login consent app sql
This commit is contained in:
37
vendor/symfony/security-http/Authentication/AuthenticationFailureHandlerInterface.php
vendored
Normal file
37
vendor/symfony/security-http/Authentication/AuthenticationFailureHandlerInterface.php
vendored
Normal file
@ -0,0 +1,37 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
|
||||
/**
|
||||
* Interface for custom authentication failure handlers.
|
||||
*
|
||||
* If you want to customize the failure handling process, instead of
|
||||
* overwriting the respective listener globally, you can set a custom failure
|
||||
* handler which implements this interface.
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface AuthenticationFailureHandlerInterface
|
||||
{
|
||||
/**
|
||||
* This is called when an interactive authentication attempt fails. This is
|
||||
* called by authentication listeners inheriting from
|
||||
* AbstractAuthenticationListener.
|
||||
*
|
||||
* @return Response
|
||||
*/
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception);
|
||||
}
|
37
vendor/symfony/security-http/Authentication/AuthenticationSuccessHandlerInterface.php
vendored
Normal file
37
vendor/symfony/security-http/Authentication/AuthenticationSuccessHandlerInterface.php
vendored
Normal file
@ -0,0 +1,37 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
|
||||
/**
|
||||
* Interface for a custom authentication success handler.
|
||||
*
|
||||
* If you want to customize the success handling process, instead of
|
||||
* overwriting the respective listener globally, you can set a custom success
|
||||
* handler which implements this interface.
|
||||
*
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
*/
|
||||
interface AuthenticationSuccessHandlerInterface
|
||||
{
|
||||
/**
|
||||
* This is called when an interactive authentication attempt succeeds. This
|
||||
* is called by authentication listeners inheriting from
|
||||
* AbstractAuthenticationListener.
|
||||
*
|
||||
* @return Response
|
||||
*/
|
||||
public function onAuthenticationSuccess(Request $request, TokenInterface $token);
|
||||
}
|
81
vendor/symfony/security-http/Authentication/AuthenticationUtils.php
vendored
Normal file
81
vendor/symfony/security-http/Authentication/AuthenticationUtils.php
vendored
Normal file
@ -0,0 +1,81 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\RequestStack;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
|
||||
/**
|
||||
* Extracts Security Errors from Request.
|
||||
*
|
||||
* @author Boris Vujicic <boris.vujicic@gmail.com>
|
||||
*/
|
||||
class AuthenticationUtils
|
||||
{
|
||||
private $requestStack;
|
||||
|
||||
public function __construct(RequestStack $requestStack)
|
||||
{
|
||||
$this->requestStack = $requestStack;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return AuthenticationException|null
|
||||
*/
|
||||
public function getLastAuthenticationError(bool $clearSession = true)
|
||||
{
|
||||
$request = $this->getRequest();
|
||||
$authenticationException = null;
|
||||
|
||||
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
|
||||
$authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
|
||||
} elseif ($request->hasSession() && ($session = $request->getSession())->has(Security::AUTHENTICATION_ERROR)) {
|
||||
$authenticationException = $session->get(Security::AUTHENTICATION_ERROR);
|
||||
|
||||
if ($clearSession) {
|
||||
$session->remove(Security::AUTHENTICATION_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
return $authenticationException;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function getLastUsername()
|
||||
{
|
||||
$request = $this->getRequest();
|
||||
|
||||
if ($request->attributes->has(Security::LAST_USERNAME)) {
|
||||
return $request->attributes->get(Security::LAST_USERNAME, '');
|
||||
}
|
||||
|
||||
return $request->hasSession() ? $request->getSession()->get(Security::LAST_USERNAME, '') : '';
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws \LogicException
|
||||
*/
|
||||
private function getRequest(): Request
|
||||
{
|
||||
$request = $this->requestStack->getCurrentRequest();
|
||||
|
||||
if (null === $request) {
|
||||
throw new \LogicException('Request should exist so it can be processed for error.');
|
||||
}
|
||||
|
||||
return $request;
|
||||
}
|
||||
}
|
285
vendor/symfony/security-http/Authentication/AuthenticatorManager.php
