This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace AerialShip\SamlSPBundle\DependencyInjection\Security\Factory; |
||
4 | |||
5 | use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory; |
||
6 | use Symfony\Component\Config\Definition\Builder\NodeDefinition; |
||
7 | use Symfony\Component\DependencyInjection\ContainerBuilder; |
||
8 | use Symfony\Component\DependencyInjection\DefinitionDecorator; |
||
9 | use Symfony\Component\DependencyInjection\Reference; |
||
10 | |||
11 | class SamlSpFactory extends AbstractFactory |
||
12 | { |
||
13 | |||
14 | 23 | function __construct() |
|
0 ignored issues
–
show
|
|||
15 | { |
||
16 | 23 | $this->defaultSuccessHandlerOptions['login_path'] = '/saml/sp/login'; |
|
17 | 23 | $this->defaultFailureHandlerOptions['login_path'] = '/saml/sp/login'; |
|
18 | 23 | $this->defaultFailureHandlerOptions['failure_path'] = '/saml/sp/failure'; |
|
19 | |||
20 | // these are available in listener->options[] |
||
21 | 23 | $this->addOption('require_previous_session', false); // otherwise it will end up with throw new SessionUnavailableException('Your session has timed out, or you have disabled cookies.'); on each new session |
|
22 | 23 | $this->addOption('login_path', '/saml/sp/login'); |
|
23 | 23 | $this->addOption('check_path', '/saml/sp/acs'); |
|
24 | 23 | $this->addOption('logout_path', '/saml/sp/logout'); |
|
25 | 23 | $this->addOption('failure_path', '/saml/sp/failure'); |
|
26 | 23 | $this->addOption('local_logout_path', '/logout'); |
|
27 | 23 | $this->addOption('target_path_parameter', $this->defaultSuccessHandlerOptions['target_path_parameter']); |
|
28 | 23 | } |
|
29 | |||
30 | 20 | public function addConfiguration(NodeDefinition $node) |
|
31 | { |
||
32 | 20 | parent::addConfiguration($node); |
|
33 | 20 | $node->children() |
|
0 ignored issues
–
show
It seems like you code against a specific sub-type and not the parent class
Symfony\Component\Config...\Builder\NodeDefinition as the method children() does only exist in the following sub-classes of Symfony\Component\Config...\Builder\NodeDefinition : Symfony\Component\Config...der\ArrayNodeDefinition . Maybe you want to instanceof check for one of these explicitly?
Let’s take a look at an example: abstract class User
{
/** @return string */
abstract public function getPassword();
}
class MyUser extends User
{
public function getPassword()
{
// return something
}
public function getDisplayName()
{
// return some name.
}
}
class AuthSystem
{
public function authenticate(User $user)
{
$this->logger->info(sprintf('Authenticating %s.', $user->getDisplayName()));
// do something.
}
}
In the above example, the authenticate() method works fine as long as you just pass instances of MyUser. However, if you now also want to pass a different sub-classes of User which does not have a getDisplayName() method, the code will break. Available Fixes
Note: PHP Analyzer uses reverse abstract interpretation to narrow down the types
inside the if block in such a case.
Loading history...
