/** * Handles form based authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if ($this->options['check_path'] !== $request->getPathInfo()) { return; } try { if (null === ($token = $this->attemptAuthentication($request))) { return; } $response = $this->onSuccess($request, $token); } catch (AuthenticationException $failed) { $response = $this->onFailure($event->getSubject(), $request, $failed); } $event->setReturnValue($response); return true; }
public function handle(Event $event) { $request = $event->get('request'); $master = HttpKernelInterface::MASTER_REQUEST === $event->get('request_type'); $this->initializeSession($request, $master); $this->initializeRequestAttributes($request, $master); }
/** * Handles security. * * @param Event $event An Event instance */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } $request = $event->get('request'); $this->dispatcher->disconnect('core.security'); list($listeners, $exception) = $this->map->getListeners($request); if (null !== $exception) { $exception->register($this->dispatcher); } foreach ($listeners as $listener) { $listener->register($this->dispatcher); } $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request))); if ($e->isProcessed()) { $event->setReturnValue($e->getReturnValue()); return true; } return; }
public function handle(Event $event) { static $handling; if (true === $handling) { return false; } $handling = true; $exception = $event->get('exception'); $request = $event->get('request'); if (null !== $this->logger) { $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage())); } else { error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine())); } $logger = null !== $this->logger ? $this->logger->getDebugLogger() : null; $attributes = array('_controller' => $this->controller, 'exception' => FlattenException::create($exception), 'logger' => $logger, 'format' => 0 === strncasecmp(PHP_SAPI, 'cli', 3) ? 'txt' : $request->getRequestFormat()); $request = $request->duplicate(null, null, $attributes); try { $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { $message = sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()); if (null !== $this->logger) { $this->logger->err($message); } else { error_log($message); } // re-throw the exception as this is a catch-all throw $exception; } $event->setReturnValue($response); $handling = false; return true; }
/** * Handles security. * * @param Event $event An Event instance */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } $request = $event->get('request'); // disconnect all listeners from core.security to avoid the overhead // of most listeners having to do this manually $this->dispatcher->disconnect('core.security'); // ensure that listeners disconnect from wherever they have connected to foreach ($this->currentListeners as $listener) { $listener->unregister($this->dispatcher); } // register listeners for this firewall list($listeners, $exception) = $this->map->getListeners($request); if (null !== $exception) { $exception->register($this->dispatcher); } foreach ($listeners as $listener) { $listener->register($this->dispatcher); } // save current listener instances $this->currentListeners = $listeners; $this->currentListeners[] = $exception; // initiate the listener chain $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request))); if ($e->isProcessed()) { $event->setReturnValue($e->getReturnValue()); return true; } return; }
/** * Filters the Response. * * @param Event $event An Event instance * @param Response $response A Response instance */ public function filter(Event $event, Response $response) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type') || $response->headers->has('Content-Type')) { return $response; } $request = $event->get('request'); $format = $request->getRequestFormat(); if (null !== $format && ($mimeType = $request->getMimeType($format))) { $response->headers->set('Content-Type', $mimeType); } return $response; }
/** * Handles security related exceptions. * * @param Event $event An Event instance */ public function handleException(Event $event) { $exception = $event->get('exception'); $request = $event->get('request'); if ($exception instanceof AuthenticationException) { if (null !== $this->logger) { $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage())); } try { $response = $this->startAuthentication($request, $exception); } catch (\Exception $e) { $event->set('exception', $e); return; } } elseif ($exception instanceof AccessDeniedException) { $token = $this->context->getToken(); if (!$this->authenticationTrustResolver->isFullFledged($token)) { if (null !== $this->logger) { $this->logger->info('Access denied (user is not fully authenticated); redirecting to authentication entry point'); } try { $response = $this->startAuthentication($request, new InsufficientAuthenticationException('Full authentication is required to access this resource.', $token, 0, $exception)); } catch (\Exception $e) { $event->set('exception', $e); return; } } else { if (null !== $this->logger) { $this->logger->info('Access is denied (and user is neither anonymous, nor remember-me)'); } if (null === $this->errorPage) { return; } $subRequest = Request::create($this->errorPage); $subRequest->attributes->set(SecurityContext::ACCESS_DENIED_ERROR, $exception->getMessage()); try { $response = $event->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { if (null !== $this->logger) { $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); } $event->set('exception', new \RuntimeException('Exception thrown when handling an exception.', 0, $e)); return; } $response->setStatusCode(403); } } else { return; } $event->setReturnValue($response); return true; }
