vendor/symfony/security-http/Firewall/BasicAuthenticationListener.php line 25

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpKernel\Event\RequestEvent;
  17. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  18. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  19. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  20. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  21. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  22. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  23. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  25. trigger_deprecation('symfony/security-http''5.3''The "%s" class is deprecated, use the new authenticator system instead.'AnonymousAuthenticationListener::class);
  27. /**
  28.  * BasicAuthenticationListener implements Basic HTTP authentication.
  29.  *
  30.  * @author Fabien Potencier <fabien@symfony.com>
  31.  *
  32.  * @final
  33.  *
  34.  * @deprecated since Symfony 5.3, use the new authenticator system instead
  35.  */
  36. class BasicAuthenticationListener extends AbstractListener
  37. {
  38.     private $tokenStorage;
  39.     private $authenticationManager;
  40.     private $providerKey;
  41.     private $authenticationEntryPoint;
  42.     private $logger;
  43.     private $ignoreFailure;
  44.     private $sessionStrategy;
  46.     public function __construct(TokenStorageInterface $tokenStorageAuthenticationManagerInterface $authenticationManagerstring $providerKeyAuthenticationEntryPointInterface $authenticationEntryPointLoggerInterface $logger null)
  47.     {
  48.         if (empty($providerKey)) {
  49.             throw new \InvalidArgumentException('$providerKey must not be empty.');
  50.         }
  52.         $this->tokenStorage $tokenStorage;
  53.         $this->authenticationManager $authenticationManager;
  54.         $this->providerKey $providerKey;
  55.         $this->authenticationEntryPoint $authenticationEntryPoint;
  56.         $this->logger $logger;
  57.         $this->ignoreFailure false;
  58.     }
  60.     /**
  61.      * {@inheritdoc}
  62.      */
  63.     public function supports(Request $request): ?bool
  64.     {
  65.         return null !== $request->headers->get('PHP_AUTH_USER');
  66.     }
  68.     /**
  69.      * Handles basic authentication.
  70.      */
  71.     public function authenticate(RequestEvent $event)
  72.     {
  73.         $request $event->getRequest();
  75.         if (null === $username $request->headers->get('PHP_AUTH_USER')) {
  76.             return;
  77.         }
  79.         if (null !== $token $this->tokenStorage->getToken()) {
  80.             // @deprecated since Symfony 5.3, change to $token->getUserIdentifier() in 6.0
  81.             if ($token instanceof UsernamePasswordToken && $token->isAuthenticated(false) && (method_exists($token'getUserIdentifier') ? $token->getUserIdentifier() : $token->getUsername()) === $username) {
  82.                 return;
  83.             }
  84.         }
  86.         if (null !== $this->logger) {
  87.             $this->logger->info('Basic authentication Authorization header found for user.', ['username' => $username]);
  88.         }
  90.         try {
  91.             $previousToken $token;
  92.             $token $this->authenticationManager->authenticate(new UsernamePasswordToken($username$request->headers->get('PHP_AUTH_PW'), $this->providerKey));
  94.             $this->migrateSession($request$token$previousToken);
  96.             $this->tokenStorage->setToken($token);
  97.         } catch (AuthenticationException $e) {
  98.             $token $this->tokenStorage->getToken();
  99.             if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getFirewallName()) {
  100.                 $this->tokenStorage->setToken(null);
  101.             }
  103.             if (null !== $this->logger) {
  104.                 $this->logger->info('Basic authentication failed for user.', ['username' => $username'exception' => $e]);
  105.             }
  107.             if ($this->ignoreFailure) {
  108.                 return;
  109.             }
  111.             $event->setResponse($this->authenticationEntryPoint->start($request$e));
  112.         }
  113.     }
  115.     /**
  116.      * Call this method if your authentication token is stored to a session.
  117.      *
  118.      * @final
  119.      */
  120.     public function setSessionAuthenticationStrategy(SessionAuthenticationStrategyInterface $sessionStrategy)
  121.     {
  122.         $this->sessionStrategy $sessionStrategy;
  123.     }
  125.     private function migrateSession(Request $requestTokenInterface $token, ?TokenInterface $previousToken)
  126.     {
  127.         if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) {
  128.             return;
  129.         }
  131.         if ($previousToken) {
  132.             $user method_exists($token'getUserIdentifier') ? $token->getUserIdentifier() : $token->getUsername();
  133.             $previousUser method_exists($previousToken'getUserIdentifier') ? $previousToken->getUserIdentifier() : $previousToken->getUsername();
  135.             if ('' !== ($user ?? '') && $user === $previousUser) {
  136.                 return;
  137.             }
  138.         }
  140.         $this->sessionStrategy->onAuthentication($request$token);
  141.     }
  142. }