vendor/symfony/security-http/Firewall/SimplePreAuthenticationListener.php line 34

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpFoundation\Response;
  18. use Symfony\Component\HttpKernel\Event\GetResponseEvent;
  19. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  20. use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
  21. use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
  22. use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
  23. use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
  24. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  25. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  26. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  27. use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
  28. use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
  29. use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;
  30. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  31. use Symfony\Component\Security\Http\SecurityEvents;
  32. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  34. @trigger_error(sprintf('The "%s" class is deprecated since Symfony 4.2, use Guard instead.'SimplePreAuthenticationListener::class), E_USER_DEPRECATED);
  36. /**
  37.  * SimplePreAuthenticationListener implements simple proxying to an authenticator.
  38.  *
  39.  * @author Jordi Boggiano <j.boggiano@seld.be>
  40.  *
  41.  * @deprecated since Symfony 4.2, use Guard instead.
  42.  */
  43. class SimplePreAuthenticationListener implements ListenerInterface {
  45.     private $tokenStorage;
  46.     private $authenticationManager;
  47.     private $providerKey;
  48.     private $simpleAuthenticator;
  49.     private $logger;
  50.     private $dispatcher;
  51.     private $sessionStrategy;
  52.     private $trustResolver;
  54.     public function __construct(TokenStorageInterface $tokenStorageAuthenticationManagerInterface $authenticationManagerstring $providerKeySimplePreAuthenticatorInterface $simpleAuthenticatorLoggerInterface $logger nullEventDispatcherInterface $dispatcher nullAuthenticationTrustResolverInterface $trustResolver null) {
  55.         if (empty($providerKey)) {
  56.             throw new \InvalidArgumentException('$providerKey must not be empty.');
  57.         }
  59.         $this->tokenStorage $tokenStorage;
  60.         $this->authenticationManager $authenticationManager;
  61.         $this->providerKey $providerKey;
  62.         $this->simpleAuthenticator $simpleAuthenticator;
  63.         $this->logger $logger;
  64.         $this->dispatcher $dispatcher;
  65.         $this->trustResolver $trustResolver ?: new AuthenticationTrustResolver(AnonymousToken::class, RememberMeToken::class);
  66.     }
  68.     /**
  69.      * Call this method if your authentication token is stored to a session.
  70.      *
  71.      * @final
  72.      */
  73.     public function setSessionAuthenticationStrategy(SessionAuthenticationStrategyInterface $sessionStrategy) {
  74.         $this->sessionStrategy $sessionStrategy;
  75.     }
  77.     /**
  78.      * Handles basic authentication.
  79.      */
  80.     public function handle(GetResponseEvent $event) {
  81.         $request $event->getRequest();
  83.         if (null !== $this->logger) {
  84.             $this->logger->info('Attempting SimplePreAuthentication.', ['key' => $this->providerKey'authenticator' => \get_class($this->simpleAuthenticator)]);
  85.         }
  87.         if ((null !== $token $this->tokenStorage->getToken()) && !$this->trustResolver->isAnonymous($token)) {
  88.             return;
  89.         }
  91.         try {
  92.             $token $this->simpleAuthenticator->createToken($request$this->providerKey);
  94.             // allow null to be returned to skip authentication
  95.             if (null === $token) {
  96.                 return;
  97.             }
  99.             $token $this->authenticationManager->authenticate($token);
  101.             $this->migrateSession($request$token);
  103.             $this->tokenStorage->setToken($token);
  105.             if (null !== $this->dispatcher) {
  106.                 $loginEvent = new InteractiveLoginEvent($request$token);
  107.                 $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN$loginEvent);
  108.             }
  109.         } catch (AuthenticationException $e) {
  110.             $this->tokenStorage->setToken(null);
  112.             if (null !== $this->logger) {
  113.                 $this->logger->info('SimplePreAuthentication request failed.', ['exception' => $e'authenticator' => \get_class($this->simpleAuthenticator)]);
  114.             }
  116.             if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) {
  117.                 $response $this->simpleAuthenticator->onAuthenticationFailure($request$e);
  118.                 if ($response instanceof Response) {
  119.                     $event->setResponse($response);
  120.                 } elseif (null !== $response) {
  121.                     throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationFailure method must return null or a Response object', \get_class($this->simpleAuthenticator)));
  122.                 }
  123.             }
  125.             return;
  126.         }
  128.         if ($this->simpleAuthenticator instanceof AuthenticationSuccessHandlerInterface) {
  129.             $response $this->simpleAuthenticator->onAuthenticationSuccess($request$token);
  130.             if ($response instanceof Response) {
  131.                 $event->setResponse($response);
  132.             } elseif (null !== $response) {
  133.                 throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationSuccess method must return null or a Response object', \get_class($this->simpleAuthenticator)));
  134.             }
  135.         }
  136.     }
  138.     private function migrateSession(Request $requestTokenInterface $token) {
  139.         if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) {
  140.             return;
  141.         }
  143.         $this->sessionStrategy->onAuthentication($request$token);
  144.     }
  146. }