-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
236 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,100 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the mangel.io project. | ||
* | ||
* (c) Florian Moser <git@famoser.ch> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
namespace App\Security; | ||
|
||
use App\Entity\ConstructionManager; | ||
use App\Security\Base\BaseUserProvider; | ||
use App\Security\Model\UserToken; | ||
use Symfony\Bridge\Doctrine\RegistryInterface; | ||
use Symfony\Component\Security\Core\Exception\UnsupportedUserException; | ||
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; | ||
use Symfony\Component\Security\Core\User\UserInterface; | ||
|
||
class AuthenticationTokenProvider extends BaseUserProvider | ||
{ | ||
/** | ||
* @var RegistryInterface | ||
*/ | ||
private $registry; | ||
|
||
/** | ||
* AdminUserProvider constructor. | ||
* | ||
* @param RegistryInterface $registry | ||
*/ | ||
public function __construct(RegistryInterface $registry) | ||
{ | ||
$this->registry = $registry; | ||
} | ||
|
||
/** | ||
* Refreshes the user for the account interface. | ||
* | ||
* It is up to the implementation to decide if the user data should be | ||
* totally reloaded (e.g. from the database), or if the UserInterface | ||
* object can just be merged into some internal array of users / identity | ||
* map. | ||
* | ||
* @param UserInterface $user | ||
* | ||
* @throws UnsupportedUserException if the account is not supported | ||
* | ||
* @return UserInterface | ||
*/ | ||
public function refreshUser(UserInterface $user) | ||
{ | ||
if (!$user instanceof UserToken) { | ||
throw new UnsupportedUserException( | ||
sprintf('Instances of "%s" are not supported.', \get_class($user)) | ||
); | ||
} | ||
|
||
return $this->loadUserByUsername($user->getUsername()); | ||
} | ||
|
||
/** | ||
* Loads the user for the given username. | ||
* | ||
* This method must throw UsernameNotFoundException if the user is not | ||
* found. | ||
* | ||
* @param string $username The username | ||
* | ||
* @throws UsernameNotFoundException if the user is not found | ||
* | ||
* @return UserInterface | ||
*/ | ||
public function loadUserByUsername($username) | ||
{ | ||
/** @var ConstructionManager $user */ | ||
$user = $this->registry->getRepository('App:ConstructionManager')->findOneBy(['email' => $username]); | ||
if ($user !== null) { | ||
return new UserToken($user); | ||
} | ||
|
||
throw new UsernameNotFoundException( | ||
sprintf('Username "%s" does not exist in CustomerUserProvider.', $username) | ||
); | ||
} | ||
|
||
/** | ||
* Whether this provider supports the given user class. | ||
* | ||
* @param string $class | ||
* | ||
* @return bool | ||
*/ | ||
public function supportsClass($class) | ||
{ | ||
return $class === UserToken::class; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
<?php | ||
|
||
/* | ||
* This file is part of the mangel.io project. | ||
* | ||
* (c) Florian Moser <git@famoser.ch> | ||
* | ||
* For the full copyright and license information, please view the LICENSE | ||
* file that was distributed with this source code. | ||
*/ | ||
|
||
namespace App\Security\Model; | ||
|
||
use Symfony\Component\Security\Core\User\UserInterface; | ||
|
||
class UserToken implements UserInterface | ||
{ | ||
/** | ||
* @var (Role|string)[] | ||
*/ | ||
private $roles; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $password; | ||
|
||
/** | ||
* @var string|null | ||
*/ | ||
private $salt; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $username; | ||
|
||
/** | ||
* UserToken constructor. | ||
* | ||
* @param UserInterface $user | ||
*/ | ||
public function __construct(UserInterface $user) | ||
{ | ||
$this->roles = $user->getRoles(); | ||
$this->password = $user->getPassword(); | ||
$this->salt = $user->getSalt(); | ||
$this->username = $user->getUsername(); | ||
} | ||
|
||
/** | ||
* Returns the roles granted to the user. | ||
* | ||
* public function getRoles() | ||
* { | ||
* return array('ROLE_USER'); | ||
* } | ||
* | ||
* Alternatively, the roles might be stored on a ``roles`` property, | ||
* and populated in any number of different ways when the user object | ||
* is created. | ||
* | ||
* @return (Role|string)[] The user roles | ||
*/ | ||
public function getRoles() | ||
{ | ||
return $this->roles; | ||
} | ||
|
||
/** | ||
* Returns the password used to authenticate the user. | ||
* | ||
* This should be the encoded password. On authentication, a plain-text | ||
* password will be salted, encoded, and then compared to this value. | ||
* | ||
* @return string The password | ||
*/ | ||
public function getPassword() | ||
{ | ||
return $this->password; | ||
} | ||
|
||
/** | ||
* Returns the salt that was originally used to encode the password. | ||
* | ||
* This can return null if the password was not encoded using a salt. | ||
* | ||
* @return string|null The salt | ||
*/ | ||
public function getSalt() | ||
{ | ||
return $this->salt; | ||
} | ||
|
||
/** | ||
* Returns the username used to authenticate the user. | ||
* | ||
* @return string The username | ||
*/ | ||
public function getUsername() | ||
{ | ||
return $this->roles; | ||
} | ||
|
||
/** | ||
* Removes sensitive data from the user. | ||
* | ||
* This is important if, at any given point, sensitive information like | ||
* the plain-text password is stored on this object. | ||
*/ | ||
public function eraseCredentials() | ||
{ | ||
// no credentials here; hence do not need to clear | ||
} | ||
} |