|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* airlock authkey based user provider |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace Graviton\SecurityBundle\Authentication\Provider; |
|
7
|
|
|
|
|
8
|
|
|
use Graviton\SecurityBundle\Entities\SecurityContract; |
|
9
|
|
|
use GravitonDyn\ContractBundle\Document\Contract; |
|
10
|
|
|
use \Graviton\RestBundle\Model\ModelInterface; |
|
11
|
|
|
use Symfony\Component\Security\Core\Exception\UnsupportedUserException; |
|
12
|
|
|
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; |
|
13
|
|
|
use Symfony\Component\Security\Core\User\UserInterface; |
|
14
|
|
|
use Symfony\Component\Security\Core\User\UserProviderInterface; |
|
15
|
|
|
|
|
16
|
|
|
/** |
|
17
|
|
|
* Class AirlockAuthenticationKeyUserProvider |
|
18
|
|
|
* |
|
19
|
|
|
* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors> |
|
20
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License |
|
21
|
|
|
* @link http://swisscom.ch |
|
22
|
|
|
*/ |
|
23
|
|
|
class AirlockAuthenticationKeyUserProvider implements UserProviderInterface |
|
24
|
|
|
{ |
|
25
|
|
|
/** |
|
26
|
|
|
* @var \Graviton\RestBundle\Model\ModelInterface |
|
27
|
|
|
*/ |
|
28
|
|
|
private $documentModel; |
|
29
|
|
|
|
|
30
|
|
|
/** |
|
31
|
|
|
* @param \Graviton\RestBundle\Model\ModelInterface $contract contract to use as documentModel |
|
32
|
|
|
*/ |
|
33
|
|
|
public function __construct(ModelInterface $contract) |
|
34
|
|
|
{ |
|
35
|
|
|
$this->documentModel = $contract; |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* Finds a contract based on the provided ApiKey. |
|
40
|
|
|
* |
|
41
|
|
|
* @param string $apiKey key from airlock |
|
42
|
|
|
* |
|
43
|
|
|
* @return string |
|
44
|
|
|
*/ |
|
45
|
|
View Code Duplication |
public function getUsernameForApiKey($apiKey) |
|
|
|
|
|
|
46
|
|
|
{ |
|
47
|
|
|
$contractId = ''; |
|
48
|
|
|
|
|
49
|
|
|
/** @var \GravitonDyn\ContractBundle\Document\Contract $contract */ |
|
50
|
|
|
$contract = $this->documentModel->getRepository()->findOneBy(array('number' => $apiKey)); |
|
51
|
|
|
|
|
52
|
|
|
if ($contract instanceof Contract) { |
|
|
|
|
|
|
53
|
|
|
$contractId = $contract->getId(); |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
return $contractId; |
|
57
|
|
|
} |
|
58
|
|
|
|
|
59
|
|
|
/** |
|
60
|
|
|
* Loads the user for the given username. |
|
61
|
|
|
* |
|
62
|
|
|
* This method must throw UsernameNotFoundException if the user is not |
|
63
|
|
|
* found. |
|
64
|
|
|
* |
|
65
|
|
|
* @param string $contractId contract id we need a username for |
|
66
|
|
|
* |
|
67
|
|
|
* @return \Symfony\Component\Security\Core\User\UserInterface |
|
68
|
|
|
* |
|
69
|
|
|
* @see \Symfony\Component\Security\Core\Exception\UsernameNotFoundException |
|
70
|
|
|
* |
|
71
|
|
|
* @throws \Symfony\Component\Security\Core\Exception\UsernameNotFoundException if the user is not found |
|
72
|
|
|
*/ |
|
73
|
|
|
public function loadUserByUsername($contractId) |
|
74
|
|
|
{ |
|
75
|
|
|
// TODO [lapistano] to what is the contract to be mapped against?? |
|
76
|
|
|
|
|
77
|
|
|
/** @var \GravitonDyn\ContractBundle\Document\Contract $contracts */ |
|
78
|
|
|
$contract = $this->documentModel->find($contractId); |
|
79
|
|
|
|
|
80
|
|
|
if ($contract instanceof Contract) { |
|
|
|
|
|
|
81
|
|
|
// TODO [lapistano]: map the found contract to whatever ... |
|
82
|
|
|
return new SecurityContract($contract, $this->getContractRoles($contract)); |
|
|
|
|
|
|
83
|
|
|
} |
|
84
|
|
|
|
|
85
|
|
|
throw new UsernameNotFoundException(); |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
/** |
|
89
|
|
|
* Refreshes the user for the account interface. |
|
90
|
|
|
* |
|
91
|
|
|
* It is up to the implementation to decide if the user data should be |
|
92
|
|
|
* totally reloaded (e.g. from the database), or if the UserInterface |
|
93
|
|
|
* object can just be merged into some internal array of users / identity |
|
94
|
|
|
* map. |
|
95
|
|
|
* |
|
96
|
|
|
* @param \Symfony\Component\Security\Core\User\UserInterface $user user to refresh |
|
97
|
|
|
* |
|
98
|
|
|
* @return \Symfony\Component\Security\Core\User\UserInterface |
|
99
|
|
|
* |
|
100
|
|
|
* @throws \Symfony\Component\Security\Core\Exception\UnsupportedUserException if the account is not supported |
|
101
|
|
|
*/ |
|
102
|
|
|
public function refreshUser(UserInterface $user) |
|
103
|
|
|
{ |
|
104
|
|
|
// this is used for storing authentication in the session |
|
105
|
|
|
// but in this example, the token is sent in each request, |
|
106
|
|
|
// so authentication can be stateless. Throwing this exception |
|
107
|
|
|
// is proper to make things stateless |
|
108
|
|
|
throw new UnsupportedUserException(); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Whether this provider supports the given user class. |
|
113
|
|
|
* |
|
114
|
|
|
* @param string $class class to check for support |
|
115
|
|
|
* |
|
116
|
|
|
* @return bool |
|
117
|
|
|
*/ |
|
118
|
|
|
public function supportsClass($class) |
|
119
|
|
|
{ |
|
120
|
|
|
return $class instanceof \Symfony\Component\Security\Core\User\UserInterface; |
|
121
|
|
|
} |
|
122
|
|
|
|
|
123
|
|
|
/** |
|
124
|
|
|
* Decides the role set the provided contract has. |
|
125
|
|
|
* |
|
126
|
|
|
* @param Contract $contract provided contract |
|
127
|
|
|
* |
|
128
|
|
|
* @return string[] |
|
129
|
|
|
*/ |
|
130
|
|
|
private function getContractRoles(Contract $contract) |
|
|
|
|
|
|
131
|
|
|
{ |
|
132
|
|
|
// TODO [lapistano]: implement the ability to decide what roles the contract entity haas. |
|
133
|
|
|
|
|
134
|
|
|
return array('ROLE_GRAVITON_USER'); |
|
135
|
|
|
} |
|
136
|
|
|
} |
|
137
|
|
|
|
libgraviton /
graviton
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.