diff --git a/src/Controller/SecurityController.php b/src/Controller/SecurityController.php index b65615e..0aeb305 100644 --- a/src/Controller/SecurityController.php +++ b/src/Controller/SecurityController.php @@ -32,17 +32,9 @@ class SecurityController extends AbstractController $loginForm->addError(new FormError($trans->trans('error.login', [], 'messages'))); $request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_LOGIN); } - if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_CONFIGURATION)) { - $loginForm->addError(new FormError($trans->trans('error.configuration', [], 'messages'))); - $request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_CONFIGURATION); - } - if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_DATA_TO_FETCH_CONFIGURATION)) { - $loginForm->addError(new FormError($trans->trans('error.data_to_fetch_configuration', [], 'messages'))); - $request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_DATA_TO_FETCH_CONFIGURATION); - } - if ($request->getSession()->has(SQLLoginUserAuthenticator::ERROR_SECURITY_PATTERN_CONFIGURATION)) { - $loginForm->addError(new FormError($trans->trans('error.security_pattern_configuration', [], 'messages'))); - $request->getSession()->remove(SQLLoginUserAuthenticator::ERROR_SECURITY_PATTERN_CONFIGURATION); + if ($request->getSession()->has(SQLLoginUserAuthenticator::TECHNICAL_ERROR)) { + $loginForm->addError(new FormError($trans->trans('error.technical', [], 'messages'))); + $request->getSession()->remove(SQLLoginUserAuthenticator::TECHNICAL_ERROR); } } diff --git a/src/SQLLogin/Exception/DatabaseConnectionException.php b/src/SQLLogin/Exception/DatabaseConnectionException.php deleted file mode 100644 index 770ea6b..0000000 --- a/src/SQLLogin/Exception/DatabaseConnectionException.php +++ /dev/null @@ -1,9 +0,0 @@ -securityPattern as $term) { if (self::PEPPER_PATTERN !== $term && self::PASSWORD_PATTERN !== $term && self::SALT_PATTERN !== $term) { $this->loggerInterface->critical('La configuration du security pattern est invalide, les termes autorisés sont : '.self::PASSWORD_PATTERN.', '.self::SALT_PATTERN.' et '.self::PEPPER_PATTERN); - throw new SecurityPatternConfigurationException(); + throw new SecurityPatternConfigurationException('La configuration du security pattern est invalide, les termes autorisés sont : '.self::PASSWORD_PATTERN.', '.self::SALT_PATTERN.' et '.self::PEPPER_PATTERN); } } $completedPlainPassword = ''; diff --git a/src/Security/SQLLoginUserAuthenticator.php b/src/Security/SQLLoginUserAuthenticator.php index ab9cf39..12ca181 100644 --- a/src/Security/SQLLoginUserAuthenticator.php +++ b/src/Security/SQLLoginUserAuthenticator.php @@ -10,6 +10,7 @@ use App\SQLLogin\Exception\EmptyResultException; use App\SQLLogin\Exception\InvalidSQLPasswordException; use App\SQLLogin\Exception\SecurityPatternConfigurationException; use App\SQLLogin\SQLLoginRequest; +use PDOException; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; @@ -24,11 +25,7 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator { public const LOGIN_ROUTE = 'app_login'; public const ERROR_LOGIN = 'error_login'; - public const ERROR_PDO = 'error_pdo'; - public const ERROR_SQL_LOGIN = 'error_sql_login'; - public const ERROR_CONFIGURATION = 'error_configuration'; - public const ERROR_DATA_TO_FETCH_CONFIGURATION = 'error_data_to_fetch_configuration'; - public const ERROR_SECURITY_PATTERN_CONFIGURATION = 'error_security_pattern_configuration'; + public const TECHNICAL_ERROR = 'technical_error'; private string $baseUrl; @@ -85,35 +82,36 @@ class SQLLoginUserAuthenticator extends AbstractLoginFormAuthenticator } catch (EmptyResultException $e) { $session->set(self::ERROR_LOGIN, true); throw new AuthenticationException(); - } catch (DataToFetchConfigurationException $e) { - $session->set(self::ERROR_DATA_TO_FETCH_CONFIGURATION, true); + } catch (DataToFetchConfigurationException|PDOException $e) { + \Sentry\captureException($e); + $session->set(self::TECHNICAL_ERROR, true); throw