successHandler->onAuthenticationSuccess($request, $token); if (!$response instanceof Response) { throw new \RuntimeException('Authentication Success Handler did not return a Response.'); } return $response; }