src/Security/LoginAuthenticator.php line 147

Open in your IDE?
  1. <?php
  2. namespace App\Security;
  3. use App\Entity\Wdeclar;
  4. use App\Entity\Wcocon;
  5. use App\Services\CustomerService;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\DependencyInjection\ParameterBag\ParameterBagInterface;
  8. use Symfony\Component\HttpFoundation\RedirectResponse;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  14. use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException;
  15. use Symfony\Component\Security\Core\Security;
  16. use Symfony\Component\Security\Core\User\UserInterface;
  17. use Symfony\Component\Security\Core\User\UserProviderInterface;
  18. use Symfony\Component\Security\Csrf\CsrfToken;
  19. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  20. use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
  21. use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
  22. use Symfony\Component\Security\Http\Util\TargetPathTrait;
  23. use Doctrine\Common\Persistence\ManagerRegistry;
  24. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  25. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
  26. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  27. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  28. use Symfony\Component\HttpFoundation\RequestStack;
  29. class LoginAuthenticator extends AbstractFormLoginAuthenticator implements PasswordAuthenticatedInterface
  30. {
  31.     use TargetPathTrait;
  32.     private const LOGIN_ROUTE 'index';
  33.     private $entityManager;
  34.     private $urlGenerator;
  35.     private $csrfTokenManager;
  36.     private $passwordEncoder;
  37.     /**
  38.      * @var CustomerService
  39.      */
  40.     private $customerService;
  41.     /**
  42.      * @var mixed
  43.      */
  44.     private $appKey;
  45.     /**
  46.      * @var mixed
  47.      */
  48.     private $appSecret;
  49.     /**
  50.      * @var mixed
  51.      */
  52.     private $ssoServerAddress;
  53.     /**
  54.      * @var mixed
  55.      */
  56.     private $ssoServerCacheCheck;
  57.     
  58.     private $authorizationChecker;
  59.     public function __construct(
  60.         EntityManagerInterface $entityManager,
  61.         UrlGeneratorInterface $urlGenerator,
  62.         CsrfTokenManagerInterface $csrfTokenManager,
  63.         UserPasswordEncoderInterface $passwordEncoder,
  64.         ManagerRegistry $registry,
  65.         TokenStorageInterface $tokenStorage,
  66.         CustomerService $customerService,
  67.         ParameterBagInterface $params,
  68.         AuthenticationManagerInterface $authManager,
  69.         AuthorizationCheckerInterface $authorizationChecker,
  70.         RequestStack $requestStack
  71.         
  72.     ) {
  73.         $this->entityManager       $entityManager;
  74.         $this->urlGenerator        $urlGenerator;
  75.         $this->csrfTokenManager    $csrfTokenManager;
  76.         $this->passwordEncoder     $passwordEncoder;
  77.         $this->customerService     $customerService;
  78.         $this->appKey              $params->get('webapp_key');
  79.         $this->appSecret           $params->get('webapp_secret');
  80.         $this->ssoServerAddress    $params->get('sso_server_address');
  81.         $this->ssoServerCacheCheck $params->get('sso_server_cache_check');
  82.         $this->authManager     $authManager;
  83.         $this->authorizationChecker $authorizationChecker;
  84.         $this->request         $requestStack->getCurrentRequest();
  85.         $this->tokenStorage    $tokenStorage;
  86.     }
  87.     
  88.     
  89.     public function authenticate(Request $request): PassportInterface
  90.     {
  91.         
  92.         $credentials = [
  93.             '_username'  => $request->request->get('_username'),
  94.             '_password'  => $request->request->get('_password'),
  95.             'csrf_token' => $request->request->get('_csrf_token'),
  96.         ];
  97.     }
  98.     
  99.     
  100.     
  101.     public function supports(Request $request)
  102.     {
  103.         return self::LOGIN_ROUTE === $request->attributes->get('_route')
  104.                && $request->isMethod('POST');
  105.     }
  106.     public function getCredentials(Request $request)
  107.     {
  108.         //$auth_checker = $this->get('security.authorization_checker');
  109.         //$isRoleUser = $this->authorizationChecker->isGranted('ROLE_USER');
  110.         $credentials = [
  111.             '_username'  => $request->request->get('_username'),
  112.             '_password'  => $request->request->get('_password'),
  113.             'csrf_token' => $request->request->get('_csrf_token'),
  114.         ];
  115.         $request->getSession()->set(
  116.             Security::LAST_USERNAME,
  117.             $credentials['_username']
  118.         );
  119.         $request->getSession()->set(
  120.             'sso_token',
  121.             $this->customerService->encryptParameter(md5($credentials['_username'].$credentials['_password']))
  122.             );
  123.        
  124.         return $credentials;
  125.     }
  126.     public function getUser($credentialsUserProviderInterface $userProvider)
  127.     {
  128.         
  129.         
  130.         $token = new CsrfToken('authenticate'$credentials['csrf_token']);
  131.         
  132.         if ( ! $this->csrfTokenManager->isTokenValid($token)) {
  133.             throw new InvalidCsrfTokenException();
  134.         }
  135.         
  136.        
  137.         /** @var Response $loginCheck */
  138.         $loginCheck $this->customerService->loginCheckAction($credentials);
  139.         $response   $loginCheck->getContent();
  140.         if (strpos($response'Username or password don')) {
  141.             throw new UsernameNotFoundException(
  142.                 sprintf('Username "%s" does not exist.''$username')
  143.             );
  144.         }
  145.         $response json_decode($responsetrue);
  146.         return $this->customerService->syncUser($response['name']);
  147.     }
  148.     public function checkCredentials($credentialsUserInterface $user)
  149.     {
  150.         return true;
  151.         return !empty($user)?true:false;
  152.     }
  153.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  154.     {
  155.         
  156.         $postAppKeyParam      'appKey=' $this->customerService->encryptParameter($this->appKey);
  157.         $postAppSecretParam   '&appSecret=' $this->customerService->encryptParameter($this->appSecret);
  158.         $postUsernameParam    '&username=' .  $request->getSession()->get('sso_token');
  159.         $postUrlBackLinkParam '&urlBackLink=' $this->customerService->encryptParameter($this->urlGenerator->generate('index',
  160.                 [], UrlGeneratorInterface::ABSOLUTE_URL));
  161.         return new RedirectResponse($this->ssoServerCacheCheck '?' $postAppKeyParam $postAppSecretParam $postUsernameParam $postUrlBackLinkParam,
  162.             Response::HTTP_MOVED_PERMANENTLY);
  163.     }
  164.     protected function getLoginUrl()
  165.     {
  166.         return $this->urlGenerator->generate(self::LOGIN_ROUTE);
  167.     }
  168.     public function getPassword($credentials): ?string
  169.     {
  170.         return $credentials['_password'];
  171.     }
  172.     public function supportsRememberMe(): bool
  173.     {
  174.         return true;
  175.     }
  176. }