src/Security/LoginAuthenticator.php line 140

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\Wdeclar;
  6. use App\Entity\Wcocon;
  7. use App\Services\CustomerService;
  8. use Doctrine\ORM\EntityManagerInterface;
  9. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  10. use Symfony\Component\HttpFoundation\RedirectResponse;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\Response;
  13. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  16. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  17. use Symfony\Component\Security\Core\Security;
  18. use Symfony\Component\Security\Core\User\UserInterface;
  19. use Symfony\Component\Security\Core\User\UserProviderInterface;
  20. use Symfony\Component\Security\Csrf\CsrfToken;
  21. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  22. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  23. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  24. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  25. use Doctrine\Common\Persistence\ManagerRegistry;
  26. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  27. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
  28. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  29. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  30. use Symfony\Component\HttpFoundation\RequestStack;
  32. class LoginAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  33. {
  34.     use TargetPathTrait;
  36.     private const LOGIN_ROUTE 'index';
  38.     private $entityManager;
  39.     private $urlGenerator;
  40.     private $csrfTokenManager;
  41.     private $passwordEncoder;
  42.     /**
  43.      * @var CustomerService
  44.      */
  45.     private $customerService;
  46.     /**
  47.      * @var mixed
  48.      */
  49.     private $appKey;
  50.     /**
  51.      * @var mixed
  52.      */
  53.     private $appSecret;
  54.     /**
  55.      * @var mixed
  56.      */
  57.     private $ssoServerAddress;
  58.     /**
  59.      * @var mixed
  60.      */
  61.     private $ssoServerCacheCheck;
  62.     
  63.     private $authorizationChecker;
  65.     public function __construct(
  66.         EntityManagerInterface $entityManager,
  67.         UrlGeneratorInterface $urlGenerator,
  68.         CsrfTokenManagerInterface $csrfTokenManager,
  69.         UserPasswordEncoderInterface $passwordEncoder,
  70.         ManagerRegistry $registry,
  71.         TokenStorageInterface $tokenStorage,
  72.         CustomerService $customerService,
  73.         ParameterBagInterface $params,
  74.         AuthenticationManagerInterface $authManager,
  75.         AuthorizationCheckerInterface $authorizationChecker,
  76.         RequestStack $requestStack
  77.         
  78.     ) {
  79.         $this->entityManager       $entityManager;
  80.         $this->urlGenerator        $urlGenerator;
  81.         $this->csrfTokenManager    $csrfTokenManager;
  82.         $this->passwordEncoder     $passwordEncoder;
  83.         $this->customerService     $customerService;
  84.         $this->appKey              $params->get('webapp_key');
  85.         $this->appSecret           $params->get('webapp_secret');
  86.         $this->ssoServerAddress    $params->get('sso_server_address');
  87.         $this->ssoServerCacheCheck $params->get('sso_server_cache_check');
  88.         $this->authManager     $authManager;
  89.         $this->authorizationChecker $authorizationChecker;
  90.         $this->request         $requestStack->getCurrentRequest();
  91.         $this->tokenStorage    $tokenStorage;
  92.     }
  93.     
  94.     
  95.     public function authenticate(Request $request): PassportInterface
  96.     {
  97.         
  98.         $credentials = [
  99.             '_username'  => $request->request->get('_username'),
  100.             '_password'  => $request->request->get('_password'),
  101.             'csrf_token' => $request->request->get('_csrf_token'),
  102.         ];
  104.     }
  105.     
  106.     
  107.     
  109.     public function supports(Request $request)
  110.     {
  112.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  113.                && $request->isMethod('POST');
  114.     }
  116.     public function getCredentials(Request $request)
  117.     {
  119.         //$auth_checker = $this->get('security.authorization_checker');
  120.         //$isRoleUser = $this->authorizationChecker->isGranted('ROLE_USER');
  123.         $credentials = [
  124.             '_username'  => $request->request->get('_username'),
  125.             '_password'  => $request->request->get('_password'),
  126.             'csrf_token' => $request->request->get('_csrf_token'),
  127.         ];
  128.         $request->getSession()->set(
  129.             Security::LAST_USERNAME,
  130.             $credentials['_username']
  131.         );
  132.         $request->getSession()->set(
  133.             'sso_token',
  134.             $this->customerService->encryptParameter(md5($credentials['_username'].$credentials['_password']))
  135.             );
  136.        
  137.         return $credentials;
  138.     }
  140.     public function getUser($credentialsUserProviderInterface $userProvider)
  141.     {
  142.         
  143.         
  144.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  145.         
  146.         if ( ! $this->csrfTokenManager->isTokenValid($token)) {
  147.             throw new InvalidCsrfTokenException();
  148.         }
  149.         
  151.        
  152.         /** @var Response $loginCheck */
  153.         $loginCheck $this->customerService->loginCheckAction($credentials);
  154.         $response   $loginCheck->getContent();
  156.         if (strpos($response'Username or password don')) {
  157.             throw new UsernameNotFoundException(
  158.                 sprintf('Username "%s" does not exist.''$username')
  159.             );
  160.         }
  162.         $response json_decode($responsetrue);
  164.         return $this->customerService->syncUser($response['name']);
  165.     }
  167.     public function checkCredentials($credentialsUserInterface $user)
  168.     {
  169.         return true;
  170.         return !empty($user)?true:false;
  171.     }
  173.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  174.     {
  175.         
  176.         $postAppKeyParam      'appKey=' $this->customerService->encryptParameter($this->appKey);
  177.         $postAppSecretParam   '&appSecret=' $this->customerService->encryptParameter($this->appSecret);
  178.         $postUsernameParam    '&username=' .  $request->getSession()->get('sso_token');
  179.         $postUrlBackLinkParam '&urlBackLink=' $this->customerService->encryptParameter($this->urlGenerator->generate('index',
  180.                 [], UrlGeneratorInterface::ABSOLUTE_URL));
  182.         return new RedirectResponse($this->ssoServerCacheCheck '?' $postAppKeyParam $postAppSecretParam $postUsernameParam $postUrlBackLinkParam,
  183.             Response::HTTP_MOVED_PERMANENTLY);
  184.     }
  186.     protected function getLoginUrl()
  187.     {
  188.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  189.     }
  191.     public function getPassword($credentials): ?string
  192.     {
  193.         return $credentials['_password'];
  194.     }
  196.     public function supportsRememberMe(): bool
  197.     {
  198.         return true;
  199.     }
  200. }