/**
* @inheritdoc
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
try {
$user = $userProvider->loadUserByUsername($token->getUsername());
} catch (UsernameNotFoundException $e) {
throw new CustomUserMessageAuthenticationException('Invalid username or password');
}
$username = $token->getUsername();
$password = $token->getCredentials();
$sessionCreationResult = null;
try {
$sessionCreationResult = $this->userSessionRepository->createSessionIdByCredentials($username, $password);
} catch (\InvalidArgumentException $e) {
throw new CustomUserMessageAuthenticationException('Invalid username or password');
} catch (RepositoryInfrastructureException $e) {
throw new CustomUserMessageAuthenticationException('Cannot connect to Revive service');
}
$passwordValid = $sessionCreationResult !== null && UserSessionCreationAuthenticationResult::isSuccess($sessionCreationResult->getSessionCreationAuthenticationResult());
if ($passwordValid) {
$sessionId = $sessionCreationResult->getSessionId();
$roles = [];
$roles[] = 'USER';
if (UserSessionCreationAuthorizationSessionCreationResult::isSuccess($sessionCreationResult->getSessionCreationAuthorizationSessionCreation())) {
$roles[] = 'ADMIN';
}
$token = new ReviveAuthenticationToken($user, $sessionId, $providerKey, $roles);
return $token;
}
throw new CustomUserMessageAuthenticationException('Invalid username or password');
}
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$user = $userProvider->loadUserByUsername($token->getUsername());
if (!$user) {
throw new AuthenticationException('User not found');
}
return new PreAuthenticatedToken($user, $token->getUsername(), $providerKey, $user->getRoles());
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && ($token->isAuthenticated() || $this->crowd->isauthenticationvalid($token->getUsername(), $token->getCredentials()))) {
$authenticatedToken = new CrowdToken($user->getRoles());
$authenticatedToken->setUser($user);
return $authenticatedToken;
}
throw new AuthenticationException('The Crowd authentication failed.');
}
/**
* @param TokenInterface $token
* @return WsseToken|TokenInterface
*/
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && $this->validateDigest($token->getAttribute('digest'), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user), $user)) {
$authenticatedToken = new WsseToken($user->getRoles());
$authenticatedToken->setUser($user);
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
}
$this->logger->error(sprintf('Attempt of unauthorized access for user: %s', $token->getUsername()));
throw new AuthenticationException(' Incorrect email or password.');
}
/**
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param $providerKey
* @throw AuthenticationException
* @thorw BadCredentialsException
* @return UsernamePasswordToken
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
try {
$user = $userProvider->loadUserByUsername($token->getUsername());
} catch (UsernameNotFoundException $e) {
throw new AuthenticationException(sprintf('Can\'t find user by "%s" username', $token->getUsername()));
}
if (true === $this->pamAuth($token->getUsername(), $token->getCredentials())) {
return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, in_array($user->getUsername(), $this->rootUsers) ? ['ROLE_USER', 'ROLE_ADMIN'] : ['ROLE_USER']);
}
throw new BadCredentialsException('Bad credentials', 403);
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user) {
if ($this->validateDigest((string) $token->digest, $token->getUsername(), $token->nonce, $token->created, $user->getAuthSecret())) {
$authenticatedToken = new WsseUserToken(array('IS_AUTHENTICATED'));
$authenticatedToken->setUser($user);
$authenticatedToken->setAuthenticated(TRUE);
return $authenticatedToken;
}
}
throw new AuthenticationException('The WSSE authentication failed.');
}
/**
* {@inheritdoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
return new JsonResponse(['success' => true, 'username' => $token->getUsername()]);
}
return parent::onAuthenticationSuccess($request, $token);
}
/**
* Function used for user authentication based on token object
*
* @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token
* @param \Symfony\Component\Security\Core\User\UserProviderInterface $userProvider
* @param string $providerKey
* @return \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
