|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* authentification strategy based on a username cookie |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace Graviton\SecurityBundle\Authentication\Strategies; |
|
7
|
|
|
|
|
8
|
|
|
use Graviton\SecurityBundle\Entities\SecurityUser; |
|
9
|
|
|
use Symfony\Component\HttpFoundation\Request; |
|
10
|
|
|
use Symfony\Component\Security\Core\Role\Role; |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Class CookieFieldStrategy |
|
14
|
|
|
* |
|
15
|
|
|
* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors> |
|
16
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License |
|
17
|
|
|
* @link http://swisscom.ch |
|
18
|
|
|
*/ |
|
19
|
|
|
class CookieFieldStrategy extends AbstractHttpStrategy |
|
20
|
|
|
{ |
|
21
|
|
|
/** @var string */ |
|
22
|
|
|
const COOKIE_FIELD_NAME = 'username'; |
|
23
|
|
|
|
|
24
|
|
|
/** @var string */ |
|
25
|
|
|
const COOKIE_VALUE_CORE_ID = 'finnova_id'; |
|
26
|
|
|
|
|
27
|
|
|
/** @var string */ |
|
28
|
|
|
const CONFIGURATION_PARAMETER_CORE_ID = 'graviton.security.core_id'; |
|
29
|
|
|
|
|
30
|
|
|
/** @var string */ |
|
31
|
|
|
const CONFIGURATION_PARAMETER_USER_ID = 'graviton.security.user_id'; |
|
32
|
|
|
|
|
33
|
|
|
/** @var string */ |
|
34
|
|
|
protected $field; |
|
35
|
|
|
|
|
36
|
|
|
/** |
|
37
|
|
|
* @param string $field cookie field to be examined |
|
38
|
|
|
*/ |
|
39
|
4 |
|
public function __construct($field) |
|
40
|
|
|
{ |
|
41
|
4 |
|
$this->field = $field; |
|
42
|
4 |
|
} |
|
43
|
|
|
|
|
44
|
|
|
/** |
|
45
|
|
|
* Applies the defined strategy on the provided request. |
|
46
|
|
|
* Value may contain a coma separated string values, we use first as identifier. |
|
47
|
|
|
* |
|
48
|
|
|
* @param Request $request request to handle |
|
49
|
|
|
* |
|
50
|
|
|
* @return string |
|
51
|
|
|
*/ |
|
52
|
|
|
public function apply(Request $request) |
|
53
|
|
|
{ |
|
54
|
|
|
$bagValue = $this->extractFieldInfo($request->cookies, $this->field); |
|
55
|
|
|
|
|
56
|
|
|
// this needs to be available in a later state of the application |
|
57
|
|
|
$this->extractAdUsername($request, $bagValue); |
|
58
|
|
|
|
|
59
|
|
|
return $this->extractCoreId($request, $bagValue); |
|
60
|
|
|
} |
|
61
|
|
|
|
|
62
|
|
|
/** |
|
63
|
|
|
* Provides the list of registered roles. |
|
64
|
|
|
* |
|
65
|
|
|
* @return Role[] |
|
66
|
|
|
*/ |
|
67
|
|
|
public function getRoles() |
|
68
|
|
|
{ |
|
69
|
|
|
return [SecurityUser::ROLE_USER, SecurityUser::ROLE_CONSULTANT]; |
|
70
|
|
|
} |
|
71
|
|
|
|
|
72
|
|
|
/** |
|
73
|
|
|
* Finds and extracts the ad username from the cookie. |
|
74
|
|
|
* |
|
75
|
|
|
* @param Request $request Request stack that controls the lifecycle of requests |
|
76
|
|
|
* @param string $value The string the value of self::COOKIE_FIELD_NAME shall be extracted from. |
|
77
|
|
|
* |
|
78
|
|
|
* @return string |
|
79
|
|
|
*/ |
|
80
|
|
View Code Duplication |
protected function extractAdUsername(Request $request, $value) |
|
|
|
|
|
|
81
|
|
|
{ |
|
82
|
|
|
$pattern = "/((?m)(?<=\b".self::COOKIE_FIELD_NAME."=)[^;]*)/i"; |
|
83
|
|
|
preg_match($pattern, $value, $matches); |
|
84
|
|
|
|
|
85
|
|
|
if ($matches) { |
|
86
|
|
|
$request->attributes->set(self::CONFIGURATION_PARAMETER_USER_ID, $matches[0]); |
|
87
|
|
|
|
|
88
|
|
|
return $matches[0]; |
|
89
|
|
|
} |
|
90
|
|
|
|
|
91
|
|
|
return $value; |
|
92
|
|
|
} |
|
93
|
|
|
|
|
94
|
|
|
/** |
|
95
|
|
|
* Finds and extracts the core system id from tha cookie. |
|
96
|
|
|
* |
|
97
|
|
|
* @param Request $request Request stack that controls the lifecycle of requests |
|
98
|
|
|
* @param string $text String to be examined for the core id. |
|
99
|
|
|
* |
|
100
|
|
|
* @return string |
|
101
|
|
|
*/ |
|
102
|
|
View Code Duplication |
protected function extractCoreId(Request $request, $text) |
|
|
|
|
|
|
103
|
|
|
{ |
|
104
|
|
|
$pattern = "/((?m)(?<=\b".self::COOKIE_VALUE_CORE_ID."=)[^;]*)/i"; |
|
105
|
|
|
preg_match($pattern, $text, $matches); |
|
106
|
|
|
|
|
107
|
|
|
if ($matches) { |
|
108
|
|
|
$request->attributes->set(self::CONFIGURATION_PARAMETER_CORE_ID, $matches[0]); |
|
109
|
|
|
|
|
110
|
|
|
return $matches[0]; |
|
111
|
|
|
} |
|
112
|
|
|
|
|
113
|
|
|
return $text; |
|
114
|
|
|
} |
|
115
|
|
|
} |
|
116
|
|
|
|
libgraviton /
graviton
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.