vendored
Normal file
285
vendor/symfony/security-http/Authentication/AuthenticatorManager.php
vendored
Normal file
@ -0,0 +1,285 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\AuthenticationEvents;
|
||||
use Symfony\Component\Security\Core\Event\AuthenticationSuccessEvent;
|
||||
use Symfony\Component\Security\Core\Exception\AccountStatusException;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
|
||||
use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
|
||||
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator;
|
||||
use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\BadgeInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
|
||||
use Symfony\Component\Security\Http\Event\AuthenticationTokenCreatedEvent;
|
||||
use Symfony\Component\Security\Http\Event\CheckPassportEvent;
|
||||
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
|
||||
use Symfony\Component\Security\Http\Event\LoginFailureEvent;
|
||||
use Symfony\Component\Security\Http\Event\LoginSuccessEvent;
|
||||
use Symfony\Component\Security\Http\SecurityEvents;
|
||||
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
||||
|
||||
/**
|
||||
* @author Wouter de Jong <wouter@wouterj.nl>
|
||||
* @author Ryan Weaver <ryan@symfonycasts.com>
|
||||
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
|
||||
*/
|
||||
class AuthenticatorManager implements AuthenticatorManagerInterface, UserAuthenticatorInterface
|
||||
{
|
||||
private $authenticators;
|
||||
private $tokenStorage;
|
||||
private $eventDispatcher;
|
||||
private $eraseCredentials;
|
||||
private $logger;
|
||||
private $firewallName;
|
||||
private $hideUserNotFoundExceptions;
|
||||
private $requiredBadges;
|
||||
|
||||
/**
|
||||
* @param iterable<mixed, AuthenticatorInterface> $authenticators
|
||||
*/
|
||||
public function __construct(iterable $authenticators, TokenStorageInterface $tokenStorage, EventDispatcherInterface $eventDispatcher, string $firewallName, LoggerInterface $logger = null, bool $eraseCredentials = true, bool $hideUserNotFoundExceptions = true, array $requiredBadges = [])
|
||||
{
|
||||
$this->authenticators = $authenticators;
|
||||
$this->tokenStorage = $tokenStorage;
|
||||
$this->eventDispatcher = $eventDispatcher;
|
||||
$this->firewallName = $firewallName;
|
||||
$this->logger = $logger;
|
||||
$this->eraseCredentials = $eraseCredentials;
|
||||
$this->hideUserNotFoundExceptions = $hideUserNotFoundExceptions;
|
||||
$this->requiredBadges = $requiredBadges;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param BadgeInterface[] $badges Optionally, pass some Passport badges to use for the manual login
|
||||
*/
|
||||
public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = []): ?Response
|
||||
{
|
||||
// create an authentication token for the User
|
||||
// @deprecated since Symfony 5.3, change to $user->getUserIdentifier() in 6.0
|
||||
$passport = new SelfValidatingPassport(new UserBadge(method_exists($user, 'getUserIdentifier') ? $user->getUserIdentifier() : $user->getUsername(), function () use ($user) { return $user; }), $badges);
|
||||
$token = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
|
||||
|
||||
// announce the authentication token
|
||||
$token = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($token, $passport))->getAuthenticatedToken();
|
||||
|
||||
// authenticate this in the system
|
||||
return $this->handleAuthenticationSuccess($token, $passport, $request, $authenticator);
|
||||
}
|
||||
|
||||
public function supports(Request $request): ?bool
|
||||
{
|
||||
if (null !== $this->logger) {
|
||||
$context = ['firewall_name' => $this->firewallName];
|
||||
|
||||
if ($this->authenticators instanceof \Countable || \is_array($this->authenticators)) {
|
||||
$context['authenticators'] = \count($this->authenticators);
|
||||
}
|
||||
|
||||
$this->logger->debug('Checking for authenticator support.', $context);
|
||||
}
|
||||
|
||||
$authenticators = [];
|
||||
$skippedAuthenticators = [];
|
||||
$lazy = true;
|
||||
foreach ($this->authenticators as $authenticator) {
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Checking support on authenticator.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
|
||||
}
|
||||
|
||||
if (false !== $supports = $authenticator->supports($request)) {
|
||||
$authenticators[] = $authenticator;
|
||||
