/** * @param TokenInterface $token * @return WsseToken|TokenInterface */ public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if ($user && $this->validateDigest($token->getAttribute('digest'), $token->getAttribute('nonce'), $token->getAttribute('created'), $this->getSecret($user), $this->getSalt($user), $user)) { $authenticatedToken = new WsseToken($user->getRoles()); $authenticatedToken->setUser($user); $authenticatedToken->setAuthenticated(true); return $authenticatedToken; } $this->logger->error(sprintf('Attempt of unauthorized access for user: %s', $token->getUsername())); throw new AuthenticationException(' Incorrect email or password.'); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { return; } $user = $matches[1]; $token = new WsseToken(); $token->setUser($user); $token->setAttribute('digest', $matches[2]); $token->setAttribute('nonce', $matches[3]); $token->setAttribute('created', $matches[4]); try { $returnValue = $this->authenticationManager->authenticate($token); if ($returnValue instanceof TokenInterface) { if (!$returnValue->getUser()->isActive()) { throw new AuthenticationException("Your account is not activated yet, please check your email and confirm registration.\n" . "If you didn't receive your verification email, please <a href=\"#reconfirm/{$user}\">click here.</a>"); } return $this->securityContext->setToken($returnValue); } else { if ($returnValue instanceof Response) { $event->setResponse($returnValue); return; } } } catch (AuthenticationException $failed) { $this->logger->error(sprintf("Authentication failed for user %s. Reason: %s", $token->getUser(), $failed->getMessage())); $response = new Response($this->serializer->serialize(['message' => $failed->getMessage()], $request->getRequestFormat()), Codes::HTTP_UNAUTHORIZED); $event->setResponse($response); } }
/** * @test */ public function getCredentials() { $token = new WsseToken(); $this->assertEquals('', $token->getCredentials()); }
/** * @test */ public function handleReturnResponse() { $token = new WsseToken(); $token->setUser('admin'); $token->setAttribute('digest', 'admin'); $token->setAttribute('nonce', 'admin'); $token->setAttribute('created', '2010-12-12 20:00:00'); $this->authenticationManager->expects($this->once())->method('authenticate')->with($token)->will($this->returnValue($this->response)); $this->responseEvent->expects($this->once())->method('setResponse')->with($this->response); $this->request->headers->add(array('X-WSSE' => 'UsernameToken Username="******", PasswordDigest="admin", Nonce="admin", Created="2010-12-12 20:00:00"')); $this->wsseListener->handle($this->responseEvent); }