The default implementation only processed requests to a specific path,
but a subclass could change this to only authenticate requests where a
certain parameters is present.
protected requiresAuthentication ( |
||
$request | ||
리턴 | boolean |
/** * {@inheritdoc} */ protected function requiresAuthentication(Request $request) { if ($this->options['post_only'] && !$request->isMethod('POST')) { return false; } return parent::requiresAuthentication($request); }
/** * {@inheritdoc} */ protected function requiresAuthentication(Request $request) { if (false == parent::requiresAuthentication($request)) { return false; } return $this->getRelyingParty()->supports($request); }
protected function attemptAuthentication(Request $request) { $config = array_merge(array('callback_url' => $this->options['check_path'], 'callback_transport' => 'post'), $this->options['opauth']); if (parent::requiresAuthentication($request)) { if (!isset($_POST['opauth'])) { throw new AuthenticationException('opauth post parameter is missing'); } // check_path $opauth = new Opauth($config, false); $response = unserialize(base64_decode($_POST['opauth'])); $failureReason = null; /** * Check if it's an error callback */ if (array_key_exists('error', $response)) { throw new AuthenticationException($response['error']); } else { if (empty($response['auth']) || empty($response['timestamp']) || empty($response['signature']) || empty($response['auth']['provider']) || empty($response['auth']['uid'])) { throw new AuthenticationException('Missing key auth response components'); } elseif (!$opauth->validate(sha1(print_r($response['auth'], true)), $response['timestamp'], $response['signature'], $failureReason)) { throw new AuthenticationException($failureReason); } else { $token = new OpauthToken(new OpauthResult($response['auth'])); return $this->authenticationManager->authenticate($token); } } } else { // this should redirect or print, it's an opauth thing... new Opauth($config); // we need to exit now unfortunately... exit; } }
protected function requiresAuthentication(Request $request) { return parent::requiresAuthentication($request); }