$lazy = $lazy && null === $supports;
|
||||
} else {
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Authenticator does not support the request.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
|
||||
}
|
||||
$skippedAuthenticators[] = $authenticator;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$authenticators) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$request->attributes->set('_security_authenticators', $authenticators);
|
||||
$request->attributes->set('_security_skipped_authenticators', $skippedAuthenticators);
|
||||
|
||||
return $lazy ? null : true;
|
||||
}
|
||||
|
||||
public function authenticateRequest(Request $request): ?Response
|
||||
{
|
||||
$authenticators = $request->attributes->get('_security_authenticators');
|
||||
$request->attributes->remove('_security_authenticators');
|
||||
$request->attributes->remove('_security_skipped_authenticators');
|
||||
|
||||
if (!$authenticators) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return $this->executeAuthenticators($authenticators, $request);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param AuthenticatorInterface[] $authenticators
|
||||
*/
|
||||
private function executeAuthenticators(array $authenticators, Request $request): ?Response
|
||||
{
|
||||
foreach ($authenticators as $authenticator) {
|
||||
// recheck if the authenticator still supports the listener. supports() is called
|
||||
// eagerly (before token storage is initialized), whereas authenticate() is called
|
||||
// lazily (after initialization).
|
||||
if (false === $authenticator->supports($request)) {
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Skipping the "{authenticator}" authenticator as it did not support the request.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
$response = $this->executeAuthenticator($authenticator, $request);
|
||||
if (null !== $response) {
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('The "{authenticator}" authenticator set the response. Any later authenticator will not be called', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
|
||||
return $response;
|
||||
}
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function executeAuthenticator(AuthenticatorInterface $authenticator, Request $request): ?Response
|
||||
{
|
||||
$passport = null;
|
||||
|
||||
try {
|
||||
// get the passport from the Authenticator
|
||||
$passport = $authenticator->authenticate($request);
|
||||
|
||||
// check the passport (e.g. password checking)
|
||||
$event = new CheckPassportEvent($authenticator, $passport);
|
||||
$this->eventDispatcher->dispatch($event);
|
||||
|
||||
// check if all badges are resolved
|
||||
$resolvedBadges = [];
|
||||
foreach ($passport->getBadges() as $badge) {
|
||||
if (!$badge->isResolved()) {
|
||||
throw new BadCredentialsException(sprintf('Authentication failed: Security badge "%s" is not resolved, did you forget to register the correct listeners?', get_debug_type($badge)));
|
||||
}
|
||||
|
||||
$resolvedBadges[] = \get_class($badge);
|
||||
}
|
||||
|
||||
$missingRequiredBadges = array_diff($this->requiredBadges, $resolvedBadges);
|
||||
if ($missingRequiredBadges) {
|
||||
throw new BadCredentialsException(sprintf('Authentication failed; Some badges marked as required by the firewall config are not available on the passport: "%s".', implode('", "', $missingRequiredBadges)));
|
||||
}
|
||||
|
||||
// create the authentication token
|
||||
$authenticatedToken = method_exists($authenticator, 'createToken') ? $authenticator->createToken($passport, $this->firewallName) : $authenticator->createAuthenticatedToken($passport, $this->firewallName);
|
||||
|
||||
// announce the authentication token
|
||||
$authenticatedToken = $this->eventDispatcher->dispatch(new AuthenticationTokenCreatedEvent($authenticatedToken, $passport))->getAuthenticatedToken();
|
||||
|
||||
if (true === $this->eraseCredentials) {
|
||||
$authenticatedToken->eraseCredentials();
|
||||
}
|
||||
|
||||
$this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($authenticatedToken), AuthenticationEvents::AUTHENTICATION_SUCCESS);
|
||||
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->info('Authenticator successful!', ['token' => $authenticatedToken, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
} catch (AuthenticationException $e) {
|
||||
// oh no! Authentication failed!
