public function authorize() { try { $this->accessToken = $this->helper->getAccessToken(); } catch (FacebookResponseException $e) { // When Graph returns an error throw new FacebookAuthenticationException('Graph returned an error: ' . $e->getMessage()); } catch (FacebookSDKException $e) { // When validation fails or other local issues throw new FacebookAuthenticationException('Facebook SDK returned an error: ' . $e->getMessage()); } if (!$this->accessToken) { throw new FacebookAuthenticationException('Access token not received. ' . $this->helper->getError(), $this->helper->getErrorCode()); } try { // Returns a `Facebook\FacebookResponse` object $response = $this->facebook->get('/me?fields=id,name', $this->accessToken); } catch (FacebookResponseException $e) { throw new FacebookAuthenticationException('Graph returned an error: ' . $e->getMessage()); } catch (FacebookSDKException $e) { throw new FacebookAuthenticationException('Facebook SDK returned an error: ' . $e->getMessage()); } $fbUser = $response->getGraphUser(); if (!($user = $this->doctrine->getRepository('QuizBundle:User')->findOneBySocialId($fbUser['id']))) { $user = (new Entity\User())->setAccessToken($this->accessToken)->setSocialType(Entity\User::FACEBOOK)->setSocialId($fbUser['id'])->setName($fbUser['name']); $manager = $this->doctrine->getManager(); $manager->persist($user); $manager->flush(); } $token = new SocialToken($user, $this->accessToken, 'facebook', [$this->adminId == $fbUser['id'] ? 'ROLE_ADMIN' : 'ROLE_USER']); $this->tokenStorage->setToken($token); }
public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $wsseRegex = '/UsernameToken Username="******"]+)", PasswordDigest="([^"]+)", Nonce="([^"]+)", Created="([^"]+)"/'; if (!$request->headers->has('x-wsse') || 1 !== preg_match($wsseRegex, $request->headers->get('x-wsse'), $matches)) { $response = new Response(); $response->setStatusCode(403); $response->setContent('Invalid or missing WSSE.'); $event->setResponse($response); return; } $token = new WsseUserToken(); $token->setUser($matches[1]); $token->digest = $matches[2]; $token->nonce = $matches[3]; $token->created = $matches[4]; try { $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); } catch (AuthenticationException $failed) { $response = new Response(); $response->setStatusCode(403); $response->getContent($failed->getMessage()); $event->setResponse($response); } }
public function testGetSetToken() { $tokenStorage = new TokenStorage(); $this->assertNull($tokenStorage->getToken()); $token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface'); $tokenStorage->setToken($token); $this->assertSame($token, $tokenStorage->getToken()); }
/** * @param Request $request * @param User $user * @param string $password * @param boolean $oAuth * @return boolean */ public function forceSignIn(Request $request, User $user, $password, $oAuth = false) { if ($oAuth === false) { $password = $this->encoderFactory->getEncoder($user)->encodePassword($password, $user->getSalt()); } else { $password = $user->getPassword(); } if ($password === $user->getPassword()) { $request->request->set('_remember_me', true); $token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles()); $this->tokenStorage->setToken($token); $event = new InteractiveLoginEvent($request, $token); $this->eventDispatcher->dispatch("security.interactive_login", $event); return true; } else { return false; } }
private function loginUser($user, $request) { //this is bad but I don't know any other way (yet) $providerKey = 'main'; $token = new UsernamePasswordToken($user, $user->getPassword(), $providerKey, $user->getRoles()); $this->tokenStorage->setToken($token); //a bit hacky I know ~ return $this->authenticationHandler->onAuthenticationSuccess($request, $token); }
public function testIntegrationNoUser() { $token = $this->getMock(TokenInterface::class); $tokenStorage = new TokenStorage(); $tokenStorage->setToken($token); $argumentResolver = new ArgumentResolver(null, array(new SecurityUserValueResolver($tokenStorage), new DefaultValueResolver())); $this->assertSame(array(null), $argumentResolver->getArguments(Request::create('/'), function (UserInterface $user = null) { })); }
/** * Refresh organization context in token * * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { $token = $this->tokenStorage->getToken(); if ($token instanceof OrganizationContextTokenInterface) { try { $token->setOrganizationContext($this->manager->getOrganizationById($token->getOrganizationContext()->getId())); if (!$token->getUser()->getOrganizations(true)->contains($token->getOrganizationContext())) { $exception = new OrganizationAccessDeniedException(); $exception->setOrganizationName($token->getOrganizationContext()->getName()); $exception->setToken($token); $event->getRequest()->getSession()->set(Security::AUTHENTICATION_ERROR, $exception); $this->tokenStorage->setToken(null); throw $exception; } } catch (NoResultException $e) { $token->setAuthenticated(false); } } }
