login consent app sql
This commit is contained in:
75
vendor/symfony/security-core/Authentication/RememberMe/CacheTokenVerifier.php
vendored
Normal file
75
vendor/symfony/security-core/Authentication/RememberMe/CacheTokenVerifier.php
vendored
Normal file
@ -0,0 +1,75 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
use Psr\Cache\CacheItemPoolInterface;
|
||||
|
||||
/**
|
||||
* @author Jordi Boggiano <j.boggiano@seld.be>
|
||||
*/
|
||||
class CacheTokenVerifier implements TokenVerifierInterface
|
||||
{
|
||||
private $cache;
|
||||
private $outdatedTokenTtl;
|
||||
private $cacheKeyPrefix;
|
||||
|
||||
/**
|
||||
* @param int $outdatedTokenTtl How long the outdated token should still be considered valid. Defaults
|
||||
* to 60, which matches how often the PersistentRememberMeHandler will at
|
||||
* most refresh tokens. Increasing to more than that is not recommended,
|
||||
* but you may use a lower value.
|
||||
*/
|
||||
public function __construct(CacheItemPoolInterface $cache, int $outdatedTokenTtl = 60, string $cacheKeyPrefix = 'rememberme-stale-')
|
||||
{
|
||||
$this->cache = $cache;
|
||||
$this->outdatedTokenTtl = $outdatedTokenTtl;
|
||||
$this->cacheKeyPrefix = $cacheKeyPrefix;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function verifyToken(PersistentTokenInterface $token, string $tokenValue): bool
|
||||
{
|
||||
if (hash_equals($token->getTokenValue(), $tokenValue)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
$cacheKey = $this->getCacheKey($token);
|
||||
$item = $this->cache->getItem($cacheKey);
|
||||
if (!$item->isHit()) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$outdatedToken = $item->get();
|
||||
|
||||
return hash_equals($outdatedToken, $tokenValue);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function updateExistingToken(PersistentTokenInterface $token, string $tokenValue, \DateTimeInterface $lastUsed): void
|
||||
{
|
||||
// When a token gets updated, persist the outdated token for $outdatedTokenTtl seconds so we can
|
||||
// still accept it as valid in verifyToken
|
||||
$item = $this->cache->getItem($this->getCacheKey($token));
|
||||
$item->set($token->getTokenValue());
|
||||
$item->expiresAfter($this->outdatedTokenTtl);
|
||||
$this->cache->save($item);
|
||||
}
|
||||
|
||||
private function getCacheKey(PersistentTokenInterface $token): string
|
||||
{
|
||||
return $this->cacheKeyPrefix.rawurlencode($token->getSeries());
|
||||
}
|
||||
}
|
71
vendor/symfony/security-core/Authentication/RememberMe/InMemoryTokenProvider.php
vendored
Normal file
71
vendor/symfony/security-core/Authentication/RememberMe/InMemoryTokenProvider.php
vendored
Normal file
@ -0,0 +1,71 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
|
||||
|
||||
/**
|
||||
* This class is used for testing purposes, and is not really suited for production.
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
class InMemoryTokenProvider implements TokenProviderInterface
|
||||
{
|
||||
private $tokens = [];
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function loadTokenBySeries(string $series)
|
||||
{
|
||||
if (!isset($this->tokens[$series])) {
|
||||
throw new TokenNotFoundException('No token found.');
|
||||
}
|
||||
|
||||
return $this->tokens[$series];
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function updateToken(string $series, string $tokenValue, \DateTime $lastUsed)
|
||||
{
|
||||
if (!isset($this->tokens[$series])) {
|
||||
throw new TokenNotFoundException('No token found.');
|
||||
}
|
||||
|
||||
$token = new PersistentToken(
|
||||
$this->tokens[$series]->getClass(),
|
||||
method_exists($this->tokens[$series], 'getUserIdentifier') ? $this->tokens[$series]->getUserIdentifier() : $this->tokens[$series]->getUsername(),
|
||||
$series,
|
||||
$tokenValue,
|
||||
$lastUsed
|
||||
);
|
||||
$this->tokens[$series] = $token;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function deleteTokenBySeries(string $series)
|
||||
{
|
||||
unset($this->tokens[$series]);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function createNewToken(PersistentTokenInterface $token)
|
||||
{
|
||||
$this->tokens[$token->getSeries()] = $token;
|
||||
}
|
||||
}
|
95
vendor/symfony/security-core/Authentication/RememberMe/PersistentToken.php
vendored
Normal file
95
vendor/symfony/security-core/Authentication/RememberMe/PersistentToken.php
vendored
Normal file
@ -0,0 +1,95 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
/**
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class PersistentToken implements PersistentTokenInterface
|
||||
{
|
||||
private $class;
|
||||
private $userIdentifier;
|
||||
private $series;
|
||||
private $tokenValue;
|
||||
private $lastUsed;
|
||||
|
||||
public function __construct(string $class, string $userIdentifier, string $series, string $tokenValue, \DateTime $lastUsed)
|
||||
{
|
||||
if (empty($class)) {
|
||||
throw new \InvalidArgumentException('$class must not be empty.');
|
||||
}
|
||||
if ('' === $userIdentifier) {
|
||||
