login consent app sql

This commit is contained in:
2022-05-03 08:54:45 +02:00
parent e7253acfd8
commit f9a6535906
1652 changed files with 187600 additions and 45 deletions

View File

@ -0,0 +1,37 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
/**
* Interface for custom authentication failure handlers.
*
* If you want to customize the failure handling process, instead of
* overwriting the respective listener globally, you can set a custom failure
* handler which implements this interface.
*
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*/
interface AuthenticationFailureHandlerInterface
{
/**
* This is called when an interactive authentication attempt fails. This is
* called by authentication listeners inheriting from
* AbstractAuthenticationListener.
*
* @return Response
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception);
}

View File

@ -0,0 +1,37 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* Interface for a custom authentication success handler.
*
* If you want to customize the success handling process, instead of
* overwriting the respective listener globally, you can set a custom success
* handler which implements this interface.
*
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
*/
interface AuthenticationSuccessHandlerInterface
{
/**
* This is called when an interactive authentication attempt succeeds. This
* is called by authentication listeners inheriting from
* AbstractAuthenticationListener.
*
* @return Response
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token);
}

View File

@ -0,0 +1,81 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Security;
/**
* Extracts Security Errors from Request.
*
* @author Boris Vujicic <boris.vujicic@gmail.com>
*/
class AuthenticationUtils
{
private $requestStack;
public function __construct(RequestStack $requestStack)
{
$this->requestStack = $requestStack;
}
/**
* @return AuthenticationException|null
*/
public function getLastAuthenticationError(bool $clearSession = true)
{
$request = $this->getRequest();
$authenticationException = null;
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
$authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
} elseif ($request->hasSession() && ($session = $request->getSession())->has(Security::AUTHENTICATION_ERROR)) {
$authenticationException = $session->get(Security::AUTHENTICATION_ERROR);
if ($clearSession) {
$session->remove(Security::AUTHENTICATION_ERROR);
}
}
return $authenticationException;
}
/**
* @return string
*/
public function getLastUsername()
{
$request = $this->getRequest();
if ($request->attributes->has(Security::LAST_USERNAME)) {
return $request->attributes->get(Security::LAST_USERNAME, '');
}
return $request->hasSession() ? $request->getSession()->get(Security::LAST_USERNAME, '') : '';
}
/**
* @throws \LogicException
*/
private function getRequest(): Request
{
$request = $this->requestStack->getCurrentRequest();
if (null === $request) {
throw new \LogicException('Request should exist so it can be processed for error.');
}
return $request;
}
}