|
|||
34 | 20 | ->scalarNode('relying_party')->defaultValue(null)->end() |
|
35 | 20 | ->scalarNode('login_path')->defaultValue('/saml/sp/login')->cannotBeEmpty()->end() |
|
36 | 20 | ->scalarNode('check_path')->defaultValue('/saml/sp/acs')->cannotBeEmpty()->end() |
|
37 | 20 | ->scalarNode('logout_path')->defaultValue('/saml/sp/logout')->cannotBeEmpty()->end() |
|
38 | 20 | ->scalarNode('failure_path')->defaultValue('/saml/sp/failure')->cannotBeEmpty()->end() |
|
39 | 20 | ->scalarNode('metadata_path')->defaultValue('/saml/sp/FederationMetadata.xml')->cannotBeEmpty()->end() |
|
40 | 20 | ->scalarNode('discovery_path')->defaultValue('/saml/sp/discovery')->cannotBeEmpty()->end() |
|
41 | 20 | ->scalarNode('local_logout_path')->defaultValue('/logout')->cannotBeEmpty()->end() |
|
42 | 20 | ->booleanNode('create_user_if_not_exists')->defaultFalse()->end() |
|
43 | 20 | ->arrayNode('services') |
|
44 | 20 | ->isRequired() |
|
45 | 20 | ->requiresAtLeastOneElement() |
|
46 | 20 | ->useAttributeAsKey('name') |
|
47 | 20 | ->prototype('array') |
|
48 | 20 | ->children() |
|
49 | 20 | ->arrayNode('idp')->isRequired() |
|
50 | 20 | ->children() |
|
51 | 20 | ->scalarNode('file')->end() |
|
52 | 20 | ->scalarNode('entity_id')->end() |
|
53 | 20 | ->scalarNode('id')->end() |
|
54 | 20 | ->end() |
|
55 | 20 | ->end() |
|
56 | 20 | ->arrayNode('sp')->addDefaultsIfNotSet() |
|
57 | 20 | ->children() |
|
58 | 20 | ->arrayNode('config')->addDefaultsIfNotSet() |
|
59 | 20 | ->children() |
|
60 | 20 | ->scalarNode('entity_id')->cannotBeEmpty()->isRequired()->end() |
|
61 | 20 | ->scalarNode('base_url')->defaultValue(null)->end() |
|
62 | 20 | ->booleanNode('want_assertions_signed')->cannotBeEmpty()->defaultFalse()->end() |
|
63 | 20 | ->end() |
|
64 | 20 | ->end() |
|
65 | 20 | ->arrayNode('signing')->addDefaultsIfNotSet() |
|
66 | 20 | ->children() |
|
67 | 20 | ->scalarNode('id')->cannotBeEmpty()->end() |
|
68 | 20 | ->scalarNode('cert_file')->end() |
|
69 | 20 | ->scalarNode('key_file')->end() |
|
70 | 20 | ->scalarNode('key_pass')->end() |
|
71 | 20 | ->end() |
|
72 | 20 | ->end() |
|
73 | 20 | ->arrayNode('meta')->addDefaultsIfNotSet() |
|
74 | 20 | ->children() |
|
75 | 20 | ->scalarNode('id')->end() |
|
76 | 20 | ->scalarNode('name_id_format') |
|
77 | 20 | ->cannotBeEmpty() |
|
78 | 20 | ->defaultValue('persistent') |
|
79 | 20 | ->end() |
|
80 | 20 | ->arrayNode('binding')->addDefaultsIfNotSet() |
|
81 | 20 | ->children() |
|
82 | 20 | ->enumNode('authn_request') |
|
83 | 20 | ->values(array('redirect', 'post')) |
|
84 | 20 | ->defaultValue('redirect') |
|
85 | 20 | ->cannotBeEmpty() |
|
86 | 20 | ->end() |
|
87 | 20 | ->enumNode('response') |
|
88 | 20 | ->values(array('redirect', 'post')) |
|
89 | 20 | ->defaultValue('post') |
|
90 | 20 | ->cannotBeEmpty() |
|
91 | 20 | ->end() |
|
92 | 20 | ->enumNode('logout_request') |
|
93 | 20 | ->values(array('redirect', 'post')) |
|
94 | 20 | ->defaultValue('redirect') |
|
95 | 20 | ->cannotBeEmpty() |
|
96 | 20 | ->end() |
|
97 | 20 | ->end() |
|
98 | 20 | ->end() |
|
99 | 20 | ->end() |
|
100 | 20 | ->end() |
|
101 | 20 | ->end() |
|
102 | 20 | ->end() |
|
103 | 20 | ->end() |
|
104 | 20 | ->end() |
|
105 | 20 | ->end() |
|
106 | 20 | ->end(); |
|
107 | 20 | } |
|
108 | |||
109 | |||
110 | 13 | protected function createListener($container, $id, $config, $userProvider) |
|
111 | { |
||
112 | 13 | $this->addOption('login_path', $config['login_path']); |
|
113 | 13 | $this->addOption('check_path', $config['check_path']); |
|
114 | 13 | $this->addOption('logout_path', $config['logout_path']); |
|
115 | 13 | $this->addOption('failure_path', $config['failure_path']); |
|
116 | 13 | $this->addOption('metadata_path', $config['metadata_path']); |
|
117 | 13 | $this->addOption('discovery_path', $config['discovery_path']); |
|
118 | 13 | $this->addOption('local_logout_path', $config['local_logout_path']); |
|
119 | |||
120 | 13 | $this->createServiceInfoCollection($container, $id, $config); |
|
121 | 13 | $this->createStateStores($container, $id, $config); |
|
122 | 13 | $this->createRelyingParties($container, $id, $config); |