/** * Handles the core.response event. * * @param Event $event An Event instance * * @return Response $response A Response instance */ public function handleResponse(Event $event, Response $response) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return $response; } if (null !== $this->matcher && !$this->matcher->matches($event->get('request'))) { return $response; } if ($this->onlyException && null === $this->exception) { return $response; } $this->profiler->collect($event->get('request'), $response, $this->exception); $this->exception = null; return $response; }
/** * Handles basic authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if (false === ($username = $request->server->get('PHP_AUTH_USER', false))) { return; } if (null !== ($token = $this->securityContext->getToken())) { if ($token->isImmutable()) { return; } if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $username) { return; } } if (null !== $this->logger) { $this->logger->debug(sprintf('Basic Authentication Authorization header found for user "%s"', $username)); } try { $token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->server->get('PHP_AUTH_PW'))); $this->securityContext->setToken($token); } catch (AuthenticationException $failed) { $this->securityContext->setToken(null); if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication request failed: %s', $failed->getMessage())); } if ($this->ignoreFailure) { return; } $event->setReturnValue($this->authenticationEntryPoint->start($request, $failed)); return true; } }
/** * Handles X509 authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if (null !== $this->logger) { $this->logger->debug(sprintf('Checking secure context token: %s', $this->securityContext->getToken())); } list($user, $credentials) = $this->getPreAuthenticatedData($request); if (null !== ($token = $this->securityContext->getToken())) { if ($token->isImmutable()) { return; } if ($token instanceof PreAuthenticatedToken && $token->isAuthenticated() && (string) $token === $user) { return; } } if (null !== $this->logger) { $this->logger->debug(sprintf('Trying to pre-authenticate user "%s"', $user)); } try { $token = $this->authenticationManager->authenticate(new PreAuthenticatedToken($user, $credentials)); if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication success: %s', $token)); } $this->securityContext->setToken($token); } catch (AuthenticationException $failed) { $this->securityContext->setToken(null); if (null !== $this->logger) { $this->logger->debug(sprintf("Cleared security context due to exception: %s", $failed->getMessage())); } } }
public function getController(Event $event, $controller) { if (HttpKernelInterface::MASTER_REQUEST === $event->get('request_type')) { $this->extension->setController($controller); } return $controller; }
/** * * * @param Event $event An Event instance */ public function filter(Event $event, Response $response) { if (!$configuration = $event->get('request')->attributes->get('_cache')) { return $response; } if (!$response->isSuccessful()) { return $response; } if (null !== $configuration->getSMaxAge()) { $response->setSharedMaxAge($configuration->getSMaxAge()); } if (null !== $configuration->getMaxAge()) { $response->setMaxAge($configuration->getMaxAge()); } if (null !== $configuration->getExpires()) { $date = \DateTime::create(\DateTime::createFromFormat('U', $configuration->getExpires(), new \DateTimeZone('UTC'))); $response->setLastModified($date); } return $response; }
/** * Handles channel management. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); list($attributes, $channel) = $this->map->getPatterns($request); if ('https' === $channel && !$request->isSecure()) { if (null !== $this->logger) { $this->logger->debug('Redirecting to HTTPS'); } $event->setReturnValue($this->authenticationEntryPoint->start($request)); return true; } if ('http' === $channel && $request->isSecure()) { if (null !== $this->logger) { $this->logger->debug('Redirecting to HTTP'); } $event->setReturnValue($this->authenticationEntryPoint->start($request)); return true; } }
/** * * * @param Event $event An Event instance */ public function filter(Event $event, $controller) { $request = $event->get('request'); if ($configuration = $request->attributes->get('_converters')) { $this->manager->apply($request, $configuration); } if (is_array($controller)) { $r = new \ReflectionMethod($controller[0], $controller[1]); } else { $r = new \ReflectionFunction($controller); } // automatically apply conversion for non-configured objects foreach ($r->getParameters() as $param) { if ($param->getClass() && !$request->attributes->get($param->getName())) { $configuration = new ParamConverter(); $configuration->setName($param->getName()); $configuration->setClass($param->getClass()->getName()); $configuration->setOptional($param->isOptional()); $this->manager->apply($request, $configuration); } } return $controller; }
