Пример #1
0
 public function checkout(AbstractClassContent $content, BBUserToken $token)
 {
     $revision = new Revision();
     $revision->setAccept($content->getAccept());
     $revision->setContent($content);
     $revision->setData($content->getDataToObject());
     $revision->setLabel($content->getLabel());
     $maxEntry = (array) $content->getMaxEntry();
     $minEntry = (array) $content->getMinEntry();
     $revision->setMaxEntry($maxEntry);
     $revision->setMinEntry($minEntry);
     $revision->setOwner($token->getUser());
     foreach ($content->getAllParams() as $key => $value) {
         if (null !== $content->getParamValue($key)) {
             $revision->setParam($key, $content->getParamValue($key));
         }
     }
     $revision->setRevision($content->getRevision() ? $content->getRevision() : 0);
     $revision->setState($content->getRevision() ? Revision::STATE_MODIFIED : Revision::STATE_ADDED);
     return $revision;
 }
Пример #2
0
 /**
  * @Rest\RequestParam(name="username", requirements={@Assert\NotBlank})
  * @Rest\RequestParam(name="password", requirements={@Assert\NotBlank})
  */
 public function authenticateAction(Request $request)
 {
     $created = date('Y-m-d H:i:s');
     $token = new BBUserToken();
     $token->setUser($request->request->get('username'));
     $token->setCreated($created);
     $token->setNonce(md5(uniqid('', true)));
     $token->setDigest(md5($token->getNonce() . $created . md5($request->request->get('password'))));
     $tokenAuthenticated = $this->getApplication()->getSecurityContext()->getAuthenticationManager()->authenticate($token);
     if (!$tokenAuthenticated->getUser()->getApiKeyEnabled()) {
         throw new DisabledException('API access forbidden');
     }
     $this->getApplication()->getSecurityContext()->setToken($tokenAuthenticated);
     return $this->createJsonResponse(null, 201, array('X-API-KEY' => $tokenAuthenticated->getUser()->getApiKeyPublic(), 'X-API-SIGNATURE' => $tokenAuthenticated->getNonce()));
 }
Пример #3
0
 protected function setUp()
 {
     $this->initAutoload();
     $bbapp = $this->getBBApp();
     $this->initDb($bbapp);
     $this->initAcl();
     $this->getBBApp()->setIsStarted(true);
     // save user
     $group = new Group();
     $group->setName('groupName');
     $bbapp->getEntityManager()->persist($group);
     // valid user
     $this->user = new User();
     $this->user->addGroup($group);
     $this->user->setLogin('user123');
     $this->user->setEmail('*****@*****.**');
     $this->user->setPassword('password123');
     $this->user->setActivated(true);
     $bbapp->getEntityManager()->persist($this->user);
     // inactive user
     $user = new User();
     $user->addGroup($group);
     $user->setLogin('user123inactive');
     $user->setEmail('*****@*****.**');
     $user->setPassword('password123');
     $user->setActivated(false);
     $bbapp->getEntityManager()->persist($user);
     $bbapp->getEntityManager()->flush();
     // login user
     $created = date('Y-m-d H:i:s');
     $token = new BBUserToken();
     $token->setUser($this->user);
     $token->setCreated($created);
     $token->setNonce(md5(uniqid('', true)));
     $token->setDigest(md5($token->getNonce() . $created . md5($this->user->getPassword())));
     $this->getSecurityContext()->setToken($token);
     // set up permissions
     $aclManager = $this->getBBApp()->getContainer()->get('security.acl_manager');
     $aclManager->insertOrUpdateClassAce(new ObjectIdentity('all', get_class($this->user)), UserSecurityIdentity::fromAccount($this->user), MaskBuilder::MASK_IDDQD);
 }
Пример #4
0
 public function checkIdentity($username, $password)
 {
     $created = date('Y-m-d H:i:s');
     $token = new BBUserToken();
     $token->setUser($request->request->get('username'));
     $token->setCreated($created);
     $token->setNonce(md5(uniqid('', true)));
     $token->setDigest(md5($token->getNonce() . $created . md5($password)));
     $tokenAuthenticated = $this->getApplication()->getSecurityContext()->getAuthenticationManager()->authenticate($token);
     $this->getApplication()->getSecurityContext()->setToken($tokenAuthenticated);
 }
Пример #5
0
 /**
  * @codeCoverageIgnore
  * {@inheritdoc}
  */
 public function eraseCredentials()
 {
     parent::eraseCredentials();
     $this->_credentials = null;
 }
Пример #6
0
 /**
  * Create a signature for a given user.
  *
  * @param BackBee\Security\Token\BBUserToken the token we want to generate API signature key
  *
  * @return string the generated signature
  */
 public function createSignature(BBUserToken $token)
 {
     return md5($token->getUser()->getApiKeyPublic() . $token->getUser()->getApiKeyPrivate() . $token->getNonce());
 }
Пример #7
0
 /**
  * Creates a user for the specified group, and authenticates a BBUserToken.
  *
  * @param string $groupId
  *
  * @return \BackBee\Security\Token\BBUserToken
  */
 protected function createAuthUser($groupId, $roles = array('ROLE_API_USER'))
 {
     $token = new BBUserToken($roles);
     $user = new User();
     $user->setEmail('*****@*****.**')->setLogin('admin')->setPassword('pass')->setApiKeyPrivate(uniqid("PRIVATE", true))->setApiKeyPublic(uniqid("PUBLIC", true))->setApiKeyEnabled(true);
     $group = $this->getBBApp()->getEntityManager()->getRepository('BackBee\\Security\\Group')->findOneBy(array('_name' => $groupId));
     if (!$group) {
         $group = new Group();
         $group->setName($groupId);
         $this->getBBApp()->getEntityManager()->persist($group);
         $this->getBBApp()->getEntityManager()->flush($group);
     }
     $user->addGroup($group);
     $token->setAuthenticated(true);
     $token->setUser($user)->setCreated(new \DateTime())->setLifetime(300);
     $this->getSecurityContext()->setToken($token);
     return $user;
 }
Пример #8
0
 /**
  * Updates the nonce value.
  *
  * @param string $nonce
  */
 protected function writeNonceValue(BBUserToken $token)
 {
     $now = strtotime($token->getCreated());
     $nonce = $token->getNonce();
     $signature_generator = new RequestSignatureEncoder();
     $signature = $signature_generator->createSignature($token);
     if (null === $this->registryRepository) {
         file_put_contents($this->nonceDir . DIRECTORY_SEPARATOR . $nonce, "{$now};{$signature}");
     } else {
         $registry = $this->getRegistry($nonce)->setValue("{$now};{$signature}");
         $this->registryRepository->save($registry);
     }
 }