View File

@ -0,0 +1,285 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\AuthenticationEvents;
use Symfony\Component\Security\Core\Event\AuthenticationSuccessEvent;
use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator;
use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\BadgeInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
use Symfony\Component\Security\Http\Event\AuthenticationTokenCreatedEvent;
use Symfony\Component\Security\Http\Event\CheckPassportEvent;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Component\Security\Http\Event\LoginFailureEvent;
use Symfony\Component\Security\Http\Event\LoginSuccessEvent;
use Symfony\Component\Security\Http\SecurityEvents;
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
/**
* @author Wouter de Jong <wouter@wouterj.nl>
* @author Ryan Weaver <ryan@symfonycasts.com>
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
*/
class AuthenticatorManager implements AuthenticatorManagerInterface, UserAuthenticatorInterface
{
private $authenticators;
private $tokenStorage;
private $eventDispatcher;
private $eraseCredentials;
private $logger;
private $firewallName;
private $hideUserNotFoundExceptions;
private $requiredBadges;
/**
* @param iterable<mixed, AuthenticatorInterface> $authenticators
*/
public function __construct(iterable $authenticators, TokenStorageInterface $tokenStorage, EventDispatcherInterface $eventDispatcher, string $firewallName, LoggerInterface $logger = null, bool $eraseCredentials = true, bool $hideUserNotFoundExceptions = true, array $requiredBadges = [])
{
$this->authenticators = $authenticators;
$this->tokenStorage = $tokenStorage;
$this->eventDispatcher = $eventDispatcher;
$this->firewallName = $firewallName;
$this->logger = $logger;
$this->eraseCredentials = $eraseCredentials;
$this->hideUserNotFoundExceptions = $hideUserNotFoundExceptions;
$this->requiredBadges = $requiredBadges;
}
/**
* @param BadgeInterface[] $badges Optionally, pass some Passport badges to use for the manual login
*/
public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = []): ?Response
{
// create an authentication token for the User
// @deprecated since Symfony 5.3, change to $user->getUserIdentifier() in 6.0
$passport = new SelfValidatingPassport(new UserBadge(method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername(), function () use ($user) { return $user; }), $badges);
$token = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
// announce the authentication token
$token = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($token, $passport))->getAuthenticatedToken();
// authenticate this in the system
return $this->handleAuthenticationSuccess($token, $passport, $request, $authenticator);
}
public function supports(Request $request): ?bool
{
if (null !== $this->logger) {
$context = ['firewall_name' => $this->firewallName];
if ($this->authenticators instanceof \Countable || \is_array($this->authenticators)) {
$context['authenticators'] = \count($this->authenticators);
}
$this->logger->debug('Checking for authenticator support.', $context);
}
$authenticators = [];
$skippedAuthenticators = [];
$lazy = true;
foreach ($this->authenticators as $authenticator) {
if (null !== $this->logger) {
$this->logger->debug('Checking support on authenticator.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
}
if (false !== $supports = $authenticator->supports($request)) {
$authenticators[] = $authenticator;
$lazy = $lazy && null === $supports;
} else {
if (null !== $this->logger) {
$this->logger->debug('Authenticator does not support the request.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
}
$skippedAuthenticators[] = $authenticator;
}
}
if (!$authenticators) {
return false;
}
$request->attributes->set('_security_authenticators', $authenticators);
$request->attributes->set('_security_skipped_authenticators', $skippedAuthenticators);
return $lazy ? null : true;
}
public function authenticateRequest(Request $request): ?Response
{
$authenticators = $request->attributes->get('_security_authenticators');
$request->attributes->remove('_security_authenticators');
$request->attributes->remove('_security_skipped_authenticators');
if (!$authenticators) {
return null;
}
return $this->executeAuthenticators($authenticators, $request);
}
/**
* @param AuthenticatorInterface[] $authenticators
*/
private function executeAuthenticators(array $authenticators, Request $request): ?Response
{
foreach ($authenticators as $authenticator) {
// recheck if the authenticator still supports the listener. supports() is called
// eagerly (before token storage is initialized), whereas authenticate() is called
// lazily (after initialization).
if (false === $authenticator->supports($request)) {
if (null !== $this->logger) {
$this->logger->debug('Skipping the "{authenticator}" authenticator as it did not support the request.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
continue;
}
$response = $this->executeAuthenticator($authenticator, $request);
if (null !== $response) {
if (null !== $this->logger) {
$this->logger->debug('The "{authenticator}" authenticator set the response. Any later authenticator will not be called', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