|
||||
$response = $this->handleAuthenticationFailure($e, $request, $authenticator, $passport);
|
||||
if ($response instanceof Response) {
|
||||
return $response;
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
// success! (sets the token on the token storage, etc)
|
||||
$response = $this->handleAuthenticationSuccess($authenticatedToken, $passport, $request, $authenticator);
|
||||
if ($response instanceof Response) {
|
||||
return $response;
|
||||
}
|
||||
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Authenticator set no success response: request continues.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
private function handleAuthenticationSuccess(TokenInterface $authenticatedToken, PassportInterface $passport, Request $request, AuthenticatorInterface $authenticator): ?Response
|
||||
{
|
||||
// @deprecated since Symfony 5.3
|
||||
$user = $authenticatedToken->getUser();
|
||||
if ($user instanceof UserInterface && !method_exists($user, 'getUserIdentifier')) {
|
||||
trigger_deprecation('symfony/security-core', '5.3', 'Not implementing method "getUserIdentifier(): string" in user class "%s" is deprecated. This method will replace "getUsername()" in Symfony 6.0.', get_debug_type($authenticatedToken->getUser()));
|
||||
}
|
||||
|
||||
$this->tokenStorage->setToken($authenticatedToken);
|
||||
|
||||
$response = $authenticator->onAuthenticationSuccess($request, $authenticatedToken, $this->firewallName);
|
||||
if ($authenticator instanceof InteractiveAuthenticatorInterface && $authenticator->isInteractive()) {
|
||||
$loginEvent = new InteractiveLoginEvent($request, $authenticatedToken);
|
||||
$this->eventDispatcher->dispatch($loginEvent, SecurityEvents::INTERACTIVE_LOGIN);
|
||||
}
|
||||
|
||||
$this->eventDispatcher->dispatch($loginSuccessEvent = new LoginSuccessEvent($authenticator, $passport, $authenticatedToken, $request, $response, $this->firewallName));
|
||||
|
||||
return $loginSuccessEvent->getResponse();
|
||||
}
|
||||
|
||||
/**
|
||||
* Handles an authentication failure and returns the Response for the authenticator.
|
||||
*/
|
||||
private function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $authenticator, ?PassportInterface $passport): ?Response
|
||||
{
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->info('Authenticator failed.', ['exception' => $authenticationException, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
|
||||
// Avoid leaking error details in case of invalid user (e.g. user not found or invalid account status)
|
||||
// to prevent user enumeration via response content comparison
|
||||
if ($this->hideUserNotFoundExceptions && ($authenticationException instanceof UsernameNotFoundException || ($authenticationException instanceof AccountStatusException && !$authenticationException instanceof CustomUserMessageAccountStatusException))) {
|
||||
$authenticationException = new BadCredentialsException('Bad credentials.', 0, $authenticationException);
|
||||
}
|
||||
|
||||
$response = $authenticator->onAuthenticationFailure($request, $authenticationException);
|
||||
if (null !== $response && null !== $this->logger) {
|
||||
$this->logger->debug('The "{authenticator}" authenticator set the failure response.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
|
||||
}
|
||||
|
||||
$this->eventDispatcher->dispatch($loginFailureEvent = new LoginFailureEvent($authenticationException, $authenticator, $request, $response, $this->firewallName, $passport));
|
||||
|
||||
// returning null is ok, it means they want the request to continue
|
||||
return $loginFailureEvent->getResponse();
|
||||
}
|
||||
}
|
35
vendor/symfony/security-http/Authentication/AuthenticatorManagerInterface.php
vendored
Normal file
35
vendor/symfony/security-http/Authentication/AuthenticatorManagerInterface.php
vendored
Normal file
@ -0,0 +1,35 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Http\Firewall\FirewallListenerInterface;
|
||||
|
||||
/**
|
||||
* @author Wouter de Jong <wouter@wouterj.nl>
|
||||
* @author Ryan Weaver <ryan@symfonycasts.com>
|
||||
*/
|
||||
interface AuthenticatorManagerInterface
|
||||
{
|
||||
/**
|
||||
* Called to see if authentication should be attempted on this request.
