/** * Checks if the passed value is valid. * * @param UserInterface $value The value that should be validated * @param Constraint $constraint The constraint for the validation * * @throws UnexpectedTypeException if $value is not instance of \Symfony\Component\Security\Core\User\UserInterface */ public function validate($value, Constraint $constraint) { if (!$value instanceof UserInterface) { throw new UnexpectedTypeException($value, 'Symfony\\Component\\Security\\Core\\User\\UserInterface'); } $user = $this->ldapManager->findUserByUsername($value->getUsername()); if ($user) { $this->context->addViolation($constraint->message, array('%property%' => $constraint->property)); } }
/** * {@inheritdoc} */ protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) { $currentUser = $token->getUser(); if ($currentUser instanceof LdapUserInterface) { if (!$this->ldapManager->bind($currentUser, $currentUser->getPassword())) { throw new BadCredentialsException('The credentials were changed from another session.'); } } else { if (!$user->getDn()) { $userLdap = $this->ldapManager->findUserByUsername($user->getUsername()); if (!$userLdap) { throw new BadCredentialsException(sprintf('User "%s" not found', $user->getUsername())); } $user->setDn($userLdap->getDn()); } if (!($presentedPassword = $token->getCredentials())) { throw new BadCredentialsException('The presented password cannot be empty.'); } if (!$this->ldapManager->bind($user, $presentedPassword)) { throw new BadCredentialsException('The presented password is invalid.'); } } }