/**
* Performs an authentication attempt
*
* @return \Zend\Authentication\Result
* @throws \Zend\Authentication\Adapter\Exception\ExceptionInterface If authentication cannot be performed
*/
public function authenticate()
{
try {
/** @var UserEntity $user */
$user = $this->userRepository->findOneBy(['login' => $this->getIdentity()]);
} catch (EntityNotFoundException $e) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null);
} catch (NonUniqueResultException $e) {
return new Result(Result::FAILURE_IDENTITY_AMBIGUOUS, null);
}
if ($user && $this->crypt->verify($this->getCredential(), $user->getPassword())) {
return new Result(Result::SUCCESS, $user->getId());
}
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null);
}
/**
* {@inheritdoc}
*
* @param string $clientId
* @param string $clientSecret
*/
public function checkClientCredentials($clientId, $clientSecret = null)
{
$client = $this->getClientDataMapper()->findByUuid($clientId);
if (!$client instanceof Entity\Client) {
return false;
}
return $this->password->verify($clientSecret, $client->getSecret());
}
public function authenticate()
{
$repository = $this->entityManager->getRepository(IdentityEntity::class);
$identity = $repository->findOneBy(['directory' => $this->directory, 'identity' => $this->getIdentity()]);
if (!$identity) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, $this->getIdentity());
}
/** @var Account $account */
$account = $identity->getAccount();
if ($this->getCredential() && !$this->crypter->verify($this->getCredential(), $account->getCredential())) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, $this->getIdentity());
}
if ($account->getStatus() !== Account::STATUS_ACTIVE) {
return new Result(Result::FAILURE_UNCATEGORIZED, $this->getIdentity(), ['The account has been deactivated.']);
}
return new Result(Result::SUCCESS, $identity->getId()->toString());
}
public function authenticate()
{
$events = $this->events;
$events('trigger', 'authenticate', $this);
$email = filter_var($this->getIdentity(), FILTER_VALIDATE_EMAIL);
$isValidCredential = filter_var(strlen(trim($this->getCredential())), FILTER_VALIDATE_INT, ['options' => ['min_range' => 8]]);
if (!$email || !$isValidCredential) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, [self::$failMessage]);
}
$user = R::findOne('user', 'mail = ? AND authentication_source = ?', [$email, 'DB']);
if (!$user) {
return new Result(Result::FAILURE_IDENTITY_NOT_FOUND, null, [self::$failMessage]);
}
if (!$this->crypt->verify($this->getCredential(), $user->password)) {
return new Result(Result::FAILURE_CREDENTIAL_INVALID, null, [self::$failMessage]);
}
$identityClass = call_user_func($this->resolveIdentityClass);
$identity = new $identityClass($user->id, $user->uid, $user->mail, $user->displayName, $user->officeName, 'DB');
$events('trigger', 'authenticate.success', $identity);
return new Result(Result::SUCCESS, $identity, ['Authentication success']);
}
public function checkUserCredentials($username, $password)
{
$identityRepository = $this->entityManager->getRepository(IdentityEntity::class);
/** @var IdentityEntity $identity */
$identity = $identityRepository->findOneBy(['directory' => 'username', 'identity' => $username]);
if (!$identity) {
return false;
}
/** @var string $credential */
$credential = $identity->getAccount()->getCredential();
return $this->crypter->verify($password, $credential);
}
/**
* {@inheritdoc}
*/
public function verify($plain, $hashed)
{
return $this->password->verify($plain, $hashed);
}
/**
* @param UserInterface $user
* @param string $password
*
* @return bool
*/
public function isValid(UserInterface $user, $password)
{
return $this->password->verify($password, $user->getPassword());
}
/**
* Verifies if the provided password matches the stored one.
*
* @param string $password clear text password
* @return boolean
*/
public function verifyPassword($password)
{
return $this->adapter->verify($password, $this->password);
}