/** * @param Request $request * @param Response $response * @return Response */ public function logout(Request $request, Response $response) { $this->tokenStorage->setToken(null); $request->getSession()->invalidate(); $cookieNames = [$this->cookieRememberMeName]; foreach ($cookieNames as $cookieName) { $response->headers->clearCookie($cookieName); } return $response; }
public function testShouldReturnDateInGoodFormat() { $session = new Session(new MockArraySessionStorage()); $user = new User(); $user->setUsername('kristen'); $tokenStorage = new TokenStorage(); $tokenStorage->setToken(new UsernamePasswordToken($user, 'test', 'fritage', array('ROLE_USER'))); $namer = new FinorthoNamer($tokenStorage, $session); $date = $namer->weekDate(5); $carbon = Carbon::createFromFormat('ymd', $date); $this->assertFalse($carbon->isWeekend()); }
/** @dataProvider provideRoles */ public function testCollectAuthenticationTokenAndRoles(array $roles, array $normalizedRoles) { $tokenStorage = new TokenStorage(); $tokenStorage->setToken(new UsernamePasswordToken('hhamon', 'P4$$w0rD', 'provider', $roles)); $collector = new SecurityDataCollector($tokenStorage); $collector->collect($this->getRequest(), $this->getResponse()); $this->assertTrue($collector->isEnabled()); $this->assertTrue($collector->isAuthenticated()); $this->assertSame('Symfony\\Component\\Security\\Core\\Authentication\\Token\\UsernamePasswordToken', $collector->getTokenClass()); $this->assertSame($normalizedRoles, $collector->getRoles()); $this->assertSame('hhamon', $collector->getUser()); }
public function testTokenAwareAuthorizationCheckerAndDrupalPermissionVoter() { // We are in Drupal, user with uid 1 can access everything $superUser = new User(); $superUser->uid = 1; $superUser->roles = [1 => 1]; $superToken = new UserToken(); $superToken->setUser(new DrupalUser($superUser)); // And anonymous pretty much nothing $dumbUser = new User(); $dumbUser->uid = 0; $dumbUser->roles = [0 => 0]; $dumbToken = new UserToken(); $dumbToken->setUser(new DrupalUser($dumbUser)); // We are working in a fully bootstrapped Drupal, in theory // the permission voter is setup, we can send isGranted() calls // using permission names: sending a non existing permission // will always return false for any user, but always true for // the user with uid 1 (Drupal core default behavior) $permission = 'a drupal permission that does not exists'; $tokenStorage = new TokenStorage(); $authenticationManager = new SecurityNullAuthenticationManager(); $accessDecisionManager = new AccessDecisionManager([new DrupalPermissionVoter()]); $defaultAuthorizationChecker = new AuthorizationChecker($tokenStorage, $authenticationManager, $accessDecisionManager); $tokenAwareAuthorizationChecker = new TokenAwareAuthorizationChecker($defaultAuthorizationChecker, $accessDecisionManager); // First check results for the current user (should not be allowed) // Then the super user (should be allowed) $tokenStorage->setToken($superToken); $this->assertTrue($defaultAuthorizationChecker->isGranted($permission, null)); $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null)); $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null, $superUser)); $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null, $dumbUser)); // And do the exact opposite $tokenStorage->setToken($dumbToken); $this->assertFalse($defaultAuthorizationChecker->isGranted($permission, null)); $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null)); $this->assertTrue($tokenAwareAuthorizationChecker->isGranted($permission, null, $superUser)); $this->assertFalse($tokenAwareAuthorizationChecker->isGranted($permission, null, $dumbUser)); }
public function testShloudGiveBackAnArray() { $user = new User(); $user->setUsername('kristen'); $tokenStorage = new TokenStorage(); $tokenStorage->setToken(new UsernamePasswordToken($user, 'test', 'fritage', array('ROLE_USER'))); $repository = $this->getMockBuilder('\\Doctrine\\ORM\\EntityRepository')->disableOriginalConstructor()->getMock(); $repository->expects($this->once())->method('findBy')->will($this->returnValue(array(array('id' => 1, 'url' => 'test', 'name' => 'ect..')))); // Last, mock the EntityManager to return the mock of the repository $entityManager = $this->getMockBuilder('\\Doctrine\\Common\\Persistence\\ObjectManager')->disableOriginalConstructor()->getMock(); $entityManager->expects($this->any())->method('getRepository')->willReturn($repository); $last = new LastUploads($entityManager, $tokenStorage); $this->assertTrue(is_array($last->get())); }