|
123 | |||
124 | 13 | $listenerId = parent::createListener($container, $id, $config, $userProvider); |
|
125 | |||
126 | 13 | if ($config['relying_party']) { |
|
127 | $container |
||
128 | 1 | ->getDefinition($listenerId) |
|
129 | 1 | ->addMethodCall('setRelyingParty', array(new Reference($config['relying_party']))) |
|
130 | ; |
||
131 | 1 | } else { |
|
132 | $container |
||
133 | 12 | ->getDefinition($listenerId) |
|
134 | 12 | ->addMethodCall('setRelyingParty', array(new Reference('aerial_ship_saml_sp.relying_party.composite.'.$id))) |
|
135 | ; |
||
136 | } |
||
137 | |||
138 | 13 | return $listenerId; |
|
139 | } |
||
140 | |||
141 | |||
142 | |||
143 | |||
144 | 13 | protected function createServiceInfoCollection(ContainerBuilder $container, $id, array $config) |
|
145 | { |
||
146 | 13 | $collection = new DefinitionDecorator('aerial_ship_saml_sp.service_info_collection'); |
|
147 | 13 | $container->setDefinition("aerial_ship_saml_sp.service_info_collection.{$id}", $collection); |
|
148 | |||
149 | 13 | foreach ($config['services'] as $name => $asConfig) { |
|
150 | 13 | $this->createSPSigningProvider($container, $id, $name, $asConfig['sp']['signing']); |
|
151 | 13 | $this->createSPEntityDescriptorBuilder($container, $id, $name, $asConfig['sp']['config'], $config['check_path'], $config['logout_path']); |
|
152 | 13 | $this->createIDPEntityDescriptorBuilder($container, $id, $name, $asConfig['idp']); |
|
153 | 13 | $this->createSPMetaProvider($container, $id, $name, $asConfig['sp']['meta']); |
|
154 | |||
155 | 13 | $provider = new DefinitionDecorator('aerial_ship_saml_sp.service_info'); |
|
156 | |||
157 | 13 | $provider->replaceArgument(0, $id); |
|
158 | 13 | $provider->replaceArgument(1, $name); |
|
159 | 13 | $provider->replaceArgument(2, new Reference("aerial_ship_saml_sp.sp_entity_descriptor_builder.{$id}.{$name}")); |
|
160 | 13 | $provider->replaceArgument(3, new Reference("aerial_ship_saml_sp.idp_entity_descriptor_provider.{$id}.{$name}")); |
|
161 | 13 | $provider->replaceArgument(4, new Reference("aerial_ship_saml_sp.sp_meta_provider.{$id}.{$name}")); |
|
162 | 13 | $provider->replaceArgument(5, new Reference("aerial_ship_saml_sp.sp_signing.{$id}.{$name}")); |
|
163 | |||
164 | 13 | $container->setDefinition("aerial_ship_saml_sp.service_info.{$id}.{$name}", $provider); |
|
165 | |||
166 | 13 | $collection->addMethodCall('add', array(new Reference("aerial_ship_saml_sp.service_info.{$id}.{$name}"))); |
|
167 | 13 | } |
|
168 | 13 | } |
|
169 | |||
170 | 13 | protected function createSPSigningProvider(ContainerBuilder $container, $id, $name, array $config) |
|
171 | { |
||
172 | 13 | $serviceID = "aerial_ship_saml_sp.sp_signing.{$id}.{$name}"; |
|
173 | 13 | if (isset($config['id'])) { |
|
174 | $container->setAlias($serviceID, $config['id']); |
||
175 | 13 | } else if (isset($config['cert_file']) && |
|
176 | isset($config['key_file']) |
||
177 | 13 | ) { |
|
178 | $service = new DefinitionDecorator('aerial_ship_saml_sp.sp_signing.file'); |
||
179 | $service->replaceArgument(1, $config['cert_file']); |
||
180 | $service->replaceArgument(2, $config['key_file']); |
||
181 | $service->replaceArgument(3, array_key_exists('key_pass', $config) ? $config['key_pass'] : null); |
||
182 | $container->setDefinition($serviceID, $service); |
||
183 | } else { |
||
184 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.sp_signing.null'); |
|
185 | 13 | $container->setDefinition($serviceID, $service); |
|
186 | } |
||
187 | 13 | } |
|
188 | |||
189 | 13 | protected function createSPEntityDescriptorBuilder(ContainerBuilder $container, $id, $name, array $config, $checkPath, $logoutPath) |
|
190 | { |
||
191 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.sp_entity_descriptor_builder'); |
|
192 | 13 | $service->replaceArgument(0, $name); |
|
193 | 13 | $service->replaceArgument(1, new Reference("aerial_ship_saml_sp.sp_signing.{$id}.{$name}")); |
|
194 | 13 | $service->replaceArgument(2, $config); |
|
195 | 13 | $service->replaceArgument(3, $checkPath); |
|
196 | 13 | $service->replaceArgument(4, $logoutPath); |
|
