/** * {@InheritDoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (!$request->headers->has('x-wsse')) { return; } $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { return; } $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $e) { throw $e; // To deny the authentication clear the token. This will redirect to the login page. // Make sure to only clear your token, not those of other authentication listeners. // $token = $this->tokenStorage->getToken(); // if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) { // $this->tokenStorage->setToken(null); // } // return; } // By default deny authorization $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { // Deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(403); $event->setResponse($response); return; } $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { // ... you might log something here $failedMessage = 'WSSE Login failed for ' . $token->getUsername() . '. Why ? ' . $failed->getMessage(); $this->logger->err($failedMessage); //To deny the authentication clear the token. This will redirect to the login page. //Make sure to only clear your token, not those of other authentication listeners. $this->securityContext->setToken(null); // Deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(403); $response->setContent($failedMessage); $event->setResponse($response); return; } }
/** * @param $unauth_token */ private function authenticate($unauth_token) { $this->authenticationManager = $this->container->get('security.context')->getAuthenticationManager(); $authenticatedToken = $this->authenticationManager->authenticate($unauth_token); $this->container->get('security.context')->setToken($authenticatedToken); $this->container->get('session')->set('security_token', $authenticatedToken); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); //find out if the current request contains any information by which the user might be authenticated if (!$request->headers->has('X-WSSE')) { return; } $ae_message = null; $this->wsseHeader = $request->headers->get('X-WSSE'); $wsseHeaderInfo = $this->parseHeader(); if ($wsseHeaderInfo !== false) { $token = new Token($wsseHeaderInfo['Username'], $wsseHeaderInfo['PasswordDigest'], $this->providerKey); $token->setAttribute('nonce', $wsseHeaderInfo['Nonce']); $token->setAttribute('created', $wsseHeaderInfo['Created']); try { $returnValue = $this->authenticationManager->authenticate($token); if ($returnValue instanceof TokenInterface) { return $this->tokenStorage->setToken($returnValue); } else { if ($returnValue instanceof Response) { return $event->setResponse($returnValue); } } } catch (AuthenticationException $ae) { $event->setResponse($this->authenticationEntryPoint->start($request, $ae)); } } }
/** * @param GetResponseEvent $event * * @return bool */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); switch ($this->getAuthType()) { case self::AUTH_TYPE_HEADER: $requestToken = $request->headers->get($this->getAuthKeyName()); break; case self::AUTH_TYPE_REQUEST: $requestToken = $request->get($this->getAuthKeyName()); break; default: throw new InvalidConfigurationException("Unknown auth type" . $this->getAuthType()); } if (!$requestToken) { throw new AuthenticationException('Empty authentication token'); } $requestTokenData = $this->parseAuthToken($requestToken); $token = new SignedUserToken(); $token->setUser($requestTokenData[0]); $token->setSignature($requestTokenData[1]); $token->setRequest($request); try { $authenticatedToken = $this->authManager->authenticate($token); $this->tokenStorage->setToken($authenticatedToken); return true; } catch (AuthenticationException $failed) { } $response = new Response('', Response::HTTP_FORBIDDEN); $event->setResponse($response); return false; }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { if (null !== $this->tokenStorage->getToken()) { return; } $request = $event->getRequest(); $token = new PluginToken($this->providerKey, $request->get('integration', null)); try { $authToken = $this->authenticationManager->authenticate($token); if ($authToken instanceof PluginToken) { $response = $authToken->getResponse(); if ($authToken->isAuthenticated()) { $this->tokenStorage->setToken($authToken); if ('api' != $this->providerKey) { $response = $this->onSuccess($request, $authToken, $response); } } elseif (empty($response)) { throw new AuthenticationException('mautic.user.auth.error.invalidlogin'); } } } catch (AuthenticationException $exception) { if ('api' != $this->providerKey) { $response = $this->onFailure($request, $exception); } } if ($response) { $event->setResponse($response); } }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (!$request->headers->has('cookie')) { return; } if (strstr($request->headers->get('cookie'), 'SimpleSAMLAuthToken') === false) { return; } if (!$request->query->has('csrf-token')) { $this->logger->notice('Ssp Firewall: Auth Token cookie but no CSRF Token'); return; } $csrfToken = $request->query->getAlnum('csrf-token'); if (!$this->csrfProvider->isCsrfTokenValid('api', $csrfToken)) { $this->logger->notice('Ssp Firewall: Invalid CSRF token for api use: ' . $csrfToken); return; } try { $authToken = $this->authenticationManager->authenticate(new SspToken()); $this->securityContext->setToken($authToken); } catch (AuthenticationException $failed) { $this->logger->warning('Ssp Firewall: failed:' . $failed->getMessage()); $token = $this->securityContext->getToken(); if ($token instanceof SspToken) { $this->securityContext->setToken(null); } return; } }
