Cadoles
/
hydra-sql
21
0
Fork 0
Code Issues 4 Pull Requests 1 Projects Releases Wiki Activity

chore (authenticator) #43 : fix isset variable
Cadoles/hydra-sql/pipeline/pr-develop There was a failure building this commit Details

This commit is contained in:
Rudy Masson 2024-10-09 11:57:10 +02:00
parent f378751f7a
commit 0903151f27
1 changed files with 8 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/Security/SQLLoginUserAuthenticator.php
View File

@ -11,7 +11,6 @@ use App\SQLLogin\Exception\InvalidSQLPasswordException;
use App\SQLLogin\Exception\LoginElementsConfigurationException; use App\SQLLogin\Exception\LoginElementsConfigurationException;
use App\SQLLogin\Exception\SecurityPatternConfigurationException; use App\SQLLogin\Exception\SecurityPatternConfigurationException;
use App\SQLLogin\SQLLoginRequest; use App\SQLLogin\SQLLoginRequest;
use Exception;
use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@ -33,15 +32,12 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
public const ERROR_SECURITY_PATTERN_CONFIGURATION = 'error_security_pattern_configuration'; public const ERROR_SECURITY_PATTERN_CONFIGURATION = 'error_security_pattern_configuration';
private string $baseUrl; private string $baseUrl;
private SQLLoginService $sqlLoginService;
private PasswordEncoder $passwordHasher;
private SQLLoginRequest $sqlLoginRequest;
public function __construct( public function __construct(
string $baseUrl, string $baseUrl,
SQLLoginService $sqlLoginService, private SQLLoginService $sqlLoginService,
PasswordEncoder $passwordHasher, private PasswordEncoder $passwordHasher,
SQLLoginRequest $sqlLoginRequest private SQLLoginRequest $sqlLoginRequest
) { ) {
$this->baseUrl = $baseUrl; $this->baseUrl = $baseUrl;
$this->sqlLoginService = $sqlLoginService; $this->sqlLoginService = $sqlLoginService;
@ -82,8 +78,11 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
$datas = $this->sqlLoginService->fetchPasswordAndDatas($login); $datas = $this->sqlLoginService->fetchPasswordAndDatas($login);
$remoteHashedPassword = $datas[$this->sqlLoginRequest->getPasswordColumnName()]; $remoteHashedPassword = $datas[$this->sqlLoginRequest->getPasswordColumnName()];
unset($datas[$this->sqlLoginRequest->getPasswordColumnName()]); unset($datas[$this->sqlLoginRequest->getPasswordColumnName()]);
$remoteSalt = null;
if ($this->sqlLoginRequest->getSaltColumnName() && isset($datas[$this->sqlLoginRequest->getSaltColumnName()])) {
$remoteSalt = $datas[$this->sqlLoginRequest->getSaltColumnName()]; $remoteSalt = $datas[$this->sqlLoginRequest->getSaltColumnName()];
unset($datas[$this->sqlLoginRequest->getSaltColumnName()]); unset($datas[$this->sqlLoginRequest->getSaltColumnName()]);
}
} catch (DatabaseConnectionException $e) { } catch (DatabaseConnectionException $e) {
$session->set(self::ERROR_PDO, true); $session->set(self::ERROR_PDO, true);
throw new AuthenticationException(); throw new AuthenticationException();
@ -93,20 +92,15 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
} catch (DataToFetchConfigurationException $e) { } catch (DataToFetchConfigurationException $e) {
$session->set(self::ERROR_DATA_TO_FETCH_CONFIGURATION, true); $session->set(self::ERROR_DATA_TO_FETCH_CONFIGURATION, true);
throw new AuthenticationException(); throw new AuthenticationException();
} catch (Exception $exception) {
$request->getSession()->set(self::ERROR_LOGIN, true);
throw new AuthenticationException();
} }
if (null === $remoteHashedPassword) { if (null === $remoteHashedPassword) {
$remoteHashedPassword = ''; $remoteHashedPassword = '';
} }
try { try {
// Comparaison remote hash et hash du input password + salt // Comparaison remote hash et hash du input password + salt
$this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt); $this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt);
$user = new User($login, $remoteHashedPassword, $datas, $rememberMe); $user = new User($login, $remoteHashedPassword, $datas, $rememberMe);
$loader = function (string $userIdentifier) use ($user) { $loader = function (string $userIdentifier) use ($user) {
return $user->getLogin() == $userIdentifier ? $user : null; return $user->getLogin() == $userIdentifier ? $user : null;
}; };
@ -120,12 +114,6 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator
} catch (InvalidSQLPasswordException $e) { } catch (InvalidSQLPasswordException $e) {
$session->set(self::ERROR_LOGIN, true); $session->set(self::ERROR_LOGIN, true);
throw new AuthenticationException(); throw new AuthenticationException();
} catch (DataToFetchConfigurationException $e) {
$session->set(self::ERROR_DATA_TO_FETCH_CONFIGURATION, true);
throw new AuthenticationException();
} catch (DatabaseConnectionException $e) {
$session->set(self::ERROR_PDO, true);
throw new AuthenticationException();
} catch (SecurityPatternConfigurationException $e) { } catch (SecurityPatternConfigurationException $e) {
$session->set(self::ERROR_SECURITY_PATTERN_CONFIGURATION, true); $session->set(self::ERROR_SECURITY_PATTERN_CONFIGURATION, true);
throw new AuthenticationException(); throw new AuthenticationException();