4 files changed, 2 insertions, 104 deletions
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
index fcfe418b..e7c81fc0 100644
--- a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
@@ -7,8 +7,7 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 /**
 * This override just add en extra variable (username) to be able to salt the password
- * the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1
+ * the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1.
- *
 */
 class WallabagPasswordEncoder extends BasePasswordEncoder
 {
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
index 1c7c5fae..cf3cb051 100644
--- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
+++ b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
@@ -45,7 +45,7 @@ class WallabagAuthenticationProvider extends UserAuthenticationProvider
                throw new BadCredentialsException('The credentials were changed from another session.');
            }
        } else {
-            if ("" === ($presentedPassword = $token->getCredentials())) {
+            if ('' === ($presentedPassword = $token->getCredentials())) {
                throw new BadCredentialsException('The presented password cannot be empty.');
            }
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
deleted file mode 100644
index 7e6a5dfb..00000000
--- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php
+++ /dev/null
@@ -1,78 +0,0 @@
-<?php
-namespace Wallabag\CoreBundle\Security\Authentication\Provider;
-use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
-use Symfony\Component\Security\Core\User\UserProviderInterface;
-use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Core\Exception\NonceExpiredException;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
-use Wallabag\CoreBundle\Security\Authentication\Token\WsseUserToken;
-class WsseProvider implements AuthenticationProviderInterface
-{
-    private $userProvider;
-    private $cacheDir;
-    public function __construct(UserProviderInterface $userProvider, $cacheDir)
-    {
-        $this->userProvider = $userProvider;
-        $this->cacheDir     = $cacheDir;
-        // If cache directory does not exist we create it
-        if (!is_dir($this->cacheDir)) {
-            mkdir($this->cacheDir, 0777, true);
-        }
-    }
-    public function authenticate(TokenInterface $token)
-    {
-        $user = $this->userProvider->loadUserByUsername($token->getUsername());
-        if (!$user) {
-            throw new AuthenticationException("Bad credentials. Did you forgot your username?");
-        }
-        if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
-            $authenticatedToken = new WsseUserToken($user->getRoles());
-            $authenticatedToken->setUser($user);
-            return $authenticatedToken;
-        }
-        throw new AuthenticationException('The WSSE authentication failed.');
-    }
-    protected function validateDigest($digest, $nonce, $created, $secret)
-    {
-        // Check created time is not in the future
-        if (strtotime($created) > time()) {
-            throw new AuthenticationException("Back to the future...");
-        }
-        // Expire timestamp after 5 minutes
-        if (time() - strtotime($created) > 300) {
-            throw new AuthenticationException("Too late for this timestamp... Watch your watch.");
-        }
-        // Validate nonce is unique within 5 minutes
-        if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
-            throw new NonceExpiredException('Previously used nonce detected');
-        }
-        file_put_contents($this->cacheDir.'/'.$nonce, time());
-        // Validate Secret
-        $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
-        if ($digest !== $expected) {
-            throw new AuthenticationException("Bad credentials ! Digest is not as expected.");
-        }
-        return $digest === $expected;
-    }
-    public function supports(TokenInterface $token)
-    {
-        return $token instanceof WsseUserToken;
-    }
-}
diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php b/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php
deleted file mode 100644
index ea6fb9bf..00000000
--- a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php
+++ /dev/null
@@ -1,23 +0,0 @@
-<?php
-namespace Wallabag\CoreBundle\Security\Authentication\Token;
-use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
-class WsseUserToken extends AbstractToken
-{
-    public $created;
-    public $digest;
-    public $nonce;
-    public function __construct(array $roles = array())
-    {
-        parent::__construct($roles);
-        $this->setAuthenticated(count($roles) > 0);
-    }
-    public function getCredentials()
-    {
-        return '';
-    }
-}

diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php index fcfe418b..e7c81fc0 100644 --- a/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php +++ b/src/Wallabag/CoreBundle/Security/Authentication/Encoder/WallabagPasswordEncoder.php
@@ -7,8 +7,7 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException;
7		7
8	/**	8	/**
9	* This override just add en extra variable (username) to be able to salt the password	9	* This override just add en extra variable (username) to be able to salt the password
10	* the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1	10	* the way Wallabag v1 does. It will avoid to break compatibility with Wallabag v1.
11	*
12	*/	11	*/
13	class WallabagPasswordEncoder extends BasePasswordEncoder	12	class WallabagPasswordEncoder extends BasePasswordEncoder
14	{	13	{


diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php index 1c7c5fae..cf3cb051 100644 --- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php +++ b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WallabagAuthenticationProvider.php
@@ -45,7 +45,7 @@ class WallabagAuthenticationProvider extends UserAuthenticationProvider
45	throw new BadCredentialsException('The credentials were changed from another session.');	45	throw new BadCredentialsException('The credentials were changed from another session.');
46	}	46	}
47	} else {	47	} else {
48	if ("" === ($presentedPassword = $token->getCredentials())) {	48	if ('' === ($presentedPassword = $token->getCredentials())) {
49	throw new BadCredentialsException('The presented password cannot be empty.');	49	throw new BadCredentialsException('The presented password cannot be empty.');
50	}	50	}
51		51


diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php b/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php deleted file mode 100644 index 7e6a5dfb..00000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Provider/WsseProvider.php +++ /dev/null
@@ -1,78 +0,0 @@
1	<?php
2	namespace Wallabag\CoreBundle\Security\Authentication\Provider;
3
4	use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
5	use Symfony\Component\Security\Core\User\UserProviderInterface;
6	use Symfony\Component\Security\Core\Exception\AuthenticationException;
7	use Symfony\Component\Security\Core\Exception\NonceExpiredException;
8	use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
9	use Wallabag\CoreBundle\Security\Authentication\Token\WsseUserToken;
10
11	class WsseProvider implements AuthenticationProviderInterface
12	{
13	private $userProvider;
14	private $cacheDir;
15
16	public function __construct(UserProviderInterface $userProvider, $cacheDir)
17	{
18	$this->userProvider = $userProvider;
19	$this->cacheDir = $cacheDir;
20
21	// If cache directory does not exist we create it
22	if (!is_dir($this->cacheDir)) {
23	mkdir($this->cacheDir, 0777, true);
24	}
25	}
26
27	public function authenticate(TokenInterface $token)
28	{
29	$user = $this->userProvider->loadUserByUsername($token->getUsername());
30
31	if (!$user) {
32	throw new AuthenticationException("Bad credentials. Did you forgot your username?");
33	}
34
35	if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
36	$authenticatedToken = new WsseUserToken($user->getRoles());
37	$authenticatedToken->setUser($user);
38
39	return $authenticatedToken;
40	}
41
42	throw new AuthenticationException('The WSSE authentication failed.');
43	}
44
45	protected function validateDigest($digest, $nonce, $created, $secret)
46	{
47	// Check created time is not in the future
48	if (strtotime($created) > time()) {
49	throw new AuthenticationException("Back to the future...");
50	}
51
52	// Expire timestamp after 5 minutes
53	if (time() - strtotime($created) > 300) {
54	throw new AuthenticationException("Too late for this timestamp... Watch your watch.");
55	}
56
57	// Validate nonce is unique within 5 minutes
58	if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
59	throw new NonceExpiredException('Previously used nonce detected');
60	}
61
62	file_put_contents($this->cacheDir.'/'.$nonce, time());
63
64	// Validate Secret
65	$expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
66
67	if ($digest !== $expected) {
68	throw new AuthenticationException("Bad credentials ! Digest is not as expected.");
69	}
70
71	return $digest === $expected;
72	}
73
74	public function supports(TokenInterface $token)
75	{
76	return $token instanceof WsseUserToken;
77	}
78	}


diff --git a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php b/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php deleted file mode 100644 index ea6fb9bf..00000000 --- a/src/Wallabag/CoreBundle/Security/Authentication/Token/WsseUserToken.php +++ /dev/null
@@ -1,23 +0,0 @@
1	<?php
2	namespace Wallabag\CoreBundle\Security\Authentication\Token;
3
4	use Symfony\Component\Security\Core\Authentication\Token\AbstractToken;
5
6	class WsseUserToken extends AbstractToken
7	{
8	public $created;
9	public $digest;
10	public $nonce;
11
12	public function __construct(array $roles = array())
13	{
14	parent::__construct($roles);
15
16	$this->setAuthenticated(count($roles) > 0);
17	}
18
19	public function getCredentials()
20	{
21	return '';
22	}
23	}