/** * Handles the authentication for user. * * @param GetResponseEvent $event The response event. * * @throws AuthenticationException When the request is not authenticated. * * @return void */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { return; } $token = new WsseUserToken($this->providerKey); $token->setUser($matches[1]); $token->setDigest($matches[2]); $token->setNonce($matches[3]); $token->setCreated($matches[4]); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { $failedMessage = 'WSSE Login failed for ' . $token->getUsername() . '. Because: ' . $failed->getMessage(); $token = $this->securityContext->getToken(); if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) { $this->securityContext->setToken(null); } // deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(403); $event->setResponse($response); return; } // by default deny authorization $response = new Response(); $response->setStatusCode(403); $event->setResponse($response); }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (!$this->keyExtractor->hasKey($request)) { $response = new Response(); $response->setStatusCode(401); $event->setResponse($response); return; } $apiKey = $this->keyExtractor->extractKey($request); $token = new ApiKeyUserToken(); $token->setApiKey($apiKey); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { $token = $this->securityContext->getToken(); if ($token instanceof ApiKeyUserToken && $token->getCredentials() == $apiKey) { $this->securityContext->setToken(null); } $message = $failed->getMessage(); } $response = new Response(); $response->setContent($message); $response->setStatusCode(403); $event->setResponse($response); }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (empty($request->headers->get("Authorization"))) { return; } $authHeader = $request->headers->get("Authorization"); if (strpos($authHeader, " ") === false) { return; } list($tokenType, $token) = explode(" ", $authHeader, 2); if (strtolower($tokenType) !== "bearer") { return; } // Verify that there is an access_token present /* if(empty($request->get("access_token"))) { return; } $token = $request->get("access_token");*/ $unauthenticatedToken = new OAuthToken(); $unauthenticatedToken->setToken($token); try { $authenticatedToken = $this->authenticationManager->authenticate($unauthenticatedToken); $this->tokenStorage->setToken($authenticatedToken); return; } catch (AuthenticationException $e) { if ($this->logger !== null) { $this->logger->notice("Access token authentication failed"); } } $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if ($this->securityContext->getToken() !== null) { return; } if ($request->getRequestUri() == '/app_dev.php/api/login' || $request->getRequestUri() == '/api/login') { return; } //Try to reach token from HTTP headers if ($request->headers->has('X-Auth-Token')) { $tokenId = $request->headers->get('X-Auth-Token'); } else { $tokenId = $request->get('token'); } //by token if (isset($tokenId)) { $user = $this->userProvider->findUserByToken($tokenId); if (!$user) { throw new BadCredentialsException(); } try { $token = new ApiToken([], $this->providerId, $this->key); $token->setUser($user); $authenticatedToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authenticatedToken); } catch (AuthenticationException $e) { //log something } } }
/** * Handles basic authentication. * * @param GetResponseEvent $event A GetResponseEvent instance */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (false === ($username = $request->headers->get('PHP_AUTH_USER', false))) { return; } if (null !== ($token = $this->securityContext->getToken())) { if ($token instanceof OrganizationContextTokenInterface && $token->isAuthenticated() && $token->getUsername() === $username) { return; } } $this->logProcess($username); try { $organizationId = $request->headers->get('PHP_AUTH_ORGANIZATION'); if ($organizationId) { $authToken = new UsernamePasswordOrganizationToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey, $this->manager->getOrganizationById($organizationId)); } else { $authToken = new UsernamePasswordToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey); } $this->securityContext->setToken($this->authenticationManager->authenticate($authToken)); } catch (AuthenticationException $failed) { $token = $this->securityContext->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { $this->securityContext->setToken(null); } $this->logError($username, $failed->getMessage()); if ($this->ignoreFailure) { return; } $event->setResponse($this->authenticationEntryPoint->start($request, $failed)); } }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $apiKey = $request->headers->get('Authorization', $request->query->get('api_key')); if (!$apiKey) { if (true === $this->forceApiKey) { $response = new Response(); $response->setStatusCode(401); $event->setResponse($response); } return; } $token = new ApiKeyUserToken(); $token->setApiKey($apiKey); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); return; } catch (AuthenticationException $failed) { $token = $this->securityContext->getToken(); if ($token instanceof ApiKeyUserToken && $token->getCredentials() == $apiKey) { $this->securityContext->setToken(null); } $message = $failed->getMessage(); } if ($this->isJsonRequest($request)) { $response = new JsonResponse(array('error' => $message)); } else { $response = new Response(); $response->setContent($message); } $response->setStatusCode(401); $event->setResponse($response); }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); return; } $token = new WsseToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $failed) { //TODO: LOG } // By default deny authorization $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { $response = new Response(); $response->setStatusCode(403); $response->setContent('Invalid or missing WSSE.'); $event->setResponse($response); return; } $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); } catch (AuthenticationException $failed) { $response = new Response(); $response->setStatusCode(403); $response->getContent($failed->getMessage()); $event->setResponse($response); } }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (null !