/** * Attempts to authenticate a GrantToken * * @param GrantToken $token * * @return GrantToken * * @throws AuthenticationException */ public function authenticate(TokenInterface $token) { $credentials = $token->getCredentials(); $clientId = $credentials['client_id']; /** @var ClientInterface $client */ $client = $this->clientRepository->find($clientId); // Verify client id if (!$client) { throw new AuthenticationException("Client with id {$clientId} does not exist"); } // Verify client secret $clientSecret = $credentials['client_secret']; if (!$client->getSecret() === $clientSecret) { throw new AuthenticationException("Invalid client secret"); } // Verify grant type if (!in_array($token->getGrantType(), $client->getAllowedGrantTypes())) { throw new AuthenticationException("Grant type not allowed"); } if ($client->getUser() === null) { throw new AuthenticationException("Client is not associated with any user"); } $token->setUser($client->getUser()); $token->setClient($client); return $token; }
/** * Attempts to authenticate a GrantToken * * @param GrantToken $token * * @return GrantToken * * @throws AuthenticationException */ public function authenticate(TokenInterface $token) { $credentials = $token->getCredentials(); $clientId = $credentials['client_id']; /** @var ClientInterface $client */ $client = $this->clientRepository->find($clientId); // Verify client id if (!$client) { throw new AuthenticationException("Client with id {$clientId} does not exist"); } // Verify client secret $clientSecret = $credentials['client_secret']; if (!$client->getSecret() === $clientSecret) { throw new AuthenticationException("Invalid client secret"); } // Verify grant type if (!in_array($token->getGrantType(), $client->getAllowedGrantTypes())) { throw new AuthenticationException("Grant type not allowed"); } // Verify refresh_token $refreshToken = $this->refreshTokenRepository->findOneBy(["token" => $credentials['refresh_token'], "client" => $client]); if ($refreshToken === null) { throw new AuthenticationException("Invalid token"); } // Verify expiry date if ($refreshToken->isExpired()) { throw new AuthenticationException("Token has expired"); } $user = $refreshToken->getUser(); $token->setUser($user); $token->setClient($client); return $token; }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getCredentials()); if ($user) { $token->setUser($user); return $token; } throw new AuthenticationException('Unable to get user for this token'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); die("XXX"); if ($user && $this->validateLdapUser($user)) { $token->setUser($user); return $token; } throw new AuthenticationException('The LDAP authentication failed.'); }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserByUsername($token->getUsername()); if (empty($user) || $user->checkToken($token->token) === false) { throw new AuthenticationException('Token authentication failed.'); } $token->setAuthenticated(true); $token->setUser($user); return $token; }
public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey) { $accessToken = $token->getCredentials(); try { $user = $userProvider->loadUserByUsername($accessToken); } catch (UsernameNotFoundException $e) { throw new UnauthorizedApiException($e->getMessage()); } $token->setUser($user); return $token; }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @return TokenInterface An authenticated TokenInterface instance, never null * * @throws AuthenticationException if the authentication fails */ public function authenticate(TokenInterface $token) { if (!$token instanceof JWTToken) { throw new AuthenticationException(sprintf('%s works only for JWTToken', __CLASS__)); } if (!$token->getCredentials()) { throw new AuthenticationException('JWTToken must contain a token in order to authenticate.'); } $decodedToken = $this->JWTDecoder->decode($token->getCredentials()); $user = $this->userConverter->buildUserFromToken($decodedToken); $token->setUser($user); return $token; }
public function authenticate(TokenInterface $token) { $this->service_container->get($this->wordpress_loader_id)->load(); $user = wp_get_current_user(); if (isset($user->data) && isset($user->data->user_nicename)) { $token->setUser($user->data->user_email); $token->setAuthenticated(true); //$token->setRoles(array()); } else { $token->setRedirectUrl($this->redirect_url); } return $token; }