return $response;
}
}
return null;
}
private function executeAuthenticator(AuthenticatorInterface $authenticator, Request $request): ?Response
{
$passport = null;
try {
// get the passport from the Authenticator
$passport = $authenticator->authenticate($request);
// check the passport (e.g. password checking)
$event = new CheckPassportEvent($authenticator, $passport);
$this->eventDispatcher->dispatch($event);
// check if all badges are resolved
$resolvedBadges = [];
foreach ($passport->getBadges() as $badge) {
if (!$badge->isResolved()) {
throw new BadCredentialsException(sprintf('Authentication failed: Security badge "%s" is not resolved, did you forget to register the correct listeners?', get_debug_type($badge)));
}
$resolvedBadges[] = \get_class($badge);
}
$missingRequiredBadges = array_diff($this->requiredBadges, $resolvedBadges);
if ($missingRequiredBadges) {
throw new BadCredentialsException(sprintf('Authentication failed; Some badges marked as required by the firewall config are not available on the passport: "%s".', implode('", "', $missingRequiredBadges)));
}
// create the authentication token
$authenticatedToken = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
// announce the authentication token
$authenticatedToken = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($authenticatedToken, $passport))->getAuthenticatedToken();
if (true === $this->eraseCredentials) {
$authenticatedToken->eraseCredentials();
}
$this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($authenticatedToken), AuthenticationEvents::AUTHENTICATION_SUCCESS);
if (null !== $this->logger) {
$this->logger->info('Authenticator successful!', ['token' => $authenticatedToken, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
} catch (AuthenticationException $e) {
// oh no! Authentication failed!
$response = $this->handleAuthenticationFailure($e, $request, $authenticator, $passport);
if ($response instanceof Response) {
return $response;
}
return null;
}
// success! (sets the token on the token storage, etc)
$response = $this->handleAuthenticationSuccess($authenticatedToken, $passport, $request, $authenticator);
if ($response instanceof Response) {
return $response;
}
if (null !== $this->logger) {
$this->logger->debug('Authenticator set no success response: request continues.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
return null;
}
private function handleAuthenticationSuccess(TokenInterface $authenticatedToken, PassportInterface $passport, Request $request, AuthenticatorInterface $authenticator): ?Response
{
// @deprecated since Symfony 5.3
$user = $authenticatedToken->getUser();
if ($user instanceof UserInterface && !method_exists($user, 'getUserIdentifier')) {
trigger_deprecation('symfony/security-core', '5.3', 'Not implementing method "getUserIdentifier(): string" in user class "%s" is deprecated. This method will replace "getUsername()" in Symfony 6.0.', get_debug_type($authenticatedToken->getUser()));
}
$this->tokenStorage->setToken($authenticatedToken);
$response = $authenticator->onAuthenticationSuccess($request, $authenticatedToken, $this->firewallName);
if ($authenticator instanceof InteractiveAuthenticatorInterface && $authenticator->isInteractive()) {
$loginEvent = new InteractiveLoginEvent($request, $authenticatedToken);
$this->eventDispatcher->dispatch($loginEvent, SecurityEvents::INTERACTIVE_LOGIN);
}
$this->eventDispatcher->dispatch($loginSuccessEvent = new LoginSuccessEvent($authenticator, $passport, $authenticatedToken, $request, $response, $this->firewallName));
return $loginSuccessEvent->getResponse();
}
/**
* Handles an authentication failure and returns the Response for the authenticator.
*/
private function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $authenticator, ?PassportInterface $passport): ?Response
{
if (null !== $this->logger) {
$this->logger->info('Authenticator failed.', ['exception' => $authenticationException, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
// Avoid leaking error details in case of invalid user (e.g. user not found or invalid account status)
// to prevent user enumeration via response content comparison
if ($this->hideUserNotFoundExceptions && ($authenticationException instanceof UsernameNotFoundException || ($authenticationException instanceof AccountStatusException && !$authenticationException instanceof CustomUserMessageAccountStatusException))) {
$authenticationException = new BadCredentialsException('Bad credentials.', 0, $authenticationException);
}
$response = $authenticator->onAuthenticationFailure($request, $authenticationException);
if (null !== $response && null !== $this->logger) {
$this->logger->debug('The "{authenticator}" authenticator set the failure response.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
}
$this->eventDispatcher->dispatch($loginFailureEvent = new LoginFailureEvent($authenticationException, $authenticator, $request, $response, $this->firewallName, $passport));
// returning null is ok, it means they want the request to continue
return $loginFailureEvent->getResponse();
}
}