== ($authorization = $request->headers->get($this->authenticationHeaderName))) { $headerParts = array_map('trim', explode(' ', $authorization, 2)); if (2 === count($headerParts)) { $credentialParts = explode(':', $headerParts[1]); if (2 === count($credentialParts)) { $token = new HmacUserToken(); $token->setServiceLabel($headerParts[0]); $token->setUser($credentialParts[0]); $token->setSignature($credentialParts[1]); $token->setRequest($request); try { $authenticatedToken = $this->authenticationManager->authenticate($token); // Call setToken() on an instance of SecurityContextInterface or TokenStorageInterface (>=2.6) $this->tokenStorage->setToken($authenticatedToken); // Success return; } catch (AuthenticationException $exception) { } } } } $event->setResponse(new Response(null, 401)); }
/** * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event The event. */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if (null === ($oauthToken = $this->serverService->getBearerToken($event->getRequest(), true))) { //if it's null, then we try to regular authentication... $token = $this->handleCookie($event); if ($token) { $this->securityContext->setToken($token); return; } } $token = new OAuthToken(); $token->setToken($oauthToken); $returnValue = $this->authenticationManager->authenticate($token); try { $returnValue = $this->authenticationManager->authenticate($token); if ($returnValue instanceof TokenInterface) { return $this->securityContext->setToken($returnValue); } if ($returnValue instanceof Response) { return $event->setResponse($returnValue); } } catch (AuthenticationException $e) { if (null !== ($p = $e->getPrevious())) { $event->setResponse($p->getHttpResponse()); } } }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); if ($request->headers->has(static::AUTH_HEADER)) { $unauthenticatedToken = new ApiUserToken(); $unauthenticatedToken->setAttribute('key', $request->headers->get(static::AUTH_HEADER)); $authenticatedToken = $this->authenticationManager->authenticate($unauthenticatedToken); $this->tokenStorage->setToken($authenticatedToken); } }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $token = new ApiUnauthenticatedUserToken($this->getRequestService()->parse($event->getRequest())); try { $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); } catch (AuthenticationException $e) { $response = new JsonResponse(['code' => $e->getCode(), 'message' => $e->getMessage()], $e->getCode() > 0 ? $e->getCode() : 403); $event->setResponse($response); } }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); // Check if authentication Token is present if ($request->headers->has('x-wsse')) { // Token parser $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { // Authentication process $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $failed) { $failedMessage = 'WSSE Login failed for ' . $token->getUsername() . '. Why ? ' . $failed->getMessage(); // $this->logger->err($failedMessage); // To deny the authentication clear the token. This will redirect to the login page. // $token = $this->securityContext->getToken(); // if ( $token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) { // $this->securityContext->setToken(null); // } // Deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(403); $response->setContent($failedMessage); $event->setResponse($response); return; } catch (NonceExpiredException $expired) { $failedMessage = 'WSSE Nonce Expired for ' . $token->getUsername() . '. Why ? ' . $failed->getMessage(); // $this->logger->err($failedMessage); // Deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(403); $response->setContent($failedMessage); $event->setResponse($response); return; } // By default deny authorization $response = new Response(); $response->setStatusCode(403); $event->setResponse($response); } } // By default deny authentication $response = new Response(); $response->setStatusCode(403); $event->setResponse($response); }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { try { $jwtTokenValue = $this->jwtRetrievalStrategy->getToken($event->getRequest()); } catch (JWTNotFoundException $e) { return; } $jwtToken = new JWTToken(); $jwtToken->setToken($jwtTokenValue); $authToken = $this->authenticationManager->authenticate($jwtToken); $this->tokenStorage->setToken($authToken); }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $user = $this->userSessionService->getMinimalUserInfo(); if (!is_null($user)) { $token = new UiTIDToken(); $token->setUser((string) $user->getId()); try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $exception) { } } $response = new Response('Unauthorized access.', Response::HTTP_UNAUTHORIZED); $event->setResponse($response); }
/** * This interface must be implemented by firewall listeners. * * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $requestToken = $this->getToken($request->headers->get($this->options['header_name'], null)); if (!empty($requestToken)) { try { $decoded = $this->encode->decode($requestToken); $token = new JWTToken(); $token->setTokenContext($decoded); $authToken = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($authToken); } catch (HttpEncodingException $e) { } catch (\UnexpectedValueException $e) { } } }
