Exemplo n.º 1
0
 public function handle(GetResponseEvent $event)
 {
     $request = $event->getRequest();
     $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/';
     do {
         if (!$request->headers->has('x-wsse')) {
             break;
         }
         $wsseHeader = $request->headers->get('x-wsse');
         if (1 !== preg_match($wsseRegex, $wsseHeader, $matches)) {
             return;
         }
         $token = new WsseUserToken();
         $token->setUser($matches[1]);
         $token->digest = $matches[2];
         $token->nonce = $matches[3];
         $token->created = $matches[4];
         try {
             $authenticatedToken = $this->authenticationManager->authenticate($token);
             $this->tokenStorage->setToken($authenticatedToken);
             return;
         } catch (AuthenticationException $ex) {
         }
     } while (false);
     $response = new Response();
     $response->setStatusCode(Response::HTTP_FORBIDDEN);
     $event->setResponse($response);
 }
Exemplo n.º 2
0
 public function authenticate(TokenInterface $token)
 {
     $user = $this->userProvider->loadUserByUsername($token->getUsername());
     if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
         $authenticatedToken = new WsseUserToken($user->getRoles());
         $authenticatedToken->setUser($user);
         return $authenticatedToken;
     }
     throw new AuthenticationException('The WSSE authentication failed.');
 }