/** * Handles channel management. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); list($attributes, $channel) = $this->map->getPatterns($request); if ('https' === $channel && !$request->isSecure()) { if (null !== $this->logger) { $this->logger->debug('Redirecting to HTTPS'); } $event->setReturnValue($this->authenticationEntryPoint->start($request)); return true; } if ('http' === $channel && $request->isSecure()) { if (null !== $this->logger) { $this->logger->debug('Redirecting to HTTP'); } $event->setReturnValue($this->authenticationEntryPoint->start($request)); return true; } }
/** * Handles security. * * @param Event $event An Event instance */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } $request = $event->get('request'); // disconnect all listeners from core.security to avoid the overhead // of most listeners having to do this manually $this->dispatcher->disconnect('core.security'); // ensure that listeners disconnect from wherever they have connected to foreach ($this->currentListeners as $listener) { $listener->unregister($this->dispatcher); } // register listeners for this firewall list($listeners, $exception) = $this->map->getListeners($request); if (null !== $exception) { $exception->register($this->dispatcher); } foreach ($listeners as $listener) { $listener->register($this->dispatcher); } // save current listener instances $this->currentListeners = $listeners; $this->currentListeners[] = $exception; // initiate the listener chain $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request))); if ($e->isProcessed()) { $event->setReturnValue($e->getReturnValue()); return true; } return; }
/** * Handles basic authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->getParameter('request'); if (false === ($username = $request->server->get('PHP_AUTH_USER', false))) { return; } if (null !== ($token = $this->securityContext->getToken())) { if ($token->isImmutable()) { return; } if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $username) { return; } } if (null !== $this->logger) { $this->logger->debug(sprintf('Basic Authentication Authorization header found for user "%s"', $username)); } try { $token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->server->get('PHP_AUTH_PW'))); $this->securityContext->setToken($token); } catch (AuthenticationException $failed) { $this->securityContext->setToken(null); if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication request failed: %s', $failed->getMessage())); } if ($this->ignoreFailure) { return; } $event->setReturnValue($this->authenticationEntryPoint->start($request, $failed)); return true; } }
public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getParameter('request_type')) { return false; } $exception = $event->getParameter('exception'); $request = $event->getParameter('request'); if (null !== $this->logger) { $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage())); } else { error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine())); } $logger = null !== $this->logger ? $this->logger->getDebugLogger() : null; $attributes = array('_controller' => $this->controller, 'exception' => FlattenException::create($exception), 'logger' => $logger, 'format' => 0 === strncasecmp(PHP_SAPI, 'cli', 3) ? 'txt' : $request->getRequestFormat()); $request = $request->duplicate(null, null, $attributes); try { $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { if (null !== $this->logger) { $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); } // re-throw the exception as this is a catch-all throw new \RuntimeException('Exception thrown when handling an exception.', 0, $e); } $event->setReturnValue($response); return true; }
public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getParameter('request_type')) { return false; } $exception = $event->getParameter('exception'); if (null !== $this->logger) { $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage())); } else { error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine())); } $class = $this->container->getParameter('exception_manager.class'); $logger = $this->container->has('logger.debug') ? $this->container->get('logger.debug') : null; $attributes = array('_controller' => $this->controller, 'manager' => new $class($exception, $event->getParameter('request'), $logger)); $request = $event->getParameter('request')->duplicate(null, null, $attributes); try { $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { if (null !== $this->logger) { $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); } return false; } $event->setReturnValue($response); return true; }
/** * Handles security. * * @param Event $event An Event instance */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } $request = $event->get('request'); $this->dispatcher->disconnect('core.security'); list($listeners, $exception) = $this->map->getListeners($request); if (null !== $exception) { $exception->register($this->dispatcher); } foreach ($listeners as $listener) { $listener->register($this->dispatcher); } $e = $this->dispatcher->notifyUntil(new Event($request, 'core.security', array('request' => $request))); if ($e->isProcessed()) { $event->setReturnValue($e->getReturnValue()); return true; } return; }
/** * * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->getParameter('request'); if ($this->logoutPath !== $request->getPathInfo()) { return; } $this->securityContext->setToken(null); $request->getSession()->invalidate(); $response = new Response(); $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302); $event->setReturnValue($response); return true; }
