Пример #1
0
 /**
  * Performs an authentication attempt
  *
  * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
  * @return Zend_Auth_Result
  */
 public function authenticate()
 {
     if (empty($this->_request) || empty($this->_response)) {
         throw new Zend_Auth_Adapter_Exception('Request and Response objects must be set before calling authenticate method');
     }
     if ($this->_request->getParam('module') != 'download') {
         throw new Zend_Auth_Adapter_Exception('Wrong endpoint');
     }
     try {
         $token = $this->_request->getParam('downloadToken');
         if (!$token instanceof Download\Model\DownloadTokenModel) {
             throw new Zend_Auth_Adapter_Exception("Download token data is missing", 401);
         }
         if ($token->authType == \App_Controller_Plugin_Auth::AUTH_TYPE_EXTERNAL) {
             $apiId = $token->apiId;
             $apiIdMapper = Application\Model\Mapper\APIIdMapper::getInstance();
             $res = $apiIdMapper->findOneByApiId($apiId);
             if (empty($res)) {
                 throw new \Application\Exceptions\NotFoundException("Api id '{$apiId}' not found (at Mongo)");
             }
             $orgId = $res->getOrgId();
             $apiUserId = 'API_' . $apiId;
             if (empty($orgId)) {
                 throw new Zend_Auth_Adapter_Exception("Organization id not defined in Api id '{$apiId}' ");
             }
             $result = array('id' => $apiUserId, 'apiId' => $apiId, 'username' => 'api_' . $orgId, 'monetaryDataAccess' => $res->getMonetaryDataAccess(), 'orgId' => $orgId, 'role' => 'admin', 'authType' => App_Controller_Plugin_Auth::AUTH_TYPE_DOWNLOAD_TOKEN);
         } else {
             if ($username = $token->username) {
                 $userMapper = Application\Model\Mapper\UserMapper::getInstance();
                 $res = $userMapper->findOneByUserName($username);
                 if (empty($res)) {
                     throw new \Application\Exceptions\NotFoundException("User name '{$username}' not found");
                 }
                 $orgId = $res->getOrganizationId();
                 if (empty($orgId)) {
                     throw new Zend_Auth_Adapter_Exception("User '{$username}' has no orgId");
                 }
                 $result = array('id' => $res->id, 'username' => $username, 'monetaryDataAccess' => $res->getMonetaryDataAccess(), 'role' => $res->getRole(), 'orgId' => $orgId, 'authType' => App_Controller_Plugin_Auth::AUTH_TYPE_DOWNLOAD_TOKEN, 'language' => $res->language);
             }
         }
         //             App_Controller_Plugin_TrackingToken::generateToken($username, $orgId);
         //             $orgSrv = \Application\Service\OrgService::getInstance();
         //             $organization = $orgSrv->load($orgId);
         //             if (empty($organization)) {
         //                 throw new \Application\Exceptions\NotFoundException("Org '$orgId' not found");
         //             }
         if ($token->impersonation) {
             $result['impersonation'] = $token->impersonation;
         }
         $result['downloadToken'] = $token;
         return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $result);
     } catch (Exception $e) {
         \App::log()->err($e->getMessage());
     }
     \App::log()->warn("Download authentication failed: Token => " . @$token->id ?: null);
     return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null);
 }
Пример #2
0
 /**
  * Performs an authentication attempt
  *
  * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
  * @return Zend_Auth_Result
  */
 public function authenticate()
 {
     if (empty($this->_request) || empty($this->_response)) {
         throw new Zend_Auth_Adapter_Exception('Request and Response objects must be set before calling authenticate method');
     }
     try {
         $apiId = $this->_getApiId();
         $apiIdMapper = Application\Model\Mapper\APIIdMapper::getInstance();
         $res = $apiIdMapper->findOneByApiId($apiId);
         if (empty($res)) {
             throw new \Application\Exceptions\NotFoundException("Api id '{$apiId}' not found (at Mongo)");
         }
         $orgId = $res->getOrgId();
         if (empty($orgId)) {
             throw new Zend_Auth_Adapter_Exception("Api id '{$apiId}' has no orgId (at Mongo)");
         }
         $apiUserId = $res->id;
         \Application\Model\Mapper\ProtoAbstractMapper::$accountingTransactionPrefix = $this->_prefix;
         \Application\Model\Mapper\ProtoAbstractMapper::$accountingUserId = 'API_' . $apiUserId;
         \Application\Model\Mapper\AbstractMapper::$organizationId = $orgId;
         $orgSrv = \Application\Service\OrgService::getInstance();
         $organization = $orgSrv->load($orgId);
         if (empty($organization)) {
             throw new \Application\Exceptions\NotFoundException("Org '{$orgId}' not found");
         }
         \Application\Model\Mapper\ProtoAbstractMapper::$language = $organization->defaultLanguage;
         $token = md5(uniqid(time(), true));
         $result = array('id' => $apiUserId, 'username' => 'API_' . $organization->getName(), 'token' => $token, 'orgId' => $orgId, 'role' => 'admin', 'authType' => App_Controller_Plugin_Auth::AUTH_TYPE_EXTERNAL, 'apiId' => $apiId, 'monetaryDataAccess' => $res->getMonetaryDataAccess());
         return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $result);
     } catch (Exception $e) {
         \App::log()->err($e->getMessage());
     }
     if (isset($res)) {
         \App::log()->warn("API authentication failed: CERT-ID => " . $res->id ?: null);
     } else {
         \App::log()->warn("API authentication failed: API-ID => " . @$apiId ?: null);
     }
     return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null);
 }