vendor/symfony/security-http/Authenticator/JsonLoginAuthenticator.php line 47

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Authenticator;
  14. use Symfony\Component\HttpFoundation\JsonResponse;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  18. use Symfony\Component\PropertyAccess\Exception\AccessException;
  19. use Symfony\Component\PropertyAccess\PropertyAccess;
  20. use Symfony\Component\PropertyAccess\PropertyAccessorInterface;
  21. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  22. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  23. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  24. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  25. use Symfony\Component\Security\Core\Security;
  26. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  27. use Symfony\Component\Security\Core\User\UserProviderInterface;
  28. use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
  29. use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
  30. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  31. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  32. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  33. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  34. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  35. use Symfony\Component\Security\Http\HttpUtils;
  36. use Symfony\Contracts\Translation\TranslatorInterface;
  38. /**
  39.  * Provides a stateless implementation of an authentication via
  40.  * a JSON document composed of a username and a password.
  41.  *
  42.  * @author Kévin Dunglas <dunglas@gmail.com>
  43.  * @author Wouter de Jong <wouter@wouterj.nl>
  44.  *
  45.  * @final
  46.  */
  47. class JsonLoginAuthenticator implements InteractiveAuthenticatorInterface
  48. {
  49.     private $options;
  50.     private $httpUtils;
  51.     private $userProvider;
  52.     private $propertyAccessor;
  53.     private $successHandler;
  54.     private $failureHandler;
  56.     /**
  57.      * @var TranslatorInterface|null
  58.      */
  59.     private $translator;
  61.     public function __construct(HttpUtils $httpUtilsUserProviderInterface $userProviderAuthenticationSuccessHandlerInterface $successHandler nullAuthenticationFailureHandlerInterface $failureHandler null, array $options = [], PropertyAccessorInterface $propertyAccessor null)
  62.     {
  63.         $this->options array_merge(['username_path' => 'username''password_path' => 'password'], $options);
  64.         $this->httpUtils $httpUtils;
  65.         $this->successHandler $successHandler;
  66.         $this->failureHandler $failureHandler;
  67.         $this->userProvider $userProvider;
  68.         $this->propertyAccessor $propertyAccessor ?: PropertyAccess::createPropertyAccessor();
  69.     }
  71.     public function supports(Request $request): ?bool
  72.     {
  73.         $request->headers->set('Content-Type''application/json');
  74.         if (false === strpos($request->getRequestFormat() ?? '''json') && false === strpos($request->getContentType() ?? '''json')) {
  75.             return false;
  76.         }
  78.         if (isset($this->options['check_path']) && !$this->httpUtils->checkRequestPath($request$this->options['check_path'])) {
  79.             return false;
  80.         }
  82.         return true;
  83.     }
  85.     public function authenticate(Request $request): PassportInterface
  86.     {
  87.         $request->headers->set('Content-Type''application/json');
  88.         try {
  89.             $credentials $this->getCredentials($request);
  90.         } catch (BadRequestHttpException $e) {
  91.             $request->setRequestFormat('json');
  93.             throw $e;
  94.         }
  96.         // @deprecated since Symfony 5.3, change to $this->userProvider->loadUserByIdentifier() in 6.0
  97.         $method 'loadUserByIdentifier';
  98.         if (!method_exists($this->userProvider'loadUserByIdentifier')) {
  99.             trigger_deprecation('symfony/security-core''5.3''Not implementing method "loadUserByIdentifier()" in user provider "%s" is deprecated. This method will replace "loadUserByUsername()" in Symfony 6.0.'get_debug_type($this->userProvider));
  101.             $method 'loadUserByUsername';
  102.         }
  104.         $passport = new Passport(
  105.             new UserBadge($credentials['username'], [$this->userProvider$method]),
  106.             new PasswordCredentials($credentials['password'])
  107.         );
  108.         if ($this->userProvider instanceof PasswordUpgraderInterface) {
  109.             $passport->addBadge(new PasswordUpgradeBadge($credentials['password'], $this->userProvider));
  110.         }
  112.         return $passport;
  113.     }
  115.     /**
  116.      * @deprecated since Symfony 5.4, use {@link createToken()} instead
  117.      */
  118.     public function createAuthenticatedToken(PassportInterface $passportstring $firewallName): TokenInterface
  119.     {
  120.         trigger_deprecation('symfony/security-http''5.4''Method "%s()" is deprecated, use "%s::createToken()" instead.'__METHOD____CLASS__);
  122.         return $this->createToken($passport$firewallName);
  123.     }
  125.     public function createToken(Passport $passportstring $firewallName): TokenInterface
  126.     {
  127.         return new UsernamePasswordToken($passport->getUser(), $firewallName$passport->getUser()->getRoles());
  128.     }
  130.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  131.     {
  132.         if (null === $this->successHandler) {
  133.             return null// let the original request continue
  134.         }
  136.         return $this->successHandler->onAuthenticationSuccess($request$token);
  137.     }
  139.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  140.     {
  141.         if (null === $this->failureHandler) {
  142.             if (null !== $this->translator) {
  143.                 $errorMessage $this->translator->trans($exception->getMessageKey(), $exception->getMessageData(), 'security');
  144.             } else {
  145.                 $errorMessage strtr($exception->getMessageKey(), $exception->getMessageData());
  146.             }
  148.             return new JsonResponse(['error' => $errorMessage], JsonResponse::HTTP_UNAUTHORIZED);
  149.         }
  151.         return $this->failureHandler->onAuthenticationFailure($request$exception);
  152.     }
  154.     public function isInteractive(): bool
  155.     {
  156.         return true;
  157.     }
  159.     public function setTranslator(TranslatorInterface $translator)
  160.     {
  161.         $this->translator $translator;
  162.     }
  164.     private function getCredentials(Request $request)
  165.     {
  166.         $request->headers->set('Content-Type''application/json');
  167.        // $data = json_decode($request->getContent());
  168.         $data json_decode(file_get_contents('php://input'));
  169.        
  170.         
  171.         if (!$data instanceof \stdClass) {
  172.             throw new BadRequestHttpException('Invalid JSON.');
  173.         }
  175.         $credentials = [];
  176.         try {
  177.             $credentials['username'] = $this->propertyAccessor->getValue($data$this->options['username_path']);
  179.             if (!\is_string($credentials['username'])) {
  180.                 throw new BadRequestHttpException(sprintf('The key "%s" must be a string.'$this->options['username_path']));
  181.             }
  183.             if (\strlen($credentials['username']) > Security::MAX_USERNAME_LENGTH) {
  184.                 throw new BadCredentialsException('Invalid username.');
  185.             }
  186.         } catch (AccessException $e) {
  187.             throw new BadRequestHttpException(sprintf('The key "%s" must be provided.'$this->options['username_path']), $e);
  188.         }
  190.         try {
  191.             $credentials['password'] = $this->propertyAccessor->getValue($data$this->options['password_path']);
  193.             if (!\is_string($credentials['password'])) {
  194.                 throw new BadRequestHttpException(sprintf('The key "%s" must be a string.'$this->options['password_path']));
  195.             }
  196.         } catch (AccessException $e) {
  197.             throw new BadRequestHttpException(sprintf('The key "%s" must be provided.'$this->options['password_path']), $e);
  198.         }
  200.         return $credentials;
  201.     }
  202. }