/**
* Adds a new User to the provider.
*
* @param AccountInterface $user A AccountInterface instance
*/
public function createUser(AccountInterface $user)
{
if (isset($this->users[strtolower($user->getUsername())])) {
throw new \LogicException('Another user with the same username already exist.');
}
$this->users[strtolower($user->getUsername())] = $user;
}
/**
* @return ServerGrove\SGLiveChatBundle\Document\Operator
*/
public function loadUserByAccount(AccountInterface $user)
{
if ($user instanceof Operator) {
return $user;
}
return $this->loadUserByUsername($user->getUsername());
}
/**
* Constructor.
*
* @param string $username
* @param string $key
*/
public function __construct(AccountInterface $user, $providerKey, $key)
{
parent::__construct($user->getRoles());
if (empty($key)) {
throw new \InvalidArgumentException('$key must not be empty.');
}
if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.');
}
$this->setUser($user);
$this->providerKey = $providerKey;
$this->key = $key;
$this->setAuthenticated(true);
}
/**
* {@inheritdoc}
*/
public function checkPostAuth(AccountInterface $account)
{
if (!$account instanceof AdvancedAccountInterface) {
return;
}
if (!$account->isAccountNonLocked()) {
throw new LockedException('User account is locked.', $account);
}
if (!$account->isEnabled()) {
throw new DisabledException('User account is disabled.', $account);
}
if (!$account->isAccountNonExpired()) {
throw new AccountExpiredException('User account has expired.', $account);
}
}
/**
* {@inheritdoc}
*/
protected function checkAuthentication(AccountInterface $account, UsernamePasswordToken $token)
{
$user = $token->getUser();
if ($user instanceof AccountInterface) {
if ($account->getPassword() !== $user->getPassword()) {
throw new BadCredentialsException('The credentials were changed from another session.');
}
} else {
if (!($presentedPassword = (string) $token->getCredentials())) {
throw new BadCredentialsException('Bad credentials');
}
if (!$this->encoderFactory->getEncoder($account)->isPasswordValid($account->getPassword(), $presentedPassword, $account->getSalt())) {
throw new BadCredentialsException('Bad credentials');
}
}
}
/**
* Implementation of AccountInterface.
*
* @param AccountInterface $account
* @return boolean
*/
public function equals(AccountInterface $account)
{
if (!$account instanceof User) {
return false;
}
if ($this->password !== $account->getPassword()) {
return false;
}
if ($this->getSalt() !== $account->getSalt()) {
return false;
}
if ($this->usernameCanonical !== $account->getUsernameCanonical()) {
return false;
}
if ($this->isAccountNonExpired() !== $account->isAccountNonExpired()) {
return false;
}
if (!$this->locked !== $account->isAccountNonLocked()) {
return false;
}
if ($this->isCredentialsNonExpired() !== $account->isCredentialsNonExpired()) {
return false;
}
if ($this->enabled !== $account->isEnabled()) {
return false;
}
return true;
}
/**
* Finds a user by account
*
* It is strongly discouraged to use this method manually as it bypasses
* all ACL checks.
*
* @param AccountInterface $user
* @return User
*/
public function loadUserByAccount(AccountInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedAccountException('Account is not supported.');
}
return $this->loadUserByUsername($user->getUsername());
}
/**
* @param AccountInterface $account
* @return boolean
*/
public function equals(AccountInterface $account)
{
return $account instanceof Operator && $account->getId() == $this->getId();
}
/**
* Creates a user security identity from an AccountInterface
*
* @param AccountInterface $user
* @return UserSecurityIdentity
*/
public static function fromAccount(AccountInterface $user)
{
return new self($user->getUsername(), get_class($user));
}