|
||||
*
|
||||
* @see FirewallListenerInterface::supports()
|
||||
*/
|
||||
public function supports(Request $request): ?bool;
|
||||
|
||||
/**
|
||||
* Tries to authenticate the request and returns a response - if any authenticator set one.
|
||||
*/
|
||||
public function authenticateRequest(Request $request): ?Response;
|
||||
}
|
42
vendor/symfony/security-http/Authentication/CustomAuthenticationFailureHandler.php
vendored
Normal file
42
vendor/symfony/security-http/Authentication/CustomAuthenticationFailureHandler.php
vendored
Normal file
@ -0,0 +1,42 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
|
||||
/**
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
*/
|
||||
class CustomAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
|
||||
{
|
||||
private $handler;
|
||||
|
||||
/**
|
||||
* @param array $options Options for processing a successful authentication attempt
|
||||
*/
|
||||
public function __construct(AuthenticationFailureHandlerInterface $handler, array $options)
|
||||
{
|
||||
$this->handler = $handler;
|
||||
if (method_exists($handler, 'setOptions')) {
|
||||
$this->handler->setOptions($options);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
|
||||
{
|
||||
return $this->handler->onAuthenticationFailure($request, $exception);
|
||||
}
|
||||
}
|
50
vendor/symfony/security-http/Authentication/CustomAuthenticationSuccessHandler.php
vendored
Normal file
50
vendor/symfony/security-http/Authentication/CustomAuthenticationSuccessHandler.php
vendored
Normal file
@ -0,0 +1,50 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
|
||||
/**
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
*/
|
||||
class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
|
||||
{
|
||||
private $handler;
|
||||
|
||||
/**
|
||||
* @param array $options Options for processing a successful authentication attempt
|
||||
*/
|
||||
public function __construct(AuthenticationSuccessHandlerInterface $handler, array $options, string $firewallName)
|
||||
{
|
||||
$this->handler = $handler;
|
||||
if (method_exists($handler, 'setOptions')) {
|
||||
$this->handler->setOptions($options);
|
||||
}
|
||||
|
||||
if (method_exists($handler, 'setFirewallName')) {
|
||||
$this->handler->setFirewallName($firewallName);
|
||||
} elseif (method_exists($handler, 'setProviderKey')) {
|
||||
trigger_deprecation('symfony/security-http', '5.2', 'Method "%s::setProviderKey()" is deprecated, rename the method to "setFirewallName()" instead.', \get_class($handler));
|
||||
|
||||
$this->handler->setProviderKey($firewallName);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
|
||||
{
|
||||
return $this->handler->onAuthenticationSuccess($request, $token);
|
||||
}
|
||||
}
|
100
vendor/symfony/security-http/Authentication/DefaultAuthenticationFailureHandler.php
vendored
Normal file
100
vendor/symfony/security-http/Authentication/DefaultAuthenticationFailureHandler.php
vendored
Normal file
@ -0,0 +1,100 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\Security;
|
||||
use Symfony\Component\Security\Http\HttpUtils;
|
||||
use Symfony\Component\Security\Http\ParameterBagUtils;
|
||||
|
||||
/**
|
||||
* Class with the default authentication failure handling logic.
|
||||
*
|
||||
* Can be optionally be extended from by the developer to alter the behavior
|
||||
* while keeping the default behavior.