View File

@ -0,0 +1,35 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Firewall\FirewallListenerInterface;
/**
* @author Wouter de Jong <wouter@wouterj.nl>
* @author Ryan Weaver <ryan@symfonycasts.com>
*/
interface AuthenticatorManagerInterface
{
/**
* Called to see if authentication should be attempted on this request.
*
* @see FirewallListenerInterface::supports()
*/
public function supports(Request $request): ?bool;
/**
* Tries to authenticate the request and returns a response - if any authenticator set one.
*/
public function authenticateRequest(Request $request): ?Response;
}

View File

@ -0,0 +1,42 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
/**
* @author Fabien Potencier <fabien@symfony.com>
*/
class CustomAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
{
private $handler;
/**
* @param array $options Options for processing a successful authentication attempt
*/
public function __construct(AuthenticationFailureHandlerInterface $handler, array $options)
{
$this->handler = $handler;
if (method_exists($handler, 'setOptions')) {
$this->handler->setOptions($options);
}
}
/**
* {@inheritdoc}
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
return $this->handler->onAuthenticationFailure($request, $exception);
}
}

View File

@ -0,0 +1,50 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* @author Fabien Potencier <fabien@symfony.com>
*/
class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
{
private $handler;
/**
* @param array $options Options for processing a successful authentication attempt
*/
public function __construct(AuthenticationSuccessHandlerInterface $handler, array $options, string $firewallName)
{
$this->handler = $handler;
if (method_exists($handler, 'setOptions')) {
$this->handler->setOptions($options);
}
if (method_exists($handler, 'setFirewallName')) {
$this->handler->setFirewallName($firewallName);
} elseif (method_exists($handler, 'setProviderKey')) {
trigger_deprecation('symfony/security-http', '5.2', 'Method "%s::setProviderKey()" is deprecated, rename the method to "setFirewallName()" instead.', \get_class($handler));
$this->handler->setProviderKey($firewallName);
}
}
/**
* {@inheritdoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
return $this->handler->onAuthenticationSuccess($request, $token);
}
}

View File

@ -0,0 +1,100 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Psr\Log\LoggerInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\Security\Http\ParameterBagUtils;
/**
* Class with the default authentication failure handling logic.
*
* Can be optionally be extended from by the developer to alter the behavior
* while keeping the default behavior.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
{
protected $httpKernel;
protected $httpUtils;
protected $logger;
protected $options;
protected $defaultOptions = [
'failure_path' => null,
'failure_forward' => false,
'login_path' => '/login',
'failure_path_parameter' => '_failure_path',
];
public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options = [], LoggerInterface $logger = null)
{
$this->httpKernel = $httpKernel;
$this->httpUtils = $httpUtils;
$this->logger = $logger;
$this->setOptions($options);
}
/**
* Gets the options.
*
* @return array
*/
public function getOptions()
{
return $this->options;
}
public function setOptions(array $options)
{
$this->options = array_merge($this->defaultOptions, $options);
}
/**
* {@inheritdoc}
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
if ($failureUrl = ParameterBagUtils::getRequestParameterValue($request, $this->options['failure_path_parameter'])) {
$this->options['failure_path'] = $failureUrl;
}
if (null === $this->options['failure_path']) {
$this->options['failure_path'] = $this->options['login_path'];
}
if ($this->options['failure_forward']) {
if (null !== $this->logger) {
$this->logger->debug('Authentication failure, forward triggered.', ['failure_path' => $this->options['failure_path']]);
}
$subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']);
$subRequest->attributes->set(Security::AUTHENTICATION_ERROR, $exception);
return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
}
if (null !== $this->logger) {
$this->logger->debug('Authentication failure, redirect triggered.', ['failure_path' => $this->options['failure_path']]);
}
$request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
return $this->httpUtils->createRedirectResponse($request, $this->options['failure_path']);
}
}

