]> git.immae.eu Git - github/wallabag/wallabag.git/blobdiff - src/Wallabag/CoreBundle/Security/Firewall/WsseListener.php
log for authentication on API
[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Security / Firewall / WsseListener.php
index 4d4f2145c884ff16d2b2e5108747602aa04ee5ce..d815d53623278254c5c48b7b3bf0e73ac58f15a4 100644 (file)
@@ -9,16 +9,19 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\SecurityContextInterface;
 use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
 use Wallabag\CoreBundle\Security\Authentication\Token\WsseUserToken;
+use Symfony\Component\HttpKernel\Log\LoggerInterface;
 
 class WsseListener implements ListenerInterface
 {
     protected $securityContext;
     protected $authenticationManager;
+    protected $logger;
 
-    public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager)
+    public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, LoggerInterface $logger)
     {
         $this->securityContext = $securityContext;
         $this->authenticationManager = $authenticationManager;
+        $this->logger = $logger;
     }
 
     public function handle(GetResponseEvent $event)
@@ -42,16 +45,21 @@ class WsseListener implements ListenerInterface
 
             $this->securityContext->setToken($authToken);
         } catch (AuthenticationException $failed) {
-            // ... you might log something here
-
-            // To deny the authentication clear the token. This will redirect to the login page.
-            // $this->securityContext->setToken(null);
-            // return;
+            $failedMessage = 'WSSE Login failed for '.$token->getUsername().'. Why ? '.$failed->getMessage();
+            $this->logger->err($failedMessage);
 
             // Deny authentication with a '403 Forbidden' HTTP response
             $response = new Response();
             $response->setStatusCode(403);
+            $response->setContent($failedMessage);
             $event->setResponse($response);
+
+            return;
         }
+
+        // By default deny authorization
+        $response = new Response();
+        $response->setStatusCode(403);
+        $event->setResponse($response);
     }
 }