197 | 13 | $container->setDefinition("aerial_ship_saml_sp.sp_entity_descriptor_builder.{$id}.{$name}", $service); |
|
198 | 13 | } |
|
199 | |||
200 | 13 | protected function createIDPEntityDescriptorBuilder(ContainerBuilder $container, $id, $name, array $config) |
|
201 | { |
||
202 | 13 | $serviceID = "aerial_ship_saml_sp.idp_entity_descriptor_provider.{$id}.{$name}"; |
|
203 | 13 | if (isset($config['id'])) { |
|
204 | 1 | $container->setAlias($serviceID, $config['id']); |
|
205 | 1 | } else { |
|
206 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.idp_entity_descriptor_provider'); |
|
207 | 13 | $container->setDefinition($serviceID, $service); |
|
208 | 13 | if (isset($config['file'])) { |
|
209 | 13 | $service->addMethodCall('setFilename', array($config['file'])); |
|
210 | 13 | if (isset($config['entity_id'])) { |
|
211 | $service->addMethodCall('setEntityId', array($config['entity_id'])); |
||
212 | } |
||
213 | 13 | } |
|
214 | } |
||
215 | 13 | } |
|
216 | |||
217 | 13 | protected function createSPMetaProvider(ContainerBuilder $container, $id, $name, array $config) |
|
218 | { |
||
219 | 13 | $serviceID = "aerial_ship_saml_sp.sp_meta_provider.{$id}.{$name}"; |
|
220 | 13 | if (isset($config['id'])) { |
|
221 | 1 | $container->setAlias($serviceID, $config['id']); |
|
222 | 1 | } else { |
|
223 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.sp_meta_provider'); |
|
224 | 13 | $service->replaceArgument(0, $config); |
|
225 | 13 | $container->setDefinition("aerial_ship_saml_sp.sp_meta_provider.{$id}.{$name}", $service); |
|
226 | } |
||
227 | |||
228 | 13 | } |
|
229 | |||
230 | |||
231 | 13 | protected function createStateStores(ContainerBuilder $container, $id, array $config) |
|
232 | { |
||
233 | 13 | $this->createRequestStore($container, $id, $config); |
|
234 | 13 | } |
|
235 | |||
236 | 13 | protected function createRequestStore(ContainerBuilder $container, $id, array $config) |
|
0 ignored issues
–
show
|
|||
237 | { |
||
238 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.state.store.request'); |
|
239 | 13 | $service->replaceArgument(1, $id); |
|
240 | 13 | $container->setDefinition('aerial_ship_saml_sp.state.store.request.'.$id, $service); |
|
241 | 13 | } |
|
242 | |||
243 | 13 | protected function createRelyingParties(ContainerBuilder $container, $id, array $config) |
|
244 | { |
||
245 | 13 | $this->createRelyingPartyDiscovery($container, $id, $config); |
|
246 | 13 | $this->createRelyingPartyFederationMetadata($container, $id, $config); |
|
247 | 13 | $this->createRelyingPartyAuthenticate($container, $id); |
|
248 | 13 | $this->createRelyingPartyAssertionConsumer($container, $id); |
|
249 | 13 | $this->createRelyingPartyLogout($container, $id); |
|
250 | 13 | $this->createRelyingPartySSOSessionCheck($container, $id); |
|
251 | 13 | $this->createRelyingPartyComposite($container, $id); |
|
252 | 13 | } |
|
253 | |||
254 | 13 | protected function createRelyingPartyDiscovery(ContainerBuilder $container, $id, array $config) |
|
0 ignored issues
–
show
|
|||
255 | { |
||
256 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.discovery'); |
|
257 | 13 | $service->replaceArgument(1, new Reference("aerial_ship_saml_sp.service_info_collection.{$id}")); |
|
258 | 13 | $container->setDefinition("aerial_ship_saml_sp.relying_party.discovery.{$id}", $service); |
|
259 | 13 | } |
|
260 | |||
261 | 13 | protected function createRelyingPartyFederationMetadata(ContainerBuilder $container, $id, array $config) |
|
0 ignored issues
–
show
|
|||
262 | { |
||
263 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.federation_metadata'); |
|
264 | 13 | $service->replaceArgument(0, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
265 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.federation_metadata.'.$id, $service); |
|
266 | 13 | } |
|
267 | |||
268 | 13 | protected function createRelyingPartyAuthenticate(ContainerBuilder $container, $id) |
|
269 | { |
||
270 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.authenticate'); |
|
271 | 13 | $service->replaceArgument(0, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