throw new \InvalidArgumentException('$userIdentifier must not be empty.');
|
||||
}
|
||||
if (empty($series)) {
|
||||
throw new \InvalidArgumentException('$series must not be empty.');
|
||||
}
|
||||
if (empty($tokenValue)) {
|
||||
throw new \InvalidArgumentException('$tokenValue must not be empty.');
|
||||
}
|
||||
|
||||
$this->class = $class;
|
||||
$this->userIdentifier = $userIdentifier;
|
||||
$this->series = $series;
|
||||
$this->tokenValue = $tokenValue;
|
||||
$this->lastUsed = $lastUsed;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function getClass(): string
|
||||
{
|
||||
return $this->class;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function getUsername(): string
|
||||
{
|
||||
trigger_deprecation('symfony/security-core', '5.3', 'Method "%s()" is deprecated, use getUserIdentifier() instead.', __METHOD__);
|
||||
|
||||
return $this->userIdentifier;
|
||||
}
|
||||
|
||||
public function getUserIdentifier(): string
|
||||
{
|
||||
return $this->userIdentifier;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function getSeries(): string
|
||||
{
|
||||
return $this->series;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function getTokenValue(): string
|
||||
{
|
||||
return $this->tokenValue;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function getLastUsed(): \DateTime
|
||||
{
|
||||
return $this->lastUsed;
|
||||
}
|
||||
}
|
58
vendor/symfony/security-core/Authentication/RememberMe/PersistentTokenInterface.php
vendored
Normal file
58
vendor/symfony/security-core/Authentication/RememberMe/PersistentTokenInterface.php
vendored
Normal file
@ -0,0 +1,58 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
/**
|
||||
* Interface to be implemented by persistent token classes (such as
|
||||
* Doctrine entities representing a remember-me token).
|
||||
*
|
||||
* @method string getUserIdentifier() returns the identifier used to authenticate (e.g. their email address or username)
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface PersistentTokenInterface
|
||||
{
|
||||
/**
|
||||
* Returns the class of the user.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getClass();
|
||||
|
||||
/**
|
||||
* Returns the series.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getSeries();
|
||||
|
||||
/**
|
||||
* Returns the token value.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getTokenValue();
|
||||
|
||||
/**
|
||||
* Returns the time the token was last used.
|
||||
*
|
||||
* @return \DateTime
|
||||
*/
|
||||
public function getLastUsed();
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*
|
||||
* @deprecated since Symfony 5.3, use getUserIdentifier() instead
|
||||
*/
|
||||
public function getUsername();
|
||||
}
|
48
vendor/symfony/security-core/Authentication/RememberMe/TokenProviderInterface.php
vendored
Normal file
48
vendor/symfony/security-core/Authentication/RememberMe/TokenProviderInterface.php
vendored
Normal file
@ -0,0 +1,48 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
|
||||
|
||||
/**
|
||||
* Interface for TokenProviders.
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface TokenProviderInterface
|
||||
{
|
||||
/**
|
||||
* Loads the active token for the given series.
|
||||
*
|
||||
* @return PersistentTokenInterface
|
||||
*
|
||||
* @throws TokenNotFoundException if the token is not found
|
||||
*/
|
||||
public function loadTokenBySeries(string $series);
|
||||
|
||||
/**
|
||||
* Deletes all tokens belonging to series.
|
||||
*/
|
||||
public function deleteTokenBySeries(string $series);
|
||||
|
||||
/**
|
||||
* Updates the token according to this data.
|
||||
*
|
||||
* @throws TokenNotFoundException if the token is not found
|
||||
*/
|
||||
public function updateToken(string $series, string $tokenValue, \DateTime $lastUsed);
|
||||
|
||||
/**
|
||||
* Creates a new token.
|
||||
*/
|
||||
public function createNewToken(PersistentTokenInterface $token);
|
||||
}
|
32
vendor/symfony/security-core/Authentication/RememberMe/TokenVerifierInterface.php
vendored
Normal file
32
vendor/symfony/security-core/Authentication/RememberMe/TokenVerifierInterface.php
vendored
Normal file
@ -0,0 +1,32 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\RememberMe;
|
||||
|
||||
/**
|
||||
* @author Jordi Boggiano <j.boggiano@seld.be>
|
||||
*/
|
||||
interface TokenVerifierInterface
|
||||
{
|
||||
/**
|
||||
* Verifies that the given $token is valid.
|
||||
*
|
||||
* This lets you override the token check logic to for example accept slightly outdated tokens.
|
||||
*
|
||||
* Do not forget to implement token comparisons using hash_equals for a secure implementation.
|
||||
*/
|
||||
public function verifyToken(PersistentTokenInterface $token, string $tokenValue): bool;
|
||||
|
||||
/**
|
||||
* Updates an existing token with a new token value and lastUsed time.
|
||||
*/
|
||||
public function updateExistingToken(PersistentTokenInterface $token, string $tokenValue, \DateTimeInterface $lastUsed): void;
|
||||
}
|
Reference in New Issue
Block a user