Skip to content
Snippets Groups Projects
Commit 4d28696e authored by Maxime Veber's avatar Maxime Veber
Browse files

initial commit

parents
No related branches found
No related tags found
No related merge requests found
vendor
{
"name": "nek/symfony-security",
"description": "Usage of Sf Sec component",
"type": "project",
"