* @throws BadCredentialsException
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$passwordValid = false;
// Load user object
try {
$user = $userProvider->loadUserByUsername($token->getUsername());
} catch (UsernameNotFoundException $e) {
throw new BadCredentialsException('Invalid username or password', 0, $e);
}
try {
$this->userChecker->checkPreAuth($user);
// Call the correct authentication method
if (null !== $this->ldapManager && $user->isLdapEnabled()) {
$passwordValid = $this->checkAuthenticationLdap($user, $token);
} else {
$passwordValid = $this->checkAuthentication($user, $token);
}
$this->userChecker->checkPostAuth($user);
} catch (BadCredentialsException $e) {
if ($this->hideUserNotFoundExceptions) {
throw new BadCredentialsException('Invalid username or password', 0, $e);
}
throw $e;
}
// Set the authenticated token
if ($passwordValid) {
return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles());
}
throw new BadCredentialsException('Invalid username or password');
}
/**
*
* @param Request $request
* @param Response $response
* @param TokenInterface $token
* @return void
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
//trigger_error(var_export($token->getUsername() , 1));
$this->em->getRepository('SportnetzwerkSpnBundle:Player')->updateOnlineFlag($token->getUsername(), 1);
//kdos: must have when using an ajax login
return new JsonResponse(array('data' => 'Credentials ok'), 200);
}
public function authenticate(TokenInterface $token)
{
if (strlen($token->getOAuthToken()) === 0) {
$url = $this->remoteApiUrl . "/oauth/v2/token?" . "client_id=" . $this->remoteApiId . "&client_secret=" . $this->remoteApiSecret . "&grant_type=password" . "&username="******"&password=" . $token->getPassword();
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$apiResponse = json_decode(curl_exec($ch));
curl_close($ch);
if (isset($apiResponse->access_token)) {
$user = $this->userManager->createUser();
$user->setUsername($token->getUsername());
$authenticatedToken = new OAuthUserToken($user->getRoles());
$authenticatedToken->setUser($user);
$authenticatedToken->setOAuthToken($apiResponse->access_token);
$authenticatedToken->setRefreshToken($apiResponse->refresh_token);
$authenticatedToken->setTokenType($apiResponse->token_type);
// We take 3 minutes less (180 seconds) just to be sure.
$authenticatedToken->setExpireTime(time() + $apiResponse->expires_in - 180);
return $authenticatedToken;
} elseif (isset($apiResponse->error_description)) {
throw new AuthenticationException($apiResponse->error_description);
} else {
throw new AuthenticationException('The OAuth authentication failed.');
}
} else {
return $token;
}
}
/**
* Attempt to authenticate the provided token using the provided user provider.
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param string $providerKey
* @return UsernamePasswordToken
* @throws BadCredentialsException
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
if (($user = $userProvider->loadUserByUsername($token->getUsername())) && $user->getPassword() == $token->getCredentials()) {
return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles());
}
throw new BadCredentialsException('The presented password is invalid.');
}
/**
* {@inheritDoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
$json = array('ok' => true, 'username' => $token->getUsername());
return new \Symfony\Component\HttpFoundation\JsonResponse($json);
}
return parent::onAuthenticationSuccess($request, $token);
}
public function authenticate(TokenInterface $token)
{
if ($token->getUsername() == 'new_user_registration') {
return $token;
} else {
$this->user = $this->userProvider->loadUserByUsername(array($token->getUsername()));
if ($this->user) {
$plainUserPassword = base64_decode($token->encryptedPass);
if ($this->_hash_equals(crypt($plainUserPassword, $this->user->getSalt()), $this->user->getPassword())) {
$authenticatedToken = new CustomAuthToken($this->user->getRoles());
$authenticatedToken->setUser($this->user);
return $authenticatedToken;
}
}
}
throw new AuthenticationException('Authentication failed.');
}
/**
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param $providerKey
* @return UsernamePasswordToken
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$user = $userProvider->loadUserByUsername($token->getUsername());