/** * Attempts to authenticate a GrantToken * * @param OAuthToken $token * * @return OAuthToken * * @throws AuthenticationException */ public function authenticate(TokenInterface $token) { $tokenValue = $token->getCredentials(); $accessToken = $this->accessTokenRepository->findOneBy(["token" => $tokenValue]); if ($accessToken === null) { throw new AuthenticationException("Invalid access token"); } if ($accessToken->isExpired()) { throw new AuthenticationException("Access token has expired"); } $user = $accessToken->getUser(); $token->setUser($user); return $token; }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @return TokenInterface An authenticated TokenInterface instance, never null * * @throws AuthenticationException if the authentication fails */ public function authenticate(TokenInterface $token) { /** @var SignedTokenInterface $token */ $user = $this->userProvider->loadUserByUsername($token->getUsername()); $signData = $this->getAuthSignData($token->getRequest()); $signData[] = $user->{$this->config['secret_getter']}(); $expectedSignature = hash($this->config['hash_alg'], implode($this->config['data_delimiter'], $signData)); if ($token->getSignature() == $expectedSignature) { $token->setUser($user); return $token; } $this->logger->critical(sprintf('Invalid auth signature. Expect "%s", got "%s"', $expectedSignature, $token->getSignature()), ['signData' => $signData]); throw new AuthenticationException("Invalid auth signature " . $token->getSignature()); }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @return TokenInterface An authenticated TokenInterface instance, never null * * @throws AuthenticationException if the authentication fails */ public function authenticate(TokenInterface $token) { if ($token instanceof JWTToken) { $userName = $token->getTokenContext()->name; } else { $userName = $token->getUsername(); } $user = $this->userProvider->loadUserByUsername($userName); if (null != $user) { $token->setUser($user); return $token; } throw new AuthenticationException('JWT auth failed'); }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @throws AuthenticationException if the authentication fails * @return TokenInterface An authenticated TokenInterface instance, never null * */ public function authenticate(TokenInterface $token) { if (!$token instanceof JWTToken) { throw new AuthenticationException(sprintf('%s works only for JWTToken', __CLASS__)); } if (!$token->getCredentials()) { throw new AuthenticationException('JWTToken must contain a token in order to authenticate.'); } try { $user = $this->userBuilder->buildUserFromToken($token->getCredentials()); } catch (JWTDecodeUnexpectedValueException $e) { throw new AuthenticationException('Failed to decode the JWT'); } $token->setUser($user); return $token; }
/** * Attempts to authenticate a TokenInterface object. * * @param TokenInterface $token The TokenInterface instance to authenticate * * @return TokenInterface An authenticated TokenInterface instance, never null * * @throws AuthenticationException if the authentication fails */ public function authenticate(TokenInterface $token) { $params = $token->getRequestParameters(); if (!empty($params['ask_response']) && $params['ask_response'] == 'give_response') { $response = new Response(); $response->setContent('mockedResponseWithAskResponseParameter'); return $response; } if ($params['oauth_token'] == 'nnch734d00sl2jdk') { $user = new UserMock('123456789', 'testUser', '*****@*****.**'); $token->setUser($user); return $token; } else { throw new AuthenticationException('OAuth authentication failed'); } }
/** * @param mixed $user * @param TokenInterface $token * @throws \InvalidArgumentException */ protected function setUser($user, TokenInterface $token) { if (!$user) { return; } $userId = filter_var($user, FILTER_VALIDATE_INT); if ($userId) { $userEntity = $this->registry->getRepository('OroUserBundle:User')->find($userId); } else { $userEntity = $this->userManager->findUserByUsernameOrEmail($user); } if ($userEntity) { $token->setUser($userEntity); } else { throw new \InvalidArgumentException(sprintf('Can\'t find user with identifier %s', $user)); } }
/** * Attempts to authenticate a GrantToken * * @param GrantToken $token * * @return GrantToken * * @throws AuthenticationException */ public function authenticate(TokenInterface $token) { $credentials = $token->getCredentials(); $clientId = $credentials['client_id']; /** @var ClientInterface $client */ $client = $this->clientRepository->find($clientId); // Verify client id if (!$client) { throw new AuthenticationException("Client with id {$clientId} does not exist"); } // Verify client secret $clientSecret = $credentials['client_secret']; if (!