|
||||
*
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
* @author Alexander <iam.asm89@gmail.com>
|
||||
*/
|
||||
class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
|
||||
{
|
||||
protected $httpKernel;
|
||||
protected $httpUtils;
|
||||
protected $logger;
|
||||
protected $options;
|
||||
protected $defaultOptions = [
|
||||
'failure_path' => null,
|
||||
'failure_forward' => false,
|
||||
'login_path' => '/login',
|
||||
'failure_path_parameter' => '_failure_path',
|
||||
];
|
||||
|
||||
public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options = [], LoggerInterface $logger = null)
|
||||
{
|
||||
$this->httpKernel = $httpKernel;
|
||||
$this->httpUtils = $httpUtils;
|
||||
$this->logger = $logger;
|
||||
$this->setOptions($options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the options.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getOptions()
|
||||
{
|
||||
return $this->options;
|
||||
}
|
||||
|
||||
public function setOptions(array $options)
|
||||
{
|
||||
$this->options = array_merge($this->defaultOptions, $options);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
|
||||
{
|
||||
if ($failureUrl = ParameterBagUtils::getRequestParameterValue($request, $this->options['failure_path_parameter'])) {
|
||||
$this->options['failure_path'] = $failureUrl;
|
||||
}
|
||||
|
||||
if (null === $this->options['failure_path']) {
|
||||
$this->options['failure_path'] = $this->options['login_path'];
|
||||
}
|
||||
|
||||
if ($this->options['failure_forward']) {
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Authentication failure, forward triggered.', ['failure_path' => $this->options['failure_path']]);
|
||||
}
|
||||
|
||||
$subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']);
|
||||
$subRequest->attributes->set(Security::AUTHENTICATION_ERROR, $exception);
|
||||
|
||||
return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
|
||||
}
|
||||
|
||||
if (null !== $this->logger) {
|
||||
$this->logger->debug('Authentication failure, redirect triggered.', ['failure_path' => $this->options['failure_path']]);
|
||||
}
|
||||
|
||||
$request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
|
||||
|
||||
return $this->httpUtils->createRedirectResponse($request, $this->options['failure_path']);
|
||||
}
|
||||
}
|
152
vendor/symfony/security-http/Authentication/DefaultAuthenticationSuccessHandler.php
vendored
Normal file
152
vendor/symfony/security-http/Authentication/DefaultAuthenticationSuccessHandler.php
vendored
Normal file
@ -0,0 +1,152 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Http\HttpUtils;
|
||||
use Symfony\Component\Security\Http\ParameterBagUtils;
|
||||
use Symfony\Component\Security\Http\Util\TargetPathTrait;
|
||||
|
||||
/**
|
||||
* Class with the default authentication success handling logic.
|
||||
*
|
||||
* @author Fabien Potencier <fabien@symfony.com>
|
||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||
* @author Alexander <iam.asm89@gmail.com>
|
||||
*/
|
||||
class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
|
||||
{
|
||||
use TargetPathTrait;
|
||||
|
||||
protected $httpUtils;
|
||||
protected $options;
|
||||
/** @deprecated since Symfony 5.2, use $firewallName instead */
|
||||
protected $providerKey;
|
||||
protected $firewallName;
|
||||
protected $defaultOptions = [
|
||||
'always_use_default_target_path' => false,
|
||||
'default_target_path' => '/',
|
||||
'login_path' => '/login',
|
||||
'target_path_parameter' => '_target_path',
|
||||
'use_referer' => false,
|
||||
];
|
||||
|
||||
/**
|
||||
* @param array $options Options for processing a successful authentication attempt
|
||||
*/
|
||||
public function __construct(HttpUtils $httpUtils, array $options = [])
|
||||
{
|
||||
$this->httpUtils = $httpUtils;
|
||||
$this->setOptions($options);
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
|
||||
{
|
||||
return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the options.
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getOptions()
|
||||
{
|
||||
return $this->options;
|
||||
}
|
||||
|
||||
public function setOptions(array $options)
|
||||
{
|
||||
$this->options = array_merge($this->defaultOptions, $options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the provider key.
