vendor/symfony/security-http/Firewall/BasicAuthenticationListener.php line 32

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpKernel\Event\RequestEvent;
  17. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  18. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  19. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  20. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  21. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  22. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  23. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  25. /**
  26.  * BasicAuthenticationListener implements Basic HTTP authentication.
  27.  *
  28.  * @author Fabien Potencier <fabien@symfony.com>
  29.  *
  30.  * @final since Symfony 4.3
  31.  */
  32. class BasicAuthenticationListener extends AbstractListener implements ListenerInterface
  33. {
  34.     use LegacyListenerTrait;
  36.     private $tokenStorage;
  37.     private $authenticationManager;
  38.     private $providerKey;
  39.     private $authenticationEntryPoint;
  40.     private $logger;
  41.     private $ignoreFailure;
  42.     private $sessionStrategy;
  44.     public function __construct(TokenStorageInterface $tokenStorageAuthenticationManagerInterface $authenticationManagerstring $providerKeyAuthenticationEntryPointInterface $authenticationEntryPointLoggerInterface $logger null)
  45.     {
  46.         if (empty($providerKey)) {
  47.             throw new \InvalidArgumentException('$providerKey must not be empty.');
  48.         }
  50.         $this->tokenStorage $tokenStorage;
  51.         $this->authenticationManager $authenticationManager;
  52.         $this->providerKey $providerKey;
  53.         $this->authenticationEntryPoint $authenticationEntryPoint;
  54.         $this->logger $logger;
  55.         $this->ignoreFailure false;
  56.     }
  58.     /**
  59.      * {@inheritdoc}
  60.      */
  61.     public function supports(Request $request): ?bool
  62.     {
  63.         return null !== $request->headers->get('PHP_AUTH_USER');
  64.     }
  66.     /**
  67.      * Handles basic authentication.
  68.      */
  69.     public function authenticate(RequestEvent $event)
  70.     {
  71.         $request $event->getRequest();
  73.         if (null === $username $request->headers->get('PHP_AUTH_USER')) {
  74.             return;
  75.         }
  77.         if (null !== $token $this->tokenStorage->getToken()) {
  78.             if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && $token->getUsername() === $username) {
  79.                 return;
  80.             }
  81.         }
  83.         if (null !== $this->logger) {
  84.             $this->logger->info('Basic authentication Authorization header found for user.', ['username' => $username]);
  85.         }
  87.         try {
  88.             $token $this->authenticationManager->authenticate(new UsernamePasswordToken($username$request->headers->get('PHP_AUTH_PW'), $this->providerKey));
  90.             $this->migrateSession($request$token);
  92.             $this->tokenStorage->setToken($token);
  93.         } catch (AuthenticationException $e) {
  94.             $token $this->tokenStorage->getToken();
  95.             if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) {
  96.                 $this->tokenStorage->setToken(null);
  97.             }
  99.             if (null !== $this->logger) {
  100.                 $this->logger->info('Basic authentication failed for user.', ['username' => $username'exception' => $e]);
  101.             }
  103.             if ($this->ignoreFailure) {
  104.                 return;
  105.             }
  107.             $event->setResponse($this->authenticationEntryPoint->start($request$e));
  108.         }
  109.     }
  111.     /**
  112.      * Call this method if your authentication token is stored to a session.
  113.      *
  114.      * @final
  115.      */
  116.     public function setSessionAuthenticationStrategy(SessionAuthenticationStrategyInterface $sessionStrategy)
  117.     {
  118.         $this->sessionStrategy $sessionStrategy;
  119.     }
  121.     private function migrateSession(Request $requestTokenInterface $token)
  122.     {
  123.         if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) {
  124.             return;
  125.         }
  127.         $this->sessionStrategy->onAuthentication($request$token);
  128.     }
  129. }