$client->getSecret() === $clientSecret) { throw new AuthenticationException("Invalid client secret"); } // Verify grant type if (!in_array($token->getGrantType(), $client->getAllowedGrantTypes())) { throw new AuthenticationException("Grant type not allowed"); } // Verify redirect uri $redirectUri = $credentials['redirect_uri']; if (!in_array($redirectUri, $client->getRedirectUris())) { throw new AuthenticationException("Invalid redirect uri"); } // Verify authorization code $code = $credentials['code']; $authorizationCode = $this->authorizationCodeRepository->findOneBy(["code" => $code, "client" => $client]); if ($authorizationCode === null) { throw new AuthenticationException("Invalid code"); } // Verify that redirect uri's match if ($authorizationCode->getRedirectUri() !== $redirectUri) { throw new AuthenticationException("Redirect uri does not match redirect uri from previous request"); } // Verify expiry date if ($authorizationCode->isExpired()) { throw new AuthenticationException("Code has expired"); } $user = $authorizationCode->getUser(); $token->setUser($user); $token->setClient($client); return $token; }
/** * @param OnClearEventArgs $event * @param TokenInterface $token */ protected function checkUser(OnClearEventArgs $event, TokenInterface $token) { $user = $token->getUser(); if (!is_object($user)) { return; } $userClass = ClassUtils::getClass($user); if ($event->getEntityClass() && $event->getEntityClass() !== $userClass) { return; } $em = $event->getEntityManager(); if ($em !== $this->doctrine->getManagerForClass($userClass)) { return; } $user = $this->refreshEntity($user, $userClass, $em); if ($user) { $token->setUser($user); } else { $this->securityTokenStorage->setToken(null); } }
public function authenticate(TokenInterface $token) { $user = $this->userProvider->loadUserById($token->getUserId()); if ($user && $token instanceof UserToken) { $token->setUser($user); global $_G; $em = \Dev::getDoctrine()->getManager(); $user->setupDiscuzRoles($em, $_G); return $token; } if (\Dev::getContainer()->getParameter('kernel.debug')) { throw new AuthenticationException('The app authentication failed.'); } else { if (\Dev::getContainer()->getParameter('debug_redirects')) { \Dev::dump('The app authentication failed.'); exit; } $host = \Dev::getContainer()->getParameter('sf.web_host'); header('location:' . $host); exit; } }
/** * Refreshes the user by reloading it from the user provider * * @param TokenInterface $token * * @return TokenInterface|null */ private function refreshUser(TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof UserInterface) { return $token; } if (null !== $this->logger) { $this->logger->debug(sprintf('Reloading user from user provider.')); } foreach ($this->userProviders as $provider) { try { $token->setUser($provider->loadUser($user)); if (null !== $this->logger) { $this->logger->debug(sprintf('Username "%s" was reloaded from user provider.', $user->getUsername())); } return $token; } catch (UnsupportedUserException $unsupported) { // let's try the next user provider } catch (UsernameNotFoundException $notFound) { if (null !== $this->logger) { $this->logger->debug(sprintf('Username "%s" could not be found.', $user->getUsername())); } return null; } } throw new \RuntimeException(sprintf('There is no user provider for user "%s".', get_class($user))); }
public function setUser($user) { $this->innerToken->setUser($user); }
/** * Refreshes the user by reloading it from the user provider. * This method was copied from Symfony\Component\Security\Http\Firewall\ContextListener. * * @param TokenInterface $token * * @return TokenInterface|null * * @throws \RuntimeException */ protected function refreshUser(TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof UserInterface) { return; } $refreshedUser = $this->userProvider->refreshUser($user); $token->setUser($refreshedUser); return $token; }
/** * Refreshes the user by reloading it from the user provider. * * @param TokenInterface $token * * @return TokenInterface|null * * @throws \RuntimeException */ protected function refreshUser(TokenInterface $token) { $user = $token->getUser(); if (!$user instanceof UserInterface) { return $token; } foreach ($this->userProviders as $provider) { try { $refreshedUser = $provider->refreshUser($user); $token->setUser($refreshedUser); if (null !== $this->logger) { $this->logger->debug('User was reloaded from a user provider.', array('username' => $refreshedUser->getUsername(), 'provider' => get_class($provider))); } return $token; } catch (UnsupportedUserException $e) { // let's try the next user provider } catch (UsernameNotFoundException $e) { if (null !== $this->logger) { $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $e->getUsername(), 'provider' => get_class($provider))); } return; } } throw new \RuntimeException(sprintf('There is no user provider for user "%s".', get_class($user))); }