/** * {@inheritdoc} */ protected function retrieveUser($username, UsernamePasswordToken $token) { $user = $token->getUser(); if ($user instanceof AccountInterface) { return array($user, $token->getUserProviderName()); } $result = null; try { $result = $this->userProvider->loadUserByUsername($username); } catch (UsernameNotFoundException $notFound) { throw $notFound; } catch (\Exception $repositoryProblem) { throw new AuthenticationServiceException($repositoryProblem->getMessage(), $token, 0, $repositoryProblem); } if (!is_array($result) || 2 !== count($result)) { throw new AuthenticationServiceException('User provider did not return an array, or array had invalid format.'); } if (!$result[0] instanceof AccountInterface) { throw new AuthenticationServiceException('The user provider must return an AccountInterface object.'); } if (empty($result[1])) { throw new AuthenticationServiceException('The user provider must return a non-empty user provider name.'); } return $result; }
/** * {@inheritdoc} */ protected function checkAuthentication(AccountInterface $account, UsernamePasswordToken $token) { if (!($presentedPassword = (string) $token->getCredentials())) { throw new BadCredentialsException('Bad credentials'); } if (!$this->passwordEncoder->isPasswordValid($account->getPassword(), $presentedPassword, $account->getSalt())) { throw new BadCredentialsException('Bad credentials'); } }
/** * {@inheritdoc} */ protected function retrieveUser($username, UsernamePasswordToken $token) { $user = $token->getUser(); if ($user instanceof AccountInterface) { return $user; } try { $user = $this->userProvider->loadUserByUsername($username); if (!$user instanceof AccountInterface) { throw new AuthenticationServiceException('The user provider must return an AccountInterface object.'); } return $user; } catch (UsernameNotFoundException $notFound) { throw $notFound; } catch (\Exception $repositoryProblem) { throw new AuthenticationServiceException($repositoryProblem->getMessage(), $token, 0, $repositoryProblem); } }
/** * Attempts to switch to another user. * * @param Request $request A Request instance * * @return TokenInterface|null The new TokenInterface if successfully switched, null otherwise */ protected function attemptSwitchUser(Request $request) { $token = $this->securityContext->getToken(); if (false !== $this->getOriginalToken($token)) { throw new \LogicException(sprintf('You are already switched to "%s" user.', (string) $token)); } $this->accessDecisionManager->decide($token, null, array($this->role)); $username = $request->get($this->usernameParameter); if (null !== $this->logger) { $this->logger->debug(sprintf('Attempt to switch to user "%s"', $username)); } $user = $this->provider->loadUserByUsername($username); $this->accountChecker->checkPostAuth($user); $roles = $user->getRoles(); $roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->securityContext->getToken()); $token = new UsernamePasswordToken($user, $user->getPassword(), $roles); $token->setImmutable(true); return $token; }
/** * Authenticate a user with Symfony Security * * @param Boolean $reAuthenticate * @return null */ protected function authenticateUser(User $user, $reAuthenticate = false) { $token = new UsernamePasswordToken($user, null, $user->getRoles()); if (true === $reAuthenticate) { $token->setAuthenticated(false); } $this->get('security.context')->setToken($token); }
public function testEraseCredentials() { $token = new UsernamePasswordToken('foo', 'bar'); $token->eraseCredentials(); $this->assertEquals('', $token->getCredentials()); }