/** * Handles digest authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if (!$request->get($this->usernameParameter)) { return; } if ('_exit' === $request->get($this->usernameParameter)) { $this->securityContext->setToken($this->attemptExitUser($request)); } else { try { $this->securityContext->setToken($this->attemptSwitchUser($request)); } catch (AuthenticationException $e) { if (null !== $this->logger) { $this->logger->debug(sprintf('Switch User failed: "%s"', $e->getMessage())); } } } $response = new Response(); $request->server->set('QUERY_STRING', ''); $response->setRedirect($request->getUri(), 302); $event->setReturnValue($response); return true; }
public function listenToInteractiveLogin(Event $event) { $user = $event->get('token')->getUser(); if ($user instanceof User) { $user->setLastLogin(new DateTime()); $this->userManager->updateUser($user); } }
public function handle(Event $event, Response $response) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return $response; } if ($response->headers->has('X-Debug-Token') && $response->isRedirect() && $this->interceptRedirects) { $response->setContent(sprintf('<html><head></head><body><h1>This Request redirects to<br /><a href="%1$s">%1$s</a>.</h1><h4>The redirect was intercepted by the web debug toolbar to help debugging.<br/>For more information, see the "intercept-redirects" option of the Profiler.</h4></body></html>', $response->headers->get('Location'))); $response->setStatusCode(200); $response->headers->remove('Location'); } $request = $event->get('request'); if (!$response->headers->has('X-Debug-Token') || '3' === substr($response->getStatusCode(), 0, 1) || $response->headers->has('Content-Type') && false === strpos($response->headers->get('Content-Type'), 'html') || 'html' !== $request->getRequestFormat() || $request->isXmlHttpRequest()) { return $response; } $this->injectToolbar($request, $response); return $response; }
public function parseRequest(Event $event) { $request = $event->get('request'); $matcher = new UrlMatcher($this->routes, array('base_url' => $request->getBaseUrl(), 'method' => $request->getMethod(), 'host' => $request->getHost(), 'is_secure' => $request->isSecure())); if (false === ($attributes = $matcher->match($request->getPathInfo()))) { return false; } $request->attributes->add($attributes); }
public function resolve(Event $event) { $request = $event->get('request'); if (HttpKernelInterface::MASTER_REQUEST === $event->get('request_type')) { // set the context even if the parsing does not need to be done // to have correct link generation $this->router->setContext(array('base_url' => $request->getBaseUrl(), 'method' => $request->getMethod(), 'host' => $request->getHost(), 'is_secure' => $request->isSecure())); } if ($request->attributes->has('_controller')) { return; } $url = $request->getPathInfo(); $parts = explode('/', $url); if (count($parts) < 4) { return; } $controllerName = sprintf('App\\%sBundle\\Controller\\%sController::%sAction', $parts[1], $parts[2], $parts[3]); $request->attributes->add(array('_controller' => $controllerName)); }
/** * Handles anonymous authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if (null !== $this->context->getToken()) { return; } $this->context->setToken(new AnonymousToken($this->key, 'anon.', array())); if (null !== $this->logger) { $this->logger->debug(sprintf('Populated SecurityContext with an anonymous Token')); } }
/** * Checks for a NoUserForPrincipalException and unauthenticates the user * locally and then remotely by redirecting to the CAS logout URL. * * @param Symfony\Component\EventDispatcher\Event $event */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } if ($this->container->has('simplecas')) { $exception = $event->get('exception'); if ($exception instanceof NoUserForPrincipalException) { if (null !== $this->logger) { $this->logger->err(sprintf('Redirecting to CAS logout page (%s)', $exception->getMessage())); } $simplecas = $this->container->get('simplecas'); $simplecas->unauthenticate(); $response = $this->container->get('response'); $response->setStatusCode(302); $response->headers->set('Location', $simplecas->getLogoutUrl()); $event->setReturnValue($response); return true; } } }
/** * Handles digest authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if (!($header = $request->server->get('PHP_AUTH_DIGEST'))) { return; } if (null !== ($token = $this->securityContext->getToken())) { if ($token->isImmutable()) { return; } if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $username) { return; } } if (null !== $this->logger) { $this->logger->debug(sprintf('Digest Authorization header received from user agent: %s', $header)); } $digestAuth = new DigestData($header); try { $digestAuth->validateAndDecode($this->authenticationEntryPoint->getKey(), $this->authenticationEntryPoint->getRealmName()); } catch (BadCredentialsException $e) { $this->fail($request, $e); return; } try { $user = $this->provider->loadUserByUsername($digestAuth->getUsername()); if (null === $user) { throw new AuthenticationServiceException('AuthenticationDao returned null, which is an interface contract violation'); } $serverDigestMd5 = $digestAuth->calculateServerDigest($user->getPassword(), $request->getMethod()); } catch (UsernameNotFoundException $notFound) { $this->fail($request, new BadCredentialsException(sprintf('Username %s not found.', $digestAuth->getUsername()))); return; } if ($serverDigestMd5 !