/** * Handles all messages for authentication (Hello and Authenticate) * This is called by the Realm to handle authentication * * @param \Thruway\Realm $realm * @param \Thruway\Session $session * @param \Thruway\Message\Message $msg * @throws \Exception */ private function processMessage(Realm $realm, Session $session, Message $msg) { if ($session->isAuthenticated()) { throw new \Exception("Message sent to authentication manager for already authenticated session."); } // trusted transports do not need any authentication if ($session->getTransport()->isTrusted()) { $authDetails = new AuthenticationDetails(); $authDetails->setAuthMethod('internalClient'); $authDetails->setAuthId('internal'); // set the authid if the hello has one if ($msg instanceof HelloMessage) { $details = $msg->getDetails(); if (isset($details) && isset($details->authid)) { $authDetails->setAuthId($details->authid); } } $authDetails->addAuthRole("authenticated_user"); $authDetails->addAuthRole("admin"); $session->setAuthenticationDetails($authDetails); $session->setAuthenticated(true); $details = new \stdClass(); $details->authid = $authDetails->getAuthId(); $details->authmethod = $authDetails->getAuthMethod(); $details->authrole = $authDetails->getAuthRole(); $details->authroles = $authDetails->getAuthRoles(); $session->sendMessage(new WelcomeMessage($session->getSessionId(), $details)); return; } if (!$this->readyToAuthenticate()) { $session->abort(new \stdClass(), 'thruway.authenticator.not_ready'); return; } if ($msg instanceof HelloMessage) { if ($session->getAuthenticationDetails() !== null) { // Todo: probably shouldn't be so dramatic here throw new \Exception("Hello message sent to authentication manager when there is already authentication details attached."); } $this->handleHelloMessage($realm, $session, $msg); } else { if ($msg instanceof AuthenticateMessage) { $this->handleAuthenticateMessage($realm, $session, $msg); } else { throw new \Exception("Invalid message type sent to AuthenticationManager."); } } }