/** * {@inheritdoc} */ public function authenticate(TokenInterface $token) { if (false === $this->supports($token)) { return; } $publicKey = $token->getUsername(); if (null === ($nonce = $this->readNonceValue($token->getNonce()))) { $this->onInvalidAuthentication(); } $user = $this->userProvider->loadUserByPublicKey($publicKey); if (null === $user) { $this->onInvalidAuthentication(); } $token->setUser($user); $signature_encoder = new RequestSignatureEncoder(); if (false === $signature_encoder->isApiSignatureValid($token, $nonce[1])) { $this->onInvalidAuthentication(); } if (time() > $nonce[0] + $this->lifetime) { $this->removeNonce($token->getNonce()); throw new SecurityException('Prior authentication expired', SecurityException::EXPIRED_AUTH); } $authenticatedToken = new PublicKeyToken($this->getRoles($user)); $authenticatedToken->setUser($user)->setNonce($token->getNonce())->setCreated(new \DateTime())->setLifetime($this->lifetime); $this->writeNonceValue($authenticatedToken); return $authenticatedToken; }
/** * @access public */ public function generateKeyAction(Request $request) { $values = $request->request->get('generator'); $signature = null; if ('POST' === $request->getMethod()) { $encoder = new RequestSignatureEncoder(); $requestToBeSigned = Request::create($values['url'], $values['method']); $signature = $encoder->createSignature($requestToBeSigned, $values['private_key']); } return $this->render('Rest/test.html.twig', array('form' => $values, 'signature' => $signature)); }
/** * Updates the nonce value. * * @param string $nonce */ protected function writeNonceValue(BBUserToken $token) { $now = strtotime($token->getCreated()); $nonce = $token->getNonce(); $signature_generator = new RequestSignatureEncoder(); $signature = $signature_generator->createSignature($token); if (null === $this->registryRepository) { file_put_contents($this->nonceDir . DIRECTORY_SEPARATOR . $nonce, "{$now};{$signature}"); } else { $registry = $this->getRegistry($nonce)->setValue("{$now};{$signature}"); $this->registryRepository->save($registry); } }