View File

@ -0,0 +1,152 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\Security\Http\ParameterBagUtils;
use Symfony\Component\Security\Http\Util\TargetPathTrait;
/**
* Class with the default authentication success handling logic.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
{
use TargetPathTrait;
protected $httpUtils;
protected $options;
/** @deprecated since Symfony 5.2, use $firewallName instead */
protected $providerKey;
protected $firewallName;
protected $defaultOptions = [
'always_use_default_target_path' => false,
'default_target_path' => '/',
'login_path' => '/login',
'target_path_parameter' => '_target_path',
'use_referer' => false,
];
/**
* @param array $options Options for processing a successful authentication attempt
*/
public function __construct(HttpUtils $httpUtils, array $options = [])
{
$this->httpUtils = $httpUtils;
$this->setOptions($options);
}
/**
* {@inheritdoc}
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
}
/**
* Gets the options.
*
* @return array
*/
public function getOptions()
{
return $this->options;
}
public function setOptions(array $options)
{
$this->options = array_merge($this->defaultOptions, $options);
}
/**
* Get the provider key.
*
* @return string
*
* @deprecated since Symfony 5.2, use getFirewallName() instead
*/
public function getProviderKey()
{
if (1 !== \func_num_args() || true !== func_get_arg(0)) {
trigger_deprecation('symfony/security-core', '5.2', 'Method "%s()" is deprecated, use "getFirewallName()" instead.', __METHOD__);
}
if ($this->providerKey !== $this->firewallName) {
trigger_deprecation('symfony/security-core', '5.2', 'The "%1$s::$providerKey" property is deprecated, use "%1$s::$firewallName" instead.', __CLASS__);
return $this->providerKey;
}
return $this->firewallName;
}
public function setProviderKey(string $providerKey)
{
if (2 !== \func_num_args() || true !== func_get_arg(1)) {
trigger_deprecation('symfony/security-http', '5.2', 'Method "%s" is deprecated, use "setFirewallName()" instead.', __METHOD__);
}
$this->providerKey = $providerKey;
}
public function getFirewallName(): ?string
{
return $this->getProviderKey(true);
}
public function setFirewallName(string $firewallName): void
{
$this->setProviderKey($firewallName, true);
$this->firewallName = $firewallName;
}
/**
* Builds the target URL according to the defined options.
*
* @return string
*/
protected function determineTargetUrl(Request $request)
{
if ($this->options['always_use_default_target_path']) {
return $this->options['default_target_path'];
}
if ($targetUrl = ParameterBagUtils::getRequestParameterValue($request, $this->options['target_path_parameter'])) {
return $targetUrl;
}
$firewallName = $this->getFirewallName();
if (null !== $firewallName && $targetUrl = $this->getTargetPath($request->getSession(), $firewallName)) {
$this->removeTargetPath($request->getSession(), $firewallName);
return $targetUrl;
}
if ($this->options['use_referer'] && $targetUrl = $request->headers->get('Referer')) {
if (false !== $pos = strpos($targetUrl, '?')) {
$targetUrl = substr($targetUrl, 0, $pos);
}
if ($targetUrl && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
return $targetUrl;
}
}
return $this->options['default_target_path'];
}
}

View File

@ -0,0 +1,33 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* This class is used when the authenticator system is activated.
*
* This is used to not break AuthenticationChecker and ContextListener when
* using the authenticator system.
*
* @author Wouter de Jong <wouter@wouterj.nl>
*
* @internal
*/
class NoopAuthenticationManager implements AuthenticationManagerInterface
{
public function authenticate(TokenInterface $token): TokenInterface
{
return $token;
}
}

View File

@ -0,0 +1,32 @@
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Security\Http\Authentication;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\BadgeInterface;
/**
* @author Wouter de Jong <wouter@wouterj.nl>
*/
interface UserAuthenticatorInterface
{
/**
* Convenience method to programmatically login a user and return a
* Response *if any* for success.
*
* @param BadgeInterface[] $badges Optionally, pass some Passport badges to use for the manual login
*/
public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = []): ?Response;
}