public function loadUserByOAuthUserResponse(UserResponseInterface $response) { $socialID = $response->getUsername(); /** @var User $user */ $user = $this->userManager->loadUser(['facebookId' => $socialID]); $update = true; $email = $response->getEmail(); //check if the user already has the corresponding social account if (null === $user) { //check if the user has a normal account $user = $this->userManager->loadUser($email, 'email'); if (null === $user || !$user instanceof UserInterface) { //if the user does not have a normal account, set it up: /** @var User $user */ $name = $response->getNickname() ?? $response->getRealName(); $user = $this->userManager->createUser($name, md5(uniqid()), $response->getEmail(), ['ROLE_OAUTH_USER']); $user->setEmail($email); $user->setFullName($name); $user->setEnabled(true); $violations = $this->validator->validate($user); $update = !$violations->count() === 0; if ($violations->count() === 0) { $this->session->getFlashBag()->add('warning', 'Welcome! You must complete your profile in order to use the features on the site.'); } else { throw new CustomUserMessageAuthenticationException('An account in your name already exists.'); } } if ($update) { //then set its corresponding social id $service = $response->getResourceOwner()->getName(); switch ($service) { case 'google': $user->setGoogleID($socialID); break; case 'facebook': $user->setFacebookID($socialID); break; } $this->userManager->updateUser($user); } } else { //and then login the user $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles()); $this->tokenStorage->setToken($token); } $user->setLastLoggedIn(new \DateTime()); $this->userManager->updateUser($user); return $user; }
public function testOrderAtInternalLink() { $this->tokenStorage->setToken($this->createUserTokenWithId(17)); $data = $this->prepareOrderAtData(); $this->documentManager->clear(); $testSiteData = ['title' => 'Test', 'nodeType' => Structure::NODE_TYPE_INTERNAL_LINK, 'url' => '/test/123', 'internal_link' => $data[0]->getUuid()]; $site = $this->mapper->save($testSiteData, 'internal_link_page', 'sulu_io', 'en', 1, true, null, $data[0]->getUuid()); $this->documentManager->clear(); $result = $this->mapper->orderAt($site->getUuid(), 3, 17, 'sulu_io', 'en'); $this->assertEquals($site->getUuid(), $result->getUuid()); $this->assertEquals('/page-1/test', $result->getPath()); $this->assertEquals(17, $result->getChanger()); $this->documentManager->clear(); $result = $this->documentManager->find($site->getUuid(), 'en'); $this->assertEquals(30, $result->getSuluOrder()); $this->assertEquals(RedirectType::INTERNAL, $result->getRedirectType()); $result = $this->mapper->loadByParent($data[0]->getUuid(), 'sulu_io', 'en'); $this->assertEquals('/page-1/page-1-1', $result[0]->getPath()); $this->assertEquals('/page-1/page-1-2', $result[1]->getPath()); $this->assertEquals('/page-1/test', $result[2]->getPath()); $this->assertEquals('/page-1/page-1-3', $result[3]->getPath()); $this->assertEquals('/page-1/page-1-4', $result[4]->getPath()); }
/** * @param UserInterface $user */ public function loginUser(AbstractUser $user) { $token = new UsernamePasswordToken($user, null, "main", $user->getRoles()); $this->tokenStorage->setToken($token); }
protected function runSessionOnKernelResponse($newToken, $original = null) { $session = new Session(new MockArraySessionStorage()); if ($original !== null) { $session->set('_security_session', $original); } $tokenStorage = new TokenStorage(); $tokenStorage->setToken($newToken); $request = new Request(); $request->setSession($session); $request->cookies->set('MOCKSESSID', true); $event = new FilterResponseEvent($this->getMock('Symfony\\Component\\HttpKernel\\HttpKernelInterface'), $request, HttpKernelInterface::MASTER_REQUEST, new Response()); $listener = new ContextListener($tokenStorage, array(), 'session', null, new EventDispatcher()); $listener->onKernelResponse($event); return $session; }
/** * Tests that the username is added. */ public function testUsername() { $token = $this->getMock('Contao\\CoreBundle\\Security\\Authentication\\ContaoToken', [], [], '', false); $token->expects($this->any())->method('getUsername')->willReturn('k.jones'); $tokenStorage = new TokenStorage(); $tokenStorage->setToken($token); $processor = $this->createContaoTableProcessor(null, $tokenStorage); /** @var ContaoContext $context */ $context = $processor(['context' => ['contao' => new ContaoContext(__METHOD__, null, 'foobar')]])['extra']['contao']; $this->assertEquals('foobar', $context->getUsername()); /** @var ContaoContext $context */ $context = $processor(['context' => ['contao' => new ContaoContext(__METHOD__)]])['extra']['contao']; $this->assertEquals('k.jones', $context->getUsername()); $tokenStorage->setToken(null); /** @var ContaoContext $context */ $context = $processor(['context' => ['contao' => new ContaoContext(__METHOD__)]])['extra']['contao']; $this->assertEquals('N/A', $context->getUsername()); }
protected function createSecurityTokenStorage() { $tokenStorage = new TokenStorage(); $tokenStorage->setToken($token = $this->getMock(TokenInterface::class)); $token->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true)); return $tokenStorage; }
/** * Log the user * * @param User $user * @return UsernamePasswordToken */ public function loginUser(User $user) { $token = new UsernamePasswordToken($user, $user->getPassword(), "main", $user->getRoles()); $this->tokenStorage->setToken($token); return $token; }
/** * Switches the security context to the given organization * @todo: Should be deleted after email sync process will be refactored */ protected function impersonateOrganization(Organization $organization = null) { if ($this->currentToken === null && $organization) { $this->tokenStorage->setToken(new OrganizationToken($organization)); } }