/** * (non-PHPdoc) * @see common_user_auth_Adapter::authenticate() */ public function authenticate() { $userClass = new core_kernel_classes_Class(CLASS_GENERIS_USER); $filters = array(PROPERTY_USER_LOGIN => $this->username); $options = array('like' => false, 'recursive' => true); $users = $userClass->searchInstances($filters, $options); if (count($users) > 1) { // Multiple users matching throw new common_exception_InconsistentData("Multiple Users found with the same login '" . $this->username . "'."); } if (empty($users)) { // fake code execution to prevent timing attacks $label = new core_kernel_classes_Property(RDFS_LABEL); $hash = $label->getUniquePropertyValue($label); if (!core_kernel_users_Service::getPasswordHash()->verify($this->password, $hash)) { throw new core_kernel_users_InvalidLoginException(); } // should never happen, added for integrity throw new core_kernel_users_InvalidLoginException(); } $userResource = current($users); $hash = $userResource->getUniquePropertyValue(new core_kernel_classes_Property(PROPERTY_USER_PASSWORD)); if (!core_kernel_users_Service::getPasswordHash()->verify($this->password, $hash)) { throw new core_kernel_users_InvalidLoginException(); } return new core_kernel_users_GenerisUser($userResource); }