vendor/symfony/security-guard/Authenticator/GuardBridgeAuthenticator.php line 103

Open in your IDE?
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\Security\Guard\Authenticator;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\Response;
  13. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  14. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  15. use Symfony\Component\Security\Core\Exception\UserNotFoundException;
  16. use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
  17. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  18. use Symfony\Component\Security\Core\User\UserInterface;
  19. use Symfony\Component\Security\Core\User\UserProviderInterface;
  20. use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;
  21. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  22. use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
  23. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  24. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
  25. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  26. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  27. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  28. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  29. use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
  30. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  31. trigger_deprecation('symfony/security-guard', '5.3', 'The "%s" class is deprecated, use the new authenticator system instead.', GuardBridgeAuthenticator::class);
  32. /**
  33. * This authenticator is used to bridge Guard authenticators with
  34. * the Symfony Authenticator system.
  35. *
  36. * @author Wouter de Jong <wouter@wouterj.nl>
  37. *
  38. * @deprecated since Symfony 5.3
  39. */
  40. class GuardBridgeAuthenticator implements InteractiveAuthenticatorInterface, AuthenticationEntryPointInterface
  41. {
  42. private $guard;
  43. private $userProvider;
  44. public function __construct(GuardAuthenticatorInterface $guard, UserProviderInterface $userProvider)
  45. {
  46. $this->guard = $guard;
  47. $this->userProvider = $userProvider;
  48. }
  49. public function start(Request $request, ?AuthenticationException $authException = null)
  50. {
  51. return $this->guard->start($request, $authException);
  52. }
  53. public function supports(Request $request): ?bool
  54. {
  55. return $this->guard->supports($request);
  56. }
  57. public function authenticate(Request $request): PassportInterface
  58. {
  59. $credentials = $this->guard->getCredentials($request);
  60. if (null === $credentials) {
  61. throw new \UnexpectedValueException(sprintf('The return value of "%1$s::getCredentials()" must not be null. Return false from "%1$s::supports()" instead.', get_debug_type($this->guard)));
  62. }
  63. // get the user from the GuardAuthenticator
  64. if (class_exists(UserBadge::class)) {
  65. $user = new UserBadge('guard_authenticator_'.md5(serialize($credentials)), function () use ($credentials) { return $this->getUser($credentials); });
  66. } else {
  67. // BC with symfony/security-http:5.1
  68. $user = $this->getUser($credentials);
  69. }
  70. if ($this->guard instanceof PasswordAuthenticatedInterface && !$user instanceof PasswordAuthenticatedUserInterface) {
  71. trigger_deprecation('symfony/security-guard', '5.3', 'Not implementing the "%s" interface in class "%s" while using password-based guard authenticators is deprecated.', PasswordAuthenticatedUserInterface::class, get_debug_type($user));
  72. }
  73. $passport = new Passport($user, new CustomCredentials([$this->guard, 'checkCredentials'], $credentials));
  74. if ($this->userProvider instanceof PasswordUpgraderInterface && $this->guard instanceof PasswordAuthenticatedInterface && (null !== $password = $this->guard->getPassword($credentials))) {
  75. $passport->addBadge(new PasswordUpgradeBadge($password, $this->userProvider));
  76. }
  77. if ($this->guard->supportsRememberMe()) {
  78. $passport->addBadge(new RememberMeBadge());
  79. }
  80. return $passport;
  81. }
  82. public function getGuardAuthenticator(): GuardAuthenticatorInterface
  83. {
  84. return $this->guard;
  85. }
  86. private function getUser($credentials): UserInterface
  87. {
  88. $user = $this->guard->getUser($credentials, $this->userProvider);
  89. if (null === $user) {
  90. throw new UserNotFoundException(sprintf('Null returned from "%s::getUser()".', get_debug_type($this->guard)));
  91. }
  92. if (!$user instanceof UserInterface) {
  93. throw new \UnexpectedValueException(sprintf('The "%s::getUser()" method must return a UserInterface. You returned "%s".', get_debug_type($this->guard), get_debug_type($user)));
  94. }
  95. return $user;
  96. }
  97. public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
  98. {
  99. if (!$passport instanceof UserPassportInterface) {
  100. throw new \LogicException(sprintf('"%s" does not support non-user passports.', __CLASS__));
  101. }
  102. return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);
  103. }
  104. public function createToken(Passport $passport, string $firewallName): TokenInterface
  105. {
  106. return $this->guard->createAuthenticatedToken($passport->getUser(), $firewallName);
  107. }
  108. public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
  109. {
  110. return $this->guard->onAuthenticationSuccess($request, $token, $firewallName);
  111. }
  112. public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
  113. {
  114. return $this->guard->onAuthenticationFailure($request, $exception);
  115. }
  116. public function isInteractive(): bool
  117. {
  118. // the GuardAuthenticationHandler always dispatches the InteractiveLoginEvent
  119. return true;
  120. }
  121. }