/** * @param GetResponseEvent $event */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $jwtString = $this->getJwtString($request); if (empty($jwtString)) { return; } $jwt = $this->decoderService->parse(new StringLiteral($jwtString)); $token = new JwtUserToken($jwt); try { $authenticatedToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authenticatedToken); } catch (AuthenticationException $e) { $event->setResponse(new Response($e->getMessage(), 401)); } }
/** * {@inheritDoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); // Look for an access token $authHeader = preg_split('/[\\s]+/', $request->headers->get('Authorization')); $access_token = isset($authHeader[1]) ? $authHeader[1] : $request->get('access_token'); if (!empty($access_token)) { $token = new OAuth2Token(); $token->setAccessToken($access_token); $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } // By default deny authorization $response = new Response(null, 403); $event->setResponse($response); }
/** * {@inheritDoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); // Requests require an Authorization header. if (!$request->headers->has('Authorization')) { $event->setResponse($this->entryPoint->start($request)); return; } $token = new HmacToken($request); try { $authToken = $this->authManager->authenticate($token); $this->tokenStorage->setToken($authToken); $request->attributes->set('hmac.key', $authToken->getCredentials()); } catch (AuthenticationException $e) { $event->setResponse($this->entryPoint->start($request, $e)); } }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { throw new AccessDeniedHttpException('Missing WSSE headers.'); $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $response->setContent('Missing WSSE headers.'); $event->setResponse($response); return; } $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (AuthenticationException $failed) { throw new AccessDeniedHttpException('WSSE Login failed.'); // ... you might log something here $failedMessage = 'WSSE Login failed for ' . $token->getUsername() . '. Why ? ' . $failed->getMessage(); $this->logger->err($failedMessage); // To deny the authentication clear the token. This will redirect to the login page. // Make sure to only clear your token, not those of other authentication listeners. // $token = $this->tokenStorage->getToken(); // if ($token instanceof WsseUserToken && $this->providerKey === $token->getProviderKey()) { // $this->tokenStorage->setToken(null); // } // return; // Deny authentication with a '403 Forbidden' HTTP response $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $response->setContent($failedMessage); $event->setResponse($response); return; } // By default deny authorization $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $session = $request->getSession(); if ($session->has('wls_response')) { // There's a Raven response to process $token = RavenUserToken::factory($session->get('wls_response')); $session->remove('wls_response'); if (null !== $this->logger) { $this->logger->debug('Found WLS response', array('CRSid' => $token->getUsername())); } if (rawurldecode($token->getAttribute('url')) !== $request->getUri()) { throw new RavenException('URL mismatch'); } switch ($token->getAttribute('status')) { case 200: // Successful authentication break; case 410: throw new AuthenticationCancelledException(); break; default: switch ($token->getAttribute('status')) { case 510: $message = 'No mutually acceptable authentication types available'; break; case 520: $message = 'Unsupported protocol version'; break; case 530: $message = 'General request parameter error'; break; case 540: $message = 'Interaction would be required'; break; case 560: $message = 'WAA not authorised'; break; case 570: $message = 'Authentication declined'; break; default: $message = null; break; } throw new RavenException($message, $token->getAttribute('status')); break; } $token = $this->authenticationManager->authenticate($token); $this->tokens->setToken($token); $this->dispatcher->dispatch(RavenEvents::LOGIN, new InteractiveLoginEvent($request, $token)); } elseif ($this->tokens->getToken() != null && $this->tokens->getToken()->getUser() instanceof UserInterface) { // The user is already logged in } else { $this->requestAuthentication($event, $request->getUri()); } }
function it_stores_the_token_returned_by_AuthenticationManager(AuthenticationManagerInterface $authenticationManager, TokenStorageInterface $tokenStorage, GetResponseEvent $event) { $request = new Request(); $event->getRequest()->willReturn($request); $authToken = new JWTToken(); $authenticationManager->authenticate(Argument::any())->willReturn($authToken); $this->handle($event); $tokenStorage->setToken($authToken)->shouldBeCalled(); }
/** * {@inheritdoc} */ public function handle(GetResponseEvent $event) { $cookieData = $this->cookie->getValue(); if (!$this->authCookieService->validateCookie($cookieData)) { $this->tokenStorage->setToken(null); return false; } $token = new SessionlessToken($cookieData['username'], $cookieData['expiration'], $event->getRequest()->getClientIp(), $cookieData['signature']); try { $regeneratedToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($regeneratedToken); } catch (AuthenticationException $e) { $this->cookie->setClear(true); $this->tokenStorage->setToken(null); return false; } return $regeneratedToken; }