|
||||
*
|
||||
* @return string
|
||||
*
|
||||
* @deprecated since Symfony 5.2, use getFirewallName() instead
|
||||
*/
|
||||
public function getProviderKey()
|
||||
{
|
||||
if (1 !== \func_num_args() || true !== func_get_arg(0)) {
|
||||
trigger_deprecation('symfony/security-core', '5.2', 'Method "%s()" is deprecated, use "getFirewallName()" instead.', __METHOD__);
|
||||
}
|
||||
|
||||
if ($this->providerKey !== $this->firewallName) {
|
||||
trigger_deprecation('symfony/security-core', '5.2', 'The "%1$s::$providerKey" property is deprecated, use "%1$s::$firewallName" instead.', __CLASS__);
|
||||
|
||||
return $this->providerKey;
|
||||
}
|
||||
|
||||
return $this->firewallName;
|
||||
}
|
||||
|
||||
public function setProviderKey(string $providerKey)
|
||||
{
|
||||
if (2 !== \func_num_args() || true !== func_get_arg(1)) {
|
||||
trigger_deprecation('symfony/security-http', '5.2', 'Method "%s" is deprecated, use "setFirewallName()" instead.', __METHOD__);
|
||||
}
|
||||
|
||||
$this->providerKey = $providerKey;
|
||||
}
|
||||
|
||||
public function getFirewallName(): ?string
|
||||
{
|
||||
return $this->getProviderKey(true);
|
||||
}
|
||||
|
||||
public function setFirewallName(string $firewallName): void
|
||||
{
|
||||
$this->setProviderKey($firewallName, true);
|
||||
|
||||
$this->firewallName = $firewallName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Builds the target URL according to the defined options.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function determineTargetUrl(Request $request)
|
||||
{
|
||||
if ($this->options['always_use_default_target_path']) {
|
||||
return $this->options['default_target_path'];
|
||||
}
|
||||
|
||||
if ($targetUrl = ParameterBagUtils::getRequestParameterValue($request, $this->options['target_path_parameter'])) {
|
||||
return $targetUrl;
|
||||
}
|
||||
|
||||
$firewallName = $this->getFirewallName();
|
||||
if (null !== $firewallName && $targetUrl = $this->getTargetPath($request->getSession(), $firewallName)) {
|
||||
$this->removeTargetPath($request->getSession(), $firewallName);
|
||||
|
||||
return $targetUrl;
|
||||
}
|
||||
|
||||
if ($this->options['use_referer'] && $targetUrl = $request->headers->get('Referer')) {
|
||||
if (false !== $pos = strpos($targetUrl, '?')) {
|
||||
$targetUrl = substr($targetUrl, 0, $pos);
|
||||
}
|
||||
if ($targetUrl && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
|
||||
return $targetUrl;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->options['default_target_path'];
|
||||
}
|
||||
}
|
33
vendor/symfony/security-http/Authentication/NoopAuthenticationManager.php
vendored
Normal file
33
vendor/symfony/security-http/Authentication/NoopAuthenticationManager.php
vendored
Normal file
@ -0,0 +1,33 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
|
||||
/**
|
||||
* This class is used when the authenticator system is activated.
|
||||
*
|
||||
* This is used to not break AuthenticationChecker and ContextListener when
|
||||
* using the authenticator system.
|
||||
*
|
||||
* @author Wouter de Jong <wouter@wouterj.nl>
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
class NoopAuthenticationManager implements AuthenticationManagerInterface
|
||||
{
|
||||
public function authenticate(TokenInterface $token): TokenInterface
|
||||
{
|
||||
return $token;
|
||||
}
|
||||
}
|
32
vendor/symfony/security-http/Authentication/UserAuthenticatorInterface.php
vendored
Normal file
32
vendor/symfony/security-http/Authentication/UserAuthenticatorInterface.php
vendored
Normal file
@ -0,0 +1,32 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Security\Http\Authentication;
|
||||
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
|
||||
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\BadgeInterface;
|
||||
|
||||
/**
|
||||
* @author Wouter de Jong <wouter@wouterj.nl>
|
||||
*/
|
||||
interface UserAuthenticatorInterface
|
||||
{
|
||||
/**
|
||||
* Convenience method to programmatically login a user and return a
|
||||
* Response *if any* for success.
|
||||
*
|
||||
* @param BadgeInterface[] $badges Optionally, pass some Passport badges to use for the manual login
|
||||
*/
|
||||
public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request, array $badges = []): ?Response;
|
||||
}
|
Reference in New Issue
Block a user