272 | 13 | $service->replaceArgument(1, new Reference('aerial_ship_saml_sp.state.store.request.'.$id)); |
|
273 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.authenticate.'.$id, $service); |
|
274 | 13 | } |
|
275 | |||
276 | 13 | protected function createRelyingPartyAssertionConsumer(ContainerBuilder $container, $id) |
|
277 | { |
||
278 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.assertion_consumer'); |
|
279 | 13 | $service->replaceArgument(1, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
280 | 13 | $service->replaceArgument(2, new Reference('aerial_ship_saml_sp.state.store.request.'.$id)); |
|
281 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.assertion_consumer.'.$id, $service); |
|
282 | 13 | } |
|
283 | |||
284 | 13 | protected function createRelyingPartySSOSessionCheck(ContainerBuilder $container, $id) |
|
285 | { |
||
286 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.sso_session_check'); |
|
287 | 13 | $service->replaceArgument(0, $id); |
|
288 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.sso_session_check.'.$id, $service); |
|
289 | 13 | } |
|
290 | |||
291 | 13 | protected function createRelyingPartyLogout(ContainerBuilder $container, $id) |
|
292 | { |
||
293 | 13 | $this->createRelyingPartyLogoutSendRequest($container, $id); |
|
294 | 13 | $this->createRelyingPartyLogoutReceiveResponse($container, $id); |
|
295 | 13 | $this->createRelyingPartyLogoutReceiveRequest($container, $id); |
|
296 | |||
297 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.logout'); |
|
298 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.logout.'.$id, $service); |
|
299 | |||
300 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.logout.receive_response.'.$id))); |
|
301 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.logout.receive_request.'.$id))); |
|
302 | // must come after receive response |
||
303 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.logout.send_request.'.$id))); |
|
304 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.logout.fallback'))); |
|
305 | 13 | } |
|
306 | |||
307 | 13 | protected function createRelyingPartyLogoutSendRequest(ContainerBuilder $container, $id) |
|
308 | { |
||
309 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.logout.send_request'); |
|
310 | 13 | $service->replaceArgument(1, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
311 | 13 | $service->replaceArgument(2, new Reference('aerial_ship_saml_sp.state.store.request.'.$id)); |
|
312 | 13 | $container->setDefinition("aerial_ship_saml_sp.relying_party.logout.send_request.{$id}", $service); |
|
313 | 13 | } |
|
314 | |||
315 | 13 | protected function createRelyingPartyLogoutReceiveResponse(ContainerBuilder $container, $id) |
|
316 | { |
||
317 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.logout.receive_response'); |
|
318 | 13 | $service->replaceArgument(1, new Reference('aerial_ship_saml_sp.state.store.request.'.$id)); |
|
319 | 13 | $service->replaceArgument(2, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
320 | 13 | $container->setDefinition("aerial_ship_saml_sp.relying_party.logout.receive_response.{$id}", $service); |
|
321 | 13 | } |
|
322 | |||
323 | 13 | protected function createRelyingPartyLogoutReceiveRequest(ContainerBuilder $container, $id) |
|
324 | { |
||
325 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.logout.receive_request'); |
|
326 | 13 | $service->replaceArgument(2, new Reference('aerial_ship_saml_sp.service_info_collection.'.$id)); |
|
327 | 13 | $container->setDefinition("aerial_ship_saml_sp.relying_party.logout.receive_request.{$id}", $service); |
|
328 | 13 | } |
|
329 | |||
330 | 13 | protected function createRelyingPartyComposite(ContainerBuilder $container, $id) |
|
331 | { |
||
332 | 13 | $service = new DefinitionDecorator('aerial_ship_saml_sp.relying_party.composite'); |
|
333 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.discovery.'.$id))); |
|
334 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.federation_metadata.'.$id))); |
|
335 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.authenticate.'.$id))); |
