/** * Automatic post-registration user authentication */ protected function authenticateAccount(Netizen $account) { $cred = $account->getCredential(); $token = new Token('secured_area', $cred->getProviderKey(), $cred->getUid(), $account->getRoles()); $token->setUser($account); $this->get('security.context')->setToken($token); }
public function buildToken(Request $req, $firewallName) { $uid = $req->query->get('uid'); $token = new Token($firewallName, 'dummy', $uid, [self::IDENTIFIED]); $token->setAttribute('nickname', $req->query->get('nickname')); if (!empty($req->query->get('gender'))) { $token->setAttribute('gender', $req->query->get('gender')); } return $token; }
public function buildToken(Request $req, $firewallName) { $token = $this->provider->getAccessToken('authorization_code', ['code' => $req->query->get('code')]); $providerKey = $req->attributes->get('provider'); // We got an access token, let's now get the user's details /** @var \League\OAuth2\Client\Entity\User */ $userDetails = $this->provider->getUserDetails($token); $internToken = new Token($firewallName, $providerKey, $userDetails->uid, [self::IDENTIFIED]); $internToken->setAttribute('nickname', $userDetails->name); $internToken->setAttribute('gender', ($userDetails->gender = 'male') ? 'xy' : 'xx'); $this->logger->debug('facebook', $userDetails->getArrayCopy()); return $internToken; }
protected function setUp() { $kernel = static::createKernel(); $kernel->boot(); $this->formFactory = $kernel->getContainer()->get('form.factory'); $this->collection = $kernel->getContainer()->get('dokudoki.collection'); $this->factory = $kernel->getContainer()->get('security.netizen.factory'); $this->repository = $kernel->getContainer()->get('social.netizen.repository'); $session = $kernel->getContainer()->get('session'); $token = new Token('secured_area', 'dummy', '123456789'); $token->setAttribute('nickname', 'dummy nickname'); $session->set(NotRegisteredHandler::IDENTIFIED_TOKEN, $token); $this->sut = $this->formFactory->create('netizen_register', null, ['csrf_protection' => false, 'minimumAge' => 6, 'adminMode' => false]); }
/** * @dataProvider getUser */ public function testRedirect($granted, $path) { $default = new Netizen(new Author('kirk')); $default->setCredential(new OAuth('1701', 'ufp')); $request = new Request(); $token = new Token('secured_area', 'ufp', '1701'); $token->setUser($default); $this->security->expects($this->atLeast(1))->method('isGranted')->will($this->returnCallback(function ($role) use($granted) { return $role == $granted; })); $this->urlGenerator->expects($this->once())->method('generate')->with($path)->willReturn('ok'); $response = $this->sut->onAuthenticationSuccess($request, $token); $cookie = $response->headers->getCookies()[0]; $this->assertEquals('oauth_provider', $cookie->getName()); $this->assertEquals('ufp', $cookie->getValue()); }
/** * Do not use this method in dataProvider since they are called before setUp ! */ protected function logIn($nick) { $repo = $this->getService('social.netizen.repository'); $user = $repo->findByNickname($nick); if (!is_null($user)) { $session = $this->client->getContainer()->get('session'); $firewall = 'secured_area'; $cred = $user->getCredential(); $token = new Token($firewall, $cred->getProviderKey(), $cred->getUid(), $user->getRoles()); $token->setUser($user); $session->set('_security_' . $firewall, serialize($token)); $session->save(); $cookie = new Cookie($session->getName(), $session->getId()); $this->client->getCookieJar()->set($cookie); $this->getService('security.context')->setToken($token); } }
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) { $targetPath = $this->failureDefault; $token = $exception->getToken(); $this->logger->debug('Authentication failure handled by ' . __CLASS__, [$exception, $exception->getPrevious(), $token]); if ($exception instanceof BadCredentialsException && $exception->getPrevious() instanceof UsernameNotFoundException && $token instanceof Token && $token->getRoles()[0]->getRole() == ThirdPartyAuthentication::IDENTIFIED) { $this->logger->info('Autoregister'); // create new user, persist and authenticate $user = $this->repository->create($token->getUserUniqueIdentifier(), $token->getProviderKey(), $token->getAttribute('nickname')); $newToken = new Token($token->getFirewallName(), $token->getProviderKey(), $token->getUserUniqueIdentifier(), $user->getRoles()); $this->repository->persist($user); $newToken->setUser($user); $this->security->setToken($newToken); return $this->successLoginHandler->onAuthenticationSuccess($request, $newToken); } $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception); return $this->httpUtils->createRedirectResponse($request, $targetPath); }
public function buildToken(Request $req, $firewallName) { $providerKey = $req->attributes->get('provider'); // Retrieve the temporary credentials from step 2 $temporaryCredentials = unserialize($this->session->get(self::TEMP_CRED)); // Third and final part to OAuth 1.0 authentication is to retrieve token // credentials (formally known as access tokens in earlier OAuth 1.0 // specs). $tokenCredentials = $this->provider->getTokenCredentials($temporaryCredentials, $req->query->get('oauth_token'), $req->query->get('oauth_verifier')); $this->session->remove(self::TEMP_CRED); // We got an access token, let's now get the user's details /** @var \League\OAuth1\Client\Entity\User */ $userDetails = $this->provider->getUserDetails($tokenCredentials); $internToken = new Token($firewallName, $providerKey, $userDetails->uid, [self::IDENTIFIED]); $internToken->setAttribute('nickname', $userDetails->nickname); $this->logger->debug('twitter', iterator_to_array($userDetails->getIterator())); return $internToken; }
public function authenticate(TokenInterface $token) { if (!$this->supports($token)) { return; } /* @var $token \Trismegiste\OAuthBundle\Security\Token */ try { $found = $this->userProvider->findByOauthId($token->getProviderKey(), $token->getUserUniqueIdentifier()); } catch (Exception $notFound) { throw new BadCredentialsException('Bad credentials', 0, $notFound); } if (!$found instanceof UserInterface) { throw new AuthenticationServiceException('findByOauthId() must return a UserInterface.'); } $authenticatedToken = new Token($this->firewallName, $token->getProviderKey(), $token->getUserUniqueIdentifier(), $found->getRoles()); $authenticatedToken->setAttributes($token->getAttributes()); $authenticatedToken->setUser($found); return $authenticatedToken; }
public function testAuthenticatedWithInvalidNetizen() { $token = new Token('secu', 'dummy', '123456'); $user = new Netizen(new Author('kirk')); $token->setUser($user); $event = $this->createEvent(new AccessDeniedHttpException()); $this->security->expects($this->once())->method('getToken')->willReturn($token); $this->security->expects($this->once())->method('isGranted')->with(TicketVoter::SUPPORTED_ATTRIBUTE)->willReturn(false); $bag = new \Symfony\Component\HttpFoundation\Session\Flash\FlashBag(); $this->session->expects($this->once())->method('getFlashBag')->willReturn($bag); $this->sut->onKernelException($event); $this->assertTrue($event->hasResponse()); $this->assertCount(1, $bag); }