/** * @return void * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function initializeAction() { $this->authenticationManager->authenticate(); if ($this->session->getLocation() == null && $this->request->getControllerName() != 'Login' && !$this->authenticationManager->getSecurityContext()->hasRole('DLigo.Animaltool:Admin') && $this->request->getControllerActionName() != 'select' && $this->request->getControllerName() != 'Location') { $this->redirect('select', 'location'); } if ($this->request->hasArgument('cancel')) { if (!($this->request->getControllerActionName() == 'merge' && $this->request->getControllerName() == 'Animal')) { $this->redirect('index', 'animal'); } } $msgs = $this->flashMessageContainer->getMessagesAndFlush(); foreach ($msgs as $msg) { if ($msg->getSeverity() == 'Error' && $msg->getTitle() == '' && $msg->getCode() === null) { continue; } $this->flashMessageContainer->addMessage($msg); } if (isset($this->arguments['animal'])) { $this->arguments['animal']->getPropertyMappingConfiguration()->forProperty('birthday')->setTypeConverterOption('TYPO3\\Flow\\Property\\TypeConverter\\DateTimeConverter', \TYPO3\Flow\Property\TypeConverter\DateTimeConverter::CONFIGURATION_DATE_FORMAT, 'Y-m-d'); } if (isset($this->arguments['newAnimal'])) { $this->arguments['newAnimal']->getPropertyMappingConfiguration()->forProperty('birthday')->setTypeConverterOption('TYPO3\\Flow\\Property\\TypeConverter\\DateTimeConverter', \TYPO3\Flow\Property\TypeConverter\DateTimeConverter::CONFIGURATION_DATE_FORMAT, 'Y-m-d'); } }
/** * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException * @throws \TYPO3\Flow\Security\Exception\AccessDeniedException * @return void */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); $account = $this->securityContext->getAccount(); $this->redirect('index', 'Dashboard', NULL, array('user' => $account)); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Bitte die korrekten Benutzerdaten eingeben.')); //$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($exception->getMessage())); throw $exception; } }
/** * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException * @return void */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Successfully logged in.')); $this->redirect('index', 'Setup'); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Wrong username or password.')); $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($exception->getMessage())); throw $exception; } }
/** * @param integer $step The requested setup step * @return void * @Flow\SkipCsrfProtection */ public function authenticateAction($step) { try { $this->authenticationManager->authenticate(); if (file_exists($this->settings['initialPasswordFile'])) { unlink($this->settings['initialPasswordFile']); } $this->redirect('index', 'Setup', NULL, array('step' => $step)); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->addFlashMessage('Sorry, you were not able to authenticate.', 'Authentication error', Message::SEVERITY_ERROR); $this->redirect('login', NULL, NULL, array('step' => $step)); } }
/** * Authenticates an account by invoking the Provider based Authentication Manager. * * On successful authentication redirects to the list of posts, otherwise returns * to the login screen. * * @return void * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); $this->session->start(); if ($this->authenticationManager->getSecurityContext()->hasRole('DLigo.Animaltool:Admin')) { $this->redirect('index', 'Animal'); } else { $this->redirect('select', 'location'); } } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->addFlashMessage('Wrong username or password.', '', \TYPO3\Flow\Error\Message::SEVERITY_ERROR, array(), 'flash.password'); throw $exception; } }
/** * @Flow\SkipCsrfProtection * @return void|string */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); if ($this->authenticationManager->isAuthenticated()) { $profile = $this->profileService->getCurrentPartyProfile(); $this->redirect('show', 'Frontend\\Node', 'TYPO3.Neos', ['node' => $profile->getPath()]); } else { $this->addFlashMessage('Gebruikersnaam of wachtwoord is niet correct'); $this->forwardToReferringRequest(); } } catch (\Exception $e) { $this->addFlashMessage('Gebruikersnaam of wachtwoord is niet correct'); $this->forwardToReferringRequest(); } }
/** * Invokes the security interception * * @return boolean TRUE if the security checks was passed * @throws \TYPO3\Flow\Security\Exception\AccessDeniedException * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint * @throws \TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the resource, causing a redirect to the authentication entrypoint */ public function invoke() { try { $this->authenticationManager->authenticate(); } catch (\Doctrine\ORM\EntityNotFoundException $exception) { throw new \TYPO3\Flow\Security\Exception\AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception); } catch (\TYPO3\Flow\Security\Exception\NoTokensAuthenticatedException $noTokensAuthenticatedException) { // We still need to check if the resource is available to "Everybody". try { $this->accessDecisionManager->decideOnJoinPoint($this->joinPoint); return; } catch (\TYPO3\Flow\Security\Exception\AccessDeniedException $accessDeniedException) { throw $noTokensAuthenticatedException; } } $this->accessDecisionManager->decideOnJoinPoint($this->joinPoint); }
/** * Invokes the security interception * * @return boolean TRUE if the security checks was passed * @throws AccessDeniedException * @throws AuthenticationRequiredException if an entity could not be found (assuming it is bound to the current session), causing a redirect to the authentication entrypoint * @throws NoTokensAuthenticatedException if no tokens could be found and the accessDecisionManager denied access to the privilege target, causing a redirect to the authentication entrypoint */ public function invoke() { $reason = ''; $privilegeSubject = new MethodPrivilegeSubject($this->joinPoint); try { $this->authenticationManager->authenticate(); } catch (EntityNotFoundException $exception) { throw new AuthenticationRequiredException('Could not authenticate. Looks like a broken session.', 1358971444, $exception); } catch (NoTokensAuthenticatedException $noTokensAuthenticatedException) { // We still need to check if the privilege is available to "TYPO3.Flow:Everybody". if ($this->privilegeManager->isGranted(\TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) { throw new NoTokensAuthenticatedException($noTokensAuthenticatedException->getMessage() . chr(10) . $reason, $noTokensAuthenticatedException->getCode()); } } if ($this->privilegeManager->isGranted(\TYPO3\Flow\Security\Authorization\Privilege\Method\MethodPrivilegeInterface::class, $privilegeSubject, $reason) === false) { throw new AccessDeniedException($this->renderDecisionReasonMessage($reason), 1222268609); } }