|
336 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.assertion_consumer.'.$id))); |
|
337 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.logout.'.$id))); |
|
338 | // sso session check must be the last one since it can handle every request |
||
339 | 13 | $service->addMethodCall('append', array(new Reference('aerial_ship_saml_sp.relying_party.sso_session_check.'.$id))); |
|
340 | 13 | $container->setDefinition('aerial_ship_saml_sp.relying_party.composite.'.$id, $service); |
|
341 | 13 | } |
|
342 | |||
343 | |||
344 | /** |
||
345 | * Subclasses must return the id of a service which implements the |
||
346 | * AuthenticationProviderInterface. |
||
347 | * |
||
348 | * @param ContainerBuilder $container |
||
349 | * @param string $id The unique id of the firewall |
||
350 | * @param array $config The options array for this listener |
||
351 | * @param string $userProviderId The id of the user provider |
||
352 | * |
||
353 | * @return string never null, the id of the authentication provider |
||
354 | */ |
||
355 | 13 | protected function createAuthProvider(ContainerBuilder $container, $id, $config, $userProviderId) |
|
356 | { |
||
357 | 13 | $providerId = 'security.authentication.provider.aerial_ship_saml_sp.'.$id; |
|
358 | $provider = $container |
||
359 | 13 | ->setDefinition($providerId, new DefinitionDecorator('security.authentication.provider.aerial_ship_saml_sp')) |
|
360 | 13 | ->replaceArgument(0, $id); |
|
361 | |||
362 | 13 | if (isset($config['provider'])) { |
|
363 | 1 | $adapter = new DefinitionDecorator('aerial_ship_saml_sp.user_provider_adapter'); |
|
364 | 1 | $adapter->replaceArgument(0, new Reference($userProviderId)); |
|
365 | 1 | $adapterID = 'aerial_ship_saml_sp.user_provider_adapter.'.$id; |
|
366 | 1 | $container->setDefinition($adapterID, $adapter); |
|
367 | |||
368 | $provider |
||
369 | 1 | ->replaceArgument(1, new Reference($adapterID)) |
|
370 | 1 | ->replaceArgument(2, new Reference('security.user_checker')) |
|
371 | ; |
||
372 | 1 | } |
|
373 | 13 | if (!isset($config['create_user_if_not_exists'])) { |
|
374 | $config['create_user_if_not_exists'] = false; |
||
375 | } |
||
376 | 13 | $provider->replaceArgument(3, $config['create_user_if_not_exists']); |
|
377 | |||
378 | 13 | return $providerId; |
|
379 | } |
||
380 | |||
381 | |||
382 | /** |
||
383 | * Subclasses must return the id of the listener template. |
||
384 | * |
||
385 | * Listener definitions should inherit from the AbstractAuthenticationListener |
||
386 | * like this: |
||
387 | * |
||
388 | * <service id="my.listener.id" |
||
389 | * class="My\Concrete\Classname" |
||
390 | * parent="security.authentication.listener.abstract" |
||
391 | * abstract="true" /> |
||
392 | * |
||
393 | * In the above case, this method would return "my.listener.id". |
||
394 | * |
||
395 | * @return string |
||
396 | */ |
||
397 | 13 | protected function getListenerId() |
|
398 | { |
||
399 | 13 | return 'security.authentication.listener.aerial_ship_saml_sp'; |
|
400 | } |
||
401 | |||
402 | 1 | public function getPosition() |
|
403 | { |
||
404 | 1 | return 'form'; |
|
405 | } |
||
406 | |||
407 | 14 | public function getKey() |
|
408 | { |
||
409 | 14 | return 'aerial_ship_saml_sp'; |
|
410 | } |
||
411 | |||
412 | |||
413 | /** |
||
414 | * {@inheritDoc} |
||
415 | */ |
||
416 | 13 | protected function createEntryPoint($container, $id, $config, $defaultEntryPoint) |
|
417 | { |
||
418 | 13 | $entryPointId = 'security.authentication.form_entry_point.'.$id; |
|
419 | |||
420 | $container |
||
421 | 13 | ->setDefinition($entryPointId, new DefinitionDecorator('security.authentication.form_entry_point')) |
|
422 | 13 | ->addArgument(new Reference('security.http_utils')) |
|
423 | 13 | ->addArgument($config['login_path']) |
|
424 | 13 | ->addArgument($config['use_forward']) |
|
425 | ; |
||
426 | |||
427 | 13 | return $entryPointId; |
|
428 | } |
||
429 | } |
||
430 |
Adding explicit visibility (
private
,protected
, orpublic
) is generally recommend to communicate to other developers how, and from where this method is intended to be used.