$params = ["client_id" => $this->config['client_id'], "client_secret" => $this->config['client_secret'], "email" => $token->getUsername(), "password" => $token->getCredentials()];
try {
$storage = $this->emailTokenProvider->authentificate($this->config['endpoint'], $params, $this->config['grant']);
} catch (BadAuthentificationException $e) {
// CAUTION: this message will be returned to the client
// (so don't put any un-trusted messages / error strings here)
throw new CustomUserMessageAuthenticationException('Invalid credentials');
}
$emailToken = new EmailToken($user, $user->getPassword(), $providerKey, $user->getRoles());
$emailToken->setAccessToken($storage['accessToken']);
$emailToken->setRefreshToken($storage['refreshToken']);
$emailToken->setExpiresIn($storage['expiresIn']);
return $emailToken;
}
/**
* Function used for user authentication based on token object
*
* @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token
* @param \Symfony\Component\Security\Core\User\UserProviderInterface $userProvider
* @param type $providerKey
* @return \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken
* @throws BadCredentialsException
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
$passwordValid = false;
// Loda user object
try {
$user = $userProvider->loadUserByUsername($token->getUsername());
} catch (UsernameNotFoundException $e) {
throw new BadCredentialsException('Invalid username or password', 0, $e);
}
// Check if ldap extension is enabled and user's ldap flag is set.
if (null !== $this->ldapManager && $user->isLdapEnabled()) {
try {
$this->ldapManager->bind($token->getUsername(), $token->getCredentials());
$passwordValid = (bool) $this->ldapManager->getBoundUser();
if (null !== $this->logger && !$token->isAuthenticated()) {
$this->logger->info("[LdapAuthenticator] Ldap authentication successful.", array('user' => $this->ldapManager->getBoundUser()));
}
} catch (\Zend\Ldap\Exception\LdapException $e) {
throw new BadCredentialsException('Invalid username or password', 0, $e);
}
} else {
$currentUser = $token->getUser();
if ($currentUser instanceof UserInterface) {
if ($currentUser->getPassword() !== $user->getPassword()) {
throw new BadCredentialsException('The credentials were changed from another session.');
} else {
$passwordValid = true;
}
} else {
if ("" === ($presentedPassword = $token->getCredentials())) {
throw new BadCredentialsException('Invalid username or password.');
}
if (!($passwordValid = $this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt()))) {
throw new BadCredentialsException('Invalid username or password.');
}
}
if (null !== $this->logger && !$token->isAuthenticated()) {
$this->logger->info("[LdapAuthenticator] Local authentication successful.", array('user' => $user->getUsername()));
}
}
// Set the authenticated token
if ($passwordValid) {
return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles());
}
throw new BadCredentialsException('Invalid username or password');
}
/**
* @param TokenInterface $token
* @param UserProviderInterface $userProvider
* @param $providerKey
* @return UsernamePasswordToken
*/
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
{
try {
if ($userProvider instanceof IsidoreApiUserProvider) {
$user = $userProvider->loadUser($token->getUsername(), $token->getCredentials());
} else {
$user = $userProvider->loadUserByUsername($token->getUsername());
}
} catch (UsernameNotFoundException $e) {
throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer.");
}
$passwordValid = $this->encoder->isPasswordValid($user, $token->getCredentials());
if ($passwordValid) {
return new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles());
}
throw new CustomUserMessageAuthenticationException("Identifiant ou mot de passe incorrect. Veuillez réessayer.");
}
/**
* @param TokenInterface $token
*
* @return TokenInterface
*/
public function authenticate(TokenInterface $token)
{
$now = new \DateTime();
/** @var ApiUnauthenticatedUserToken $token */
$clientTokenInfos = $this->validateClientToken($token->getClientTokenInfos(), $now);
$userTokenInfos = $this->validateUserToken($token->getUserTokenInfos(), $now);
$username = $token->getUsername();
if ($token->isImpersonating()) {
/** @var ApiUser $sudoer */
$sudoer = $this->userProvider->loadUserByUsername($token->getUsername());