new AuthenticationException(); } - if (null === $remoteHashedPassword) { $remoteHashedPassword = ''; } try { // Comparaison remote hash et hash du input password + salt $this->passwordHasher->verify($remoteHashedPassword, $plaintextPassword, $remoteSalt); - $user = new User($login, $remoteHashedPassword, $datas, $rememberMe); - $loader = function (string $userIdentifier) use ($user) { - return $user->getLogin() == $userIdentifier ? $user : null; - }; - $passport = new SelfValidatingPassport(new UserBadge($login, $loader)); - if ($rememberMe) { - $passport->addBadge(new RememberMeBadge()); - } - $passport->setAttribute('attributes', $user->getAttributes()); - - return $passport; } catch (InvalidSQLPasswordException $e) { $session->set(self::ERROR_LOGIN, true); throw new AuthenticationException(); } catch (SecurityPatternConfigurationException $e) { - $session->set(self::ERROR_SECURITY_PATTERN_CONFIGURATION, true); + \Sentry\captureException($e); + $session->set(self::TECHNICAL_ERROR, true); throw new AuthenticationException(); } + $user = new User($login, $remoteHashedPassword, $datas, $rememberMe); + $loader = function (string $userIdentifier) use ($user) { + return $user->getLogin() == $userIdentifier ? $user : null; + }; + $passport = new SelfValidatingPassport(new UserBadge($login, $loader)); + if ($rememberMe) { + $passport->addBadge(new RememberMeBadge()); + } + $passport->setAttribute('attributes', $user->getAttributes()); + + return $passport; } protected function getLoginUrl(Request $request): string diff --git a/src/Service/SQLLoginService.php b/src/Service/SQLLoginService.php index b2501da..aeb1477 100644 --- a/src/Service/SQLLoginService.php +++ b/src/Service/SQLLoginService.php @@ -2,9 +2,7 @@ namespace App\Service; -use App\SQLLogin\Exception\DataToFetchConfigurationException; use App\SQLLogin\Exception\EmptyResultException; -use App\SQLLogin\Exception\NullDataToFetchException; use App\SQLLogin\SQLLoginConnect; use App\SQLLogin\SQLLoginRequest; use PDO; @@ -25,12 +23,8 @@ class SQLLoginService extends AbstractController public function fetchPasswordAndDatas(string $login): array { - try { - $dataRequest = $this->sqlLoginRequest->getDatasRequest(); - $datas = $this->executeRequestWithLogin($dataRequest, $login); - } catch (NullDataToFetchException $e) { - throw new DataToFetchConfigurationException($e->getMessage()); - } + $dataRequest = $this->sqlLoginRequest->getDatasRequest(); + $datas = $this->executeRequestWithLogin($dataRequest, $login); return $datas; } diff --git a/translations/messages.en.xlf b/translations/messages.en.xlf index 8617499..4d9bcad 100644 --- a/translations/messages.en.xlf +++ b/translations/messages.en.xlf @@ -9,25 +9,9 @@ error.login Incorrect login or password - - error.sql_login - Connection to database encountered a problem - - - error.pdo - Connection to database encountered a problem - - - error.configuration - Identification data references do not exist in the database - - - error.data_to_fetch_configuration - Data references to be transmitted do not exist - - - error.security_pattern_configuration - The security pattern is not allowed + + error.technical + A technical error happened, try again later diff --git a/translations/messages.fr.xlf b/translations/messages.fr.xlf index 39a5e8d..0c84774 100644 --- a/translations/messages.fr.xlf +++ b/translations/messages.fr.xlf @@ -9,25 +9,9 @@ error.login Login ou mot de passe inconnu - - error.sql_login - La connexion à la base de données a rencontré un problème - - - error.pdo - La connexion à la base de données a rencontré un problème - - - error.configuration - Les références de données d'identification n'existent pas dans la base de données - - - error.data_to_fetch_configuration - Les références de données à transmettre n'existent pas - - - error.security_pattern_configuration - Le patron de sécurité n'est pas autorisé + + error.technical + Une erreur technique s'est produite, rééssayez plus tard