== $digestAuth->getResponse()) { if (null !== $this->logger) { $this->logger->debug(sprintf("Expected response: '%s' but received: '%s'; is AuthenticationDao returning clear text passwords?", $serverDigestMd5, $digestAuth->getResponse())); } $this->fail($request, new BadCredentialsException('Incorrect response')); return; } if ($digestAuth->isNonceExpired()) { $this->fail($request, new NonceExpiredException('Nonce has expired/timed out.')); return; } if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication success for user "%s" with response "%s"', $digestAuth->getUsername(), $digestAuth->getResponse())); } $this->securityContext->setToken(new UsernamePasswordToken($user, $user->getPassword())); }
/** * Performs the logout if requested * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if ($this->logoutPath !== $request->getPathInfo()) { return; } $response = new Response(); $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302); $token = $this->securityContext->getToken(); foreach ($this->handlers as $handler) { $handler->logout($request, $response, $token); } $this->securityContext->setToken(null); $event->setReturnValue($response); return true; }
/** * Writes the SecurityContext to the session. * * @param Event $event An Event instance */ public function write(Event $event, Response $response) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return $response; } if (null === ($token = $this->context->getToken())) { return $response; } if (null === $token || $token instanceof AnonymousToken) { return $response; } if (null !== $this->logger) { $this->logger->debug('Write SecurityContext in the session'); } $event->get('request')->getSession()->set('_security', serialize($token)); return $response; }
/** * * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if ($this->logoutPath !== $request->getPathInfo()) { return; } $this->securityContext->setToken(null); $request->getSession()->invalidate(); $response = new Response(); $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302); $event->setReturnValue($response); return true; }
/** * Handles access authorization. * * @param Event $event An Event instance */ public function handle(Event $event) { if (null === ($token = $this->context->getToken())) { throw new AuthenticationCredentialsNotFoundException('A Token was not found in the SecurityContext.'); } $request = $event->get('request'); list($attributes, $channel) = $this->map->getPatterns($request); if (null === $attributes) { return; } if (!$token->isAuthenticated()) { $token = $this->authManager->authenticate($token); $this->context->setToken($token); } if (!$this->accessDecisionManager->decide($token, $attributes, $request)) { throw new AccessDeniedException(); } }
/** * * * @param Event $event An Event instance */ public function filter(Event $event, $controller) { if (!is_array($controller)) { return $controller; } $object = new \ReflectionObject($controller[0]); $method = $object->getMethod($controller[1]); $request = $event->get('request'); foreach ($this->reader->getMethodAnnotations($method) as $configuration) { if ($configuration instanceof ConfigurationInterface) { $request->attributes->set('_'.$configuration->getAliasName(), $configuration); } } return $controller; }
/** * @param Event $event * @param mixed $controller * * @return mixed * * @throws NotFoundHttpException */ public function filterController(Event $event, $controller) { if (!is_array($controller)) { return $controller; } $request = $event->get('request'); $method = new \ReflectionMethod($controller[0], $controller[1]); foreach ($method->getParameters() as $param) { if (null !== $param->getClass() && false === $request->attributes->has($param->getName())) { try { $this->manager->apply($request, $param); } catch (\InvalidArgumentException $e) { if (false === $param->isOptional()) { throw new NotFoundHttpException(sprintf('Unable to convert parameter "%s".', $param->getName()), $e); } } } } return $controller; }
public function create(Event $event) { $this->sitemap->add($event->get('loc'), array('changefreq' => $event->has('changefreq') ? $event->get('changefreq') : Url::YEARLY, 'priority' => $event->has('priority') ? $event->get('priority') : self::DEFAULT_PRIORITY, 'lastmod' => new \DateTime())); $this->dump($this->sitemap); }
/** * * * @param Event $event An Event instance */ public function filterView(Event $event, $parameters) { $request = $event->get('request'); if (null === $parameters) { if (!$vars = $request->attributes->get('_template_vars')) { if (!$vars = $request->attributes->get('_template_default_vars')) { return; } } $parameters = array(); foreach ($vars as $var) { $parameters[$var] = $request->attributes->get($var); } } if (!is_array($parameters)) { return $parameters; } if (!$template = $request->attributes->get('_template')) { return $parameters; } $response = $this->container->get('response'); $response->setContent($this->container->get('templating')->render($template, $parameters)); return $response; }