/** * Prepares the environment for and conducts an account authentication * * @param Account $account * @return void */ protected function authenticateAccount(Account $account) { $this->testingProvider->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $this->testingProvider->setAccount($account); $this->securityContext->clearContext(); /** @var RequestHandler $requestHandler */ $this->securityContext->setRequest($this->mockActionRequest); $this->authenticationManager->authenticate(); }
/** * Calls the authentication manager to authenticate all active tokens * and redirects to the original intercepted request on success if there * is one stored in the security context. If no intercepted request is * found, the function simply returns. * * If authentication fails, the result of calling the defined * $errorMethodName is returned. * * Note: Usually there is no need to override this action. You should use * the according callback methods instead (onAuthenticationSuccess() and * onAuthenticationFailure()). * * @return string * @Flow\SkipCsrfProtection */ public function authenticateAction() { $authenticationException = null; try { $this->authenticationManager->authenticate(); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $authenticationException = $exception; } if ($this->authenticationManager->isAuthenticated()) { $storedRequest = $this->securityContext->getInterceptedRequest(); if ($storedRequest !== null) { $this->securityContext->setInterceptedRequest(null); } return $this->onAuthenticationSuccess($storedRequest); } else { $this->onAuthenticationFailure($authenticationException); return call_user_func(array($this, $this->errorMethodName)); } }
/** * Prepares the environment for and conducts an account authentication * * @param \TYPO3\Flow\Security\Account $account * @return void * @api */ protected function authenticateAccount(\TYPO3\Flow\Security\Account $account) { $this->testingProvider->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); $this->testingProvider->setAccount($account); $this->securityContext->clearContext(); $requestHandler = self::$bootstrap->getActiveRequestHandler(); $actionRequest = $this->route($requestHandler->getHttpRequest()); $this->securityContext->setRequest($actionRequest); $this->authenticationManager->authenticate(); }
/** * Receive an SSO authentication callback and trigger authentication * through the SingleSignOnProvider. * * GET /sso/authentication/callback?... * * @param string $callbackUri * @return void */ public function callbackAction($callbackUri) { try { $this->authenticationManager->authenticate(); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $authenticationException = $exception; } if ($this->authenticationManager->isAuthenticated()) { $storedRequest = $this->securityContext->getInterceptedRequest(); if ($storedRequest !== NULL) { $this->securityContext->setInterceptedRequest(NULL); $this->redirectToRequest($storedRequest); } else { // TODO Do we have to check the URI? $this->redirectToUri($callbackUri); } } else { throw new \Flowpack\SingleSignOn\Client\Exception('Could not authenticate in callbackAction triggered by the SSO server.', 1366613161, isset($authenticationException) ? $authenticationException : NULL); } }
/** * Initializes all actions with commons logic. */ protected function initializeAction() { // Alternative to Flow's own json handling // FIXME if ($this->request->hasArgument('json')) { $this->isJson = true; $this->request->setFormat('json'); $this->view = new \TYPO3\Flow\Mvc\View\JsonView(); $this->view->setControllerContext($this->controllerContext); } if ($this->securityContext != null) { $account = $this->securityContext->getAccount(); if ($account == null) { if ($this->isJson) { $this->throwStatus(403); } else { $this->authenticationManager->authenticate(); } } else { /** @var \_OurBrand_\My\Domain\Model\User $user */ $user = $account->getParty(); if (!$user) { // Seriously bad! $this->throwStatus(403); } // Necessary for our easy role identifier functions! if ($user->getAccounts()->count() == 0) { $user->addAccount($account); } $this->currentUser = $user; // Set the quiz subjects that this user has access to. if (count($user->getQuizSubscriptionDataForQuizType(0)) == 0) { $this->accessHelper->setUserSubjectsAndTeamLevels($user); } } } else { if ($this->isJson) { $this->throwStatus(403); } else { $this->authenticationManager->authenticate(); } } if ($this->loginSession->getData('studentQuizSession') != null) { $this->studentQuizSession = $this->loginSession->getData('studentQuizSession'); } // Prevent browser caching of content. Everything is dynamic in this application. $this->response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate'); $this->response->setHeader('Pragma', 'no-cache'); $this->response->setHeader('Expires', '0'); }
/** * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException * @return void */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); $this->flashMessageContainer->addMessage(new Message($this->translator->translateById('login.login.success', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); if ($this->request->getArgument('return_url') != '' && $this->request->hasArgument('return_url')) { $this->redirectToUri($this->request->getArgument('return_url')); } else { $this->redirect('index', 'Standard'); } } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('login.login.wrongPassword', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard'); } }
/** * Invokes the the authentication, if needed. * * @return boolean TRUE if the security checks was passed */ public function invoke() { $this->authenticationManager->authenticate(); }
/** * @return void * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException */ public function initializeAction() { $this->authenticationManager->authenticate(); }