if (!$sudoer->isAllowedToSwitch()) {
throw new MissingSudoPrivilegeException();
}
$username = $token->getImpersonatedUserInfos()['id'];
}
return new ApiAuthenticatedUserToken($clientTokenInfos, $userTokenInfos, $this->userProvider->loadUserByUsername($username));
}
/**
* {@inheritDoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest() || $request->getRequestFormat() !== 'html') {
$json = array('username' => $token->getUsername(), 'redirectUrl' => $this->determineTargetUrl($request));
return new Response(json_encode($json));
}
return parent::onAuthenticationSuccess($request, $token);
}
/**
* {@inheritDoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
$response = new JsonResponse(array('code' => 200, 'username' => $token->getUsername()));
} else {
$response = parent::onAuthenticationSuccess($request, $token);
}
return $response;
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && $this->validateDigest($token->getCredentials(), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user))) {
$authenticatedToken = new Token($user, $token->getCredentials(), $this->providerKey, $user->getRoles());
return $authenticatedToken;
}
throw new AuthenticationException('WSSE authentication failed.');
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && $user->isAuthenticated()) {
$authenticatedToken = new MinisterioUserBridgeToken($user->getRoles());
$authenticatedToken->setUser($user);
return $authenticatedToken;
}
throw new AuthenticationException('The Ministerio User Bridge authentication failed.');
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
$authenticatedToken = new WsseUserToken($user->getRoles());
$authenticatedToken->setUser($user);
return $authenticatedToken;
}
throw new AuthenticationException('The WSSE authentication failed.');
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user) {
$authenticatedToken = new FbUserToken($user->getRoles());
$authenticatedToken->setUser($user);
return $authenticatedToken;
}
throw new AuthenticationException('The Facebook authentication failed.');
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
$newToken = new UserToken($token->getUser(), $token->getCredentials(), "secured_area", $user->getRoles());
$username = $newToken->getUser();
if (empty($username)) {
throw new BadCredentialsException('Bad credentials :)');
}
return $newToken;
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
die("XXX");
if ($user && $this->validateLdapUser($user)) {
$token->setUser($user);
return $token;
}
throw new AuthenticationException('The LDAP authentication failed.');
}
/**
* @param \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token
* @return bool
* @throws \Laelaps\Bundle\FacebookAuthentication\Exception\InvalidUser
*/
public function authenticate(TokenInterface $token)
{
$user = $this->getUserProvider()->loadUserByUsername($token->getUsername());
if (!$user instanceof UserInterface) {
throw new InvalidUserException($user);
}
$authenticatedToken = new FacebookUserToken($user);
$authenticatedToken->setAuthenticated(true);
return $authenticatedToken;
}
/**
* {@inheritdoc}
*/
public function extractRoles(TokenInterface $token)
{
$user_roles = array();
foreach ($this->_roles as $role => $users) {
if (is_array($users) && in_array($token->getUsername(), $users)) {
$user_roles[] = new Role($role);
}
}
return $user_roles;
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if ($user) {
$authencatedToken = new FacebookUserToken(['ROLE_FACEBOOK_USER']);
$authencatedToken->setUser($user);
return $authencatedToken;
}
throw new AuthenticationException('Facebook authentication failed.');
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
if (empty($user) || $user->checkToken($token->token) === false) {
throw new AuthenticationException('Token authentication failed.');
}
$token->setAuthenticated(true);
$token->setUser($user);
return $token;
}
protected function onSuccess(GetResponseEvent $event, Request $request, TokenInterface $token)
{
if (null !== $this->logger) {
$this->logger->info(sprintf('User "%s" has retrieved a JWT', $token->getUsername()));
}
$response = $this->successHandler->onAuthenticationSuccess($request, $token);
if (!$response instanceof Response) {
throw new \RuntimeException('Authentication Success Handler did not return a Response.');
}
return $response;
}
