1
|
|
|
<?php |
2
|
|
|
declare(strict_types=1); |
3
|
|
|
/** |
4
|
|
|
* CakePHP(tm) : Rapid Development Framework (https://cakephp.org) |
5
|
|
|
* Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org) |
6
|
|
|
* |
7
|
|
|
* Licensed under The MIT License |
8
|
|
|
* For full copyright and license information, please see the LICENSE.txt |
9
|
|
|
* Redistributions of files must retain the above copyright notice. |
10
|
|
|
* |
11
|
|
|
* @copyright Copyright (c) Cake Software Foundation, Inc. (https://cakefoundation.org) |
12
|
|
|
* @link https://cakephp.org CakePHP(tm) Project |
13
|
|
|
* @since 1.0.0 |
14
|
|
|
* @license https://opensource.org/licenses/mit-license.php MIT License |
15
|
|
|
*/ |
16
|
|
|
namespace Phauthentic\Authentication\Middleware; |
17
|
|
|
|
18
|
|
|
use Cake\Core\InstanceConfigTrait; |
19
|
|
|
use Phauthentic\Authentication\AuthenticationServiceProviderInterface; |
20
|
|
|
use Psr\Http\Message\ResponseInterface; |
21
|
|
|
use Psr\Http\Message\ServerRequestInterface; |
22
|
|
|
use RuntimeException; |
23
|
|
|
|
24
|
|
|
/** |
25
|
|
|
* Authentication Middleware |
26
|
|
|
*/ |
27
|
|
|
class CakeAuthenticationMiddleware |
28
|
|
|
{ |
29
|
|
|
use InstanceConfigTrait; |
30
|
|
|
|
31
|
|
|
/** |
32
|
|
|
* Configuration options |
33
|
|
|
* |
34
|
|
|
* - `serviceAttribute` - The request attribute to store the service in. |
35
|
|
|
* - `identityAttribute` - The request attribute to store the identity in. |
36
|
|
|
* parameter with the previously blocked URL. |
37
|
|
|
*/ |
38
|
|
|
protected $_defaultConfig = [ |
39
|
|
|
'serviceAttribute' => 'authentication', |
40
|
|
|
'identityAttribute' => 'identity', |
41
|
|
|
]; |
42
|
|
|
|
43
|
|
|
/** |
44
|
|
|
* @var AuthenticationServiceProviderInterface |
45
|
|
|
*/ |
46
|
|
|
protected $provider; |
47
|
|
|
|
48
|
|
|
/** |
49
|
|
|
* Constructor. |
50
|
|
|
* |
51
|
|
|
* @param AuthenticationServiceProviderInterface $provider Provider. |
52
|
|
|
* @param array $config Config. |
53
|
|
|
*/ |
54
|
3 |
|
public function __construct(AuthenticationServiceProviderInterface $provider, array $config = []) |
55
|
|
|
{ |
56
|
3 |
|
$this->provider = $provider; |
57
|
3 |
|
$this->setConfig($config); |
58
|
3 |
|
} |
59
|
|
|
|
60
|
|
|
/** |
61
|
|
|
* Callable implementation for the middleware stack. |
62
|
|
|
* |
63
|
|
|
* @param ServerRequestInterface $request The request. |
64
|
|
|
* @param ResponseInterface $response The response. |
65
|
|
|
* @param callable $next The next middleware to call. |
66
|
|
|
* @return ResponseInterface A response. |
67
|
|
|
*/ |
68
|
3 |
|
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, $next) |
69
|
|
|
{ |
70
|
3 |
|
$service = $this->provider->getAuthenticationService($request); |
71
|
3 |
|
$request = $this->addAttribute($request, $this->getConfig('serviceAttribute'), $service); |
72
|
|
|
|
73
|
3 |
|
$service->authenticate($request); |
74
|
|
|
|
75
|
3 |
|
$identity = $service->getIdentity(); |
76
|
3 |
|
$request = $this->addAttribute($request, $this->getConfig('identityAttribute'), $identity); |
77
|
|
|
|
78
|
3 |
|
$response = $next($request, $response); |
79
|
3 |
|
$result = $service->persistIdentity($request, $response); |
80
|
|
|
|
81
|
3 |
|
return $result->getResponse(); |
82
|
|
|
} |
83
|
|
|
|
84
|
|
|
/** |
85
|
|
|
* Adds an attribute to the request and returns a modified request. |
86
|
|
|
* |
87
|
|
|
* @param ServerRequestInterface $request Request. |
88
|
|
|
* @param string $name Attribute name. |
89
|
|
|
* @param mixed $value Attribute value. |
90
|
|
|
* @return ServerRequestInterface |
91
|
|
|
* @throws RuntimeException When attribute is present. |
92
|
|
|
*/ |
93
|
3 |
|
protected function addAttribute(ServerRequestInterface $request, string $name, $value): ServerRequestInterface |
94
|
|
|
{ |
95
|
3 |
|
if ($request->getAttribute($name)) { |
96
|
|
|
$message = sprintf('Request attribute `%s` already exists.', $name); |
97
|
|
|
throw new RuntimeException($message); |
98
|
|
|
} |
99
|
|
|
|
100
|
3 |
|
return $request->withAttribute($name, $value); |
101
|
|
|
} |
102
|
|
|
|
103
|
|
|
} |
104
|
|
|
|