/** * Handles form based authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->getParameter('request'); if ($this->options['check_path'] !== $request->getPathInfo()) { return; } try { if (null === ($token = $this->attemptAuthentication($request))) { return; } $response = $this->onSuccess($request, $token); } catch (AuthenticationException $failed) { $response = $this->onFailure($request, $failed); } $event->setReturnValue($response); return true; }
/** * Checks for a NoUserForPrincipalException and unauthenticates the user * locally and then remotely by redirecting to the CAS logout URL. * * @param Symfony\Component\EventDispatcher\Event $event */ public function handle(Event $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { return; } if ($this->container->has('simplecas')) { $exception = $event->get('exception'); if ($exception instanceof NoUserForPrincipalException) { if (null !== $this->logger) { $this->logger->err(sprintf('Redirecting to CAS logout page (%s)', $exception->getMessage())); } $simplecas = $this->container->get('simplecas'); $simplecas->unauthenticate(); $response = $this->container->get('response'); $response->setStatusCode(302); $response->headers->set('Location', $simplecas->getLogoutUrl()); $event->setReturnValue($response); return true; } } }
/** * Handles digest authentication. * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->getParameter('request'); if (!$request->get($this->usernameParameter)) { return; } if ('_exit' === $request->get($this->usernameParameter)) { $this->securityContext->setToken($this->attemptExitUser($request)); } else { try { $this->securityContext->setToken($this->attemptSwitchUser($request)); } catch (AuthenticationException $e) { if (null !== $this->logger) { $this->logger->debug(sprintf('Switch User failed: "%s"', $e->getMessage())); } } } $response = new Response(); $request->server->set('QUERY_STRING', ''); $response->setRedirect($request->getUri(), 302); $event->setReturnValue($response); return true; }
/** * Handles security related exceptions. * * @param Event $event An Event instance */ public function handleException(Event $event) { $exception = $event->getParameter('exception'); $request = $event->getParameter('request'); if ($exception instanceof AuthenticationException) { if (null !== $this->logger) { $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage())); } try { $response = $this->startAuthentication($request, $exception); } catch (\Exception $e) { $event->setParameter('exception', $e); return; } } elseif ($exception instanceof AccessDeniedException) { $token = $this->context->getToken(); if (null === $token || $token instanceof AnonymousToken) { if (null !== $this->logger) { $this->logger->info('Access denied (user is anonymous); redirecting to authentication entry point'); } try { $response = $this->startAuthentication($request, new InsufficientAuthenticationException('Full authentication is required to access this resource.', $token, 0, $exception)); } catch (\Exception $e) { $event->setParameter('exception', $e); return; } } else { if (null !== $this->logger) { $this->logger->info('Access is denied (and user is not anonymous)'); } if (null === $this->errorPage) { return; } $subRequest = Request::create($this->errorPage); $subRequest->attributes->set(SecurityContext::ACCESS_DENIED_ERROR, $exception->getMessage()); try { $response = $event->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { if (null !== $this->logger) { $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); } $event->setParameter('exception', new \RuntimeException('Exception thrown when handling an exception.', 0, $e)); return; } $response->setStatusCode(403); } } else { return; } $event->setReturnValue($response); return true; }
/** * Performs the logout if requested * * @param Event $event An Event instance */ public function handle(Event $event) { $request = $event->get('request'); if ($this->logoutPath !== $request->getPathInfo()) { return; } $response = new Response(); $response->setRedirect(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302); $token = $this->securityContext->getToken(); foreach ($this->handlers as $handler) { $handler->logout($request, $response, $token); } $this->securityContext->setToken(null); $event->setReturnValue($response); return true; }
public function handle(Event $event) { static $handling; if (true === $handling) { return false; } $handling = true; $exception = $event->get('exception'); $request = $event->get('request'); if (null !== $this->logger) { $this->logger->err(sprintf('%s: %s (uncaught exception)', get_class($exception), $exception->getMessage())); } else { error_log(sprintf('Uncaught PHP Exception %s: "%s" at %s line %s', get_class($exception), $exception->getMessage(), $exception->getFile(), $exception->getLine())); } $logger = null !== $this->logger ? $this->logger->getDebugLogger() : null; $attributes = array('_controller' => $this->controller, 'exception' => FlattenException::create($exception), 'logger' => $logger, 'format' => 0 === strncasecmp(PHP_SAPI, 'cli', 3) ? 'txt' : $request->getRequestFormat()); $request = $request->duplicate(null, null, $attributes); try { $response = $event->getSubject()->handle($request, HttpKernelInterface::SUB_REQUEST, true); } catch (\Exception $e) { $message = sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage()); if (null !== $this->logger) { $this->logger->err($message); } else { error_log($message); } throw $exception; } $event->setReturnValue($response); $handling = false; return true; }