Пример #1
0
 /**
  * Get the user from user provided for the given instance of Login object.
  *
  * @param Login $login Instance of Login object.
  *
  * @return AbstractUser
  * @throws UserNotFoundException
  */
 public function getUser(Login $login)
 {
     $user = new User();
     $user->setParams($this->params);
     $user->populate($login->getUsername(), $login->getPassword(), []);
     return $user;
 }
Пример #2
0
 /**
  * Get the user from user provided for the given instance of Login object.
  *
  * @param Login $login Instance of Login object.
  *
  * @return UserAbstract
  * @throws UserNotFoundException
  */
 public function getUser(Login $login)
 {
     if (self::$returnLoginObject) {
         $user = new UserMock();
         $user->populate($login->getUsername(), $login->getPassword(), ['ROLE_MOCK'], false);
         return $user;
     }
     return false;
 }
Пример #3
0
 /**
  * This method verifies the credentials of current user with the credentials provided from the Login object.
  *
  * @param Login    $login
  * @param Firewall $firewall
  *
  * @throws \Exception
  * @return bool Return true if credentials are valid, otherwise return false.
  */
 public function authenticate(Login $login, Firewall $firewall)
 {
     try {
         $result = $firewall->verifyPasswordHash($login->getPassword(), $this->getPassword());
     } catch (\Exception $e) {
         throw new \Exception($e->getMessage());
     }
     return $result;
 }
Пример #4
0
 /**
  * Get the user from user provided for the given instance of Login object.
  * NOTE: The method gets the users based on his username only, password is not verified, this is part of
  * the authentication process.
  *
  * @param Login $login Instance of Login object.
  *
  * @return UserAbstract
  * @throws UserNotFoundException
  */
 public function getUser(Login $login)
 {
     $username = $login->getUsername();
     if (!isset($this->users[$username]) || !$this->isArray($this->users[$username])) {
         throw new UserNotFoundException('User "' . $username . '" was not found.');
     }
     $userData = $this->users[$username];
     $user = new User();
     $user->populate($username, $userData['password'], $userData['roles'], false);
     return $user;
 }
Пример #5
0
 /**
  * This method verifies the credentials of current user with the credentials provided from the Login object.
  *
  * @param Login    $login
  * @param Firewall $firewall
  *
  * @return bool Return true if credentials are valid, otherwise return false.
  */
 public function authenticate(Login $login, Firewall $firewall)
 {
     $user = call_user_func_array([$this->entity, 'findOne'], [[$this->username => $login->getUsername()]]);
     if ($user) {
         if ($firewall->verifyPasswordHash($login->getPassword(), $user[$this->password])) {
             if (isset($user[$this->role])) {
                 $role = $user[$this->role];
             } else {
                 $role = $this->role;
             }
             $role = new Role($role);
             $this->setRoles([$role]);
             return true;
         }
     }
     return false;
 }
Пример #6
0
 /**
  * This method verifies the credentials of current user with the credentials provided from the Login object.
  *
  * @param Login    $login
  * @param Firewall $firewall
  *
  * @return bool Return true if credentials are valid, otherwise return false.
  */
 public function authenticate(Login $login, Firewall $firewall)
 {
     $entityInstance = new $this->entity();
     $user = $entityInstance->find([$this->username => $login->getUsername()]);
     if ($user && isset($user[0])) {
         $user = $user[0];
         if ($firewall->verifyPasswordHash($login->getPassword(), $user[$this->password])) {
             if (isset($user[$this->role])) {
                 $role = $user[$this->role];
             } else {
                 $role = $this->role;
             }
             $role = new Role($role);
             $this->setRoles([$role]);
             return true;
         }
     }
     return false;
 }
Пример #7
0
 /**
  * Get the user from user provided for the given instance of Login object.
  *
  * @param Login $login Instance of Login object.
  *
  * @return AbstractUser
  * @throws UserNotFoundException
  */
 public function getUser(Login $login)
 {
     // check if we have the tw_oauth_server attribute
     if (!$login->getAttribute('tw_oauth_server')) {
         throw new UserNotFoundException('User not found.');
     }
     // try to get the user from oauth
     $connection = $login->getAttribute('tw_oauth_server');
     try {
         $twUserObj = $connection->getUserDetails();
         $eventObj = new TwitterEvent($twUserObj, $connection);
         $this->eventManager()->fire(TwitterEvent::TWITTER_AUTH_SUCCESS, $eventObj);
     } catch (\Exception $e) {
         throw new UserNotFoundException($e->getMessage());
     }
     // create the user object
     $user = new User();
     $user->populate($twUserObj->getUsername(), '', $login->getAttribute('tw_oauth_roles'), true);
     return $user;
 }
Пример #8
0
 /**
  * Get the user from user provided for the given instance of Login object.
  *
  * @param Login $login Instance of Login object.
  *
  * @return UserAbstract
  * @throws UserNotFoundException
  */
 public function getUser(Login $login)
 {
     // check if we have the oauth_server attribute
     if (!$login->getAttribute('oauth2_server')) {
         throw new UserNotFoundException('User not found.');
     }
     // try to get the user from oauth
     $oauth2 = $login->getAttribute('oauth2_server');
     try {
         $oauth2User = $oauth2->request()->getUserDetails();
         // fire the event
         $eventClass = new OAuth2Event($oauth2User, $oauth2);
         $this->eventManager()->fire(OAuth2Event::OAUTH2_AUTH_SUCCESS, $eventClass);
     } catch (\Exception $e) {
         $this->httpSession()->delete('oauth_token');
         throw new UserNotFoundException($e->getMessage());
     }
     // create the user object
     $user = new User();
     $user->populate($oauth2User->email, '', $login->getAttribute('oauth2_roles'), true);
     return $user;
 }
Пример #9
0
 /**
  * This method is triggered on the login submit page where user credentials are submitted.
  * On this page the provider should create a new Login object from those credentials, and return the object.
  * This object will be then validated by user providers.
  *
  * @param ConfigObject $config Firewall config
  *
  * @throws TwitterOAuthException
  * @return Login
  */
 public function getLoginObject(ConfigObject $config)
 {
     try {
         // step1 -> get access token
         if (!$this->httpSession()->get('tw_oauth_token_secret', false)) {
             $requestToken = $this->connection->getRequestToken();
             // save the session for later
             $this->httpSession()->save('tw_oauth_token', $requestToken['oauth_token']);
             $this->httpSession()->save('tw_oauth_token_secret', $requestToken['oauth_token_secret']);
             // check response code
             $authUrl = $this->connection->getAuthorizeUrl($requestToken['oauth_token']);
             header('Location: ' . $authUrl);
             die('Redirect');
         } else {
             // request access tokens from twitter
             if ($this->httpRequest()->query('oauth_verifier', false)) {
                 $access_token = $this->connection->requestAccessToken($this->httpSession()->get('tw_oauth_token'), $this->httpSession()->get('tw_oauth_token_secret'), $this->httpRequest()->query('oauth_token'), $this->httpRequest()->query('oauth_verifier'));
             } else {
                 // remove no longer needed request tokens
                 $this->httpSession()->delete('tw_oauth_token');
                 $this->httpSession()->delete('tw_oauth_token_secret');
                 // redirect back to login
                 $this->httpRedirect($this->httpRequest()->getCurrentUrl());
             }
             // save the access tokens. Normally these would be saved in a database for future use.
             $this->httpSession()->save('tw_access_token', $access_token);
             // remove no longer needed request tokens
             $this->httpSession()->delete('tw_oauth_token');
             $this->httpSession()->delete('tw_oauth_token_secret');
         }
     } catch (\Exception $e) {
         $this->httpSession()->delete('tw_oauth_token_secret');
         throw new TwitterOAuthException($e->getMessage());
     }
     // step2 -> return the login object with auth token
     $login = new Login('', '');
     $login->setAttribute('tw_oauth_server', $this->connection);
     $login->setAttribute('tw_oauth_roles', $this->oauthRoles);
     return $login;
 }
Пример #10
0
 /**
  * This method is triggered on the login submit page where user credentials are submitted.
  * On this page the provider should create a new Login object from those credentials, and return the object.
  * This object will be then validated by user providers.
  *
  * @param ConfigObject $config Firewall config
  *
  * @throws OAuth2Exception
  * @return Login
  */
 public function getLoginObject(ConfigObject $config)
 {
     // step1 -> get access token
     $oauth2 = $this->getOAuth2Instance();
     if (!$this->httpRequest()->query('code', false)) {
         $this->httpSession()->delete('oauth_token');
         // append state param to make the request more secured
         $state = $this->createOAuth2State();
         $this->httpSession()->save('oauth_state', $state);
         $oauth2->setState($state);
         $oauth2 = $this->getOAuth2Instance();
         $authUrl = $oauth2->getAuthenticationUrl();
         header('Location: ' . $authUrl);
         $this->triggerExit('Redirecting');
     } else {
         if (!$this->httpSession()->get('oauth_token', false)) {
             $accessToken = $oauth2->requestAccessToken();
             $this->httpSession()->save('oauth_token', $accessToken);
         } else {
             $accessToken = $this->httpSession()->get('oauth_token', false);
         }
     }
     // verify oauth state
     $oauthState = $this->httpRequest()->query('state', '');
     $state = $this->httpSession()->get('oauth_state', 'invalid');
     if ($oauthState != $state) {
         throw new OAuth2Exception('The state parameter from OAuth2 response doesn\'t match the users state parameter.');
     }
     $oauth2->setAccessToken($accessToken);
     if ($this->isArray($accessToken) && isset($accessToken['result']['error'])) {
         $this->httpSession()->delete('oauth_token');
         return false;
     }
     // step2 -> return the login object with auth token
     $login = new Login('', '');
     $login->setAttribute('oauth2_server', $oauth2);
     $login->setAttribute('oauth2_roles', $this->oauth2Roles);
     return $login;
 }
Пример #11
0
 public function testGetAuthProviderName()
 {
     $login = new Login('username', 'password', true);
     $login->setAuthProviderName('Facebook');
     $this->assertSame('Facebook', $login->getAuthProviderName());
 }