]>
Commit | Line | Data |
---|---|---|
d9169157 J |
1 | <?php |
2 | ||
3 | namespace Wallabag\CoreBundle\Security\Authentication\Provider; | |
4 | ||
5 | use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; | |
6 | use Symfony\Component\Security\Core\User\UserProviderInterface; | |
7 | use Symfony\Component\Security\Core\User\UserCheckerInterface; | |
8 | use Symfony\Component\Security\Core\User\UserInterface; | |
9 | use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; | |
10 | use Symfony\Component\Security\Core\Exception\AuthenticationServiceException; | |
11 | use Symfony\Component\Security\Core\Exception\BadCredentialsException; | |
12 | use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; | |
13 | use Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider; | |
14 | ||
15 | class WallabagAuthenticationProvider extends UserAuthenticationProvider | |
16 | { | |
17 | private $encoderFactory; | |
18 | private $userProvider; | |
19 | ||
20 | /** | |
21 | * Constructor. | |
22 | * | |
23 | * @param UserProviderInterface $userProvider An UserProviderInterface instance | |
24 | * @param UserCheckerInterface $userChecker An UserCheckerInterface instance | |
25 | * @param string $providerKey The provider key | |
26 | * @param EncoderFactoryInterface $encoderFactory An EncoderFactoryInterface instance | |
27 | * @param bool $hideUserNotFoundExceptions Whether to hide user not found exception or not | |
28 | */ | |
29 | public function __construct(UserProviderInterface $userProvider, UserCheckerInterface $userChecker, $providerKey, EncoderFactoryInterface $encoderFactory, $hideUserNotFoundExceptions = true) | |
30 | { | |
31 | parent::__construct($userChecker, $providerKey, $hideUserNotFoundExceptions); | |
32 | ||
33 | $this->encoderFactory = $encoderFactory; | |
34 | $this->userProvider = $userProvider; | |
35 | } | |
36 | ||
37 | /** | |
38 | * {@inheritdoc} | |
39 | */ | |
40 | protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) | |
41 | { | |
42 | $currentUser = $token->getUser(); | |
43 | if ($currentUser instanceof UserInterface) { | |
44 | if ($currentUser->getPassword() !== $user->getPassword()) { | |
45 | throw new BadCredentialsException('The credentials were changed from another session.'); | |
46 | } | |
47 | } else { | |
4346a860 | 48 | if ('' === ($presentedPassword = $token->getCredentials())) { |
d9169157 J |
49 | throw new BadCredentialsException('The presented password cannot be empty.'); |
50 | } | |
51 | ||
52 | // give username, it's used to hash the password | |
53 | $encoder = $this->encoderFactory->getEncoder($user); | |
54 | $encoder->setUsername($user->getUsername()); | |
55 | ||
56 | if (!$encoder->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { | |
57 | throw new BadCredentialsException('The presented password is invalid.'); | |
58 | } | |
59 | } | |
60 | } | |
61 | ||
62 | /** | |
63 | * {@inheritdoc} | |
64 | */ | |
65 | protected function retrieveUser($username, UsernamePasswordToken $token) | |
66 | { | |
67 | $user = $token->getUser(); | |
68 | if ($user instanceof UserInterface) { | |
69 | return $user; | |
70 | } | |
71 | ||
72 | try { | |
73 | $user = $this->userProvider->loadUserByUsername($username); | |
74 | ||
75 | if (!$user instanceof UserInterface) { | |
76 | throw new AuthenticationServiceException('The user provider must return a UserInterface object.'); | |
77 | } | |
78 | ||
79 | return $user; | |
80 | } catch (UsernameNotFoundException $notFound) { | |
81 | $notFound->setUsername($username); | |
82 | throw $notFound; | |
83 | } catch (\Exception $repositoryProblem) { | |
84 | $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem); | |
85 | $ex->setToken($token); | |
86 | throw $ex; | |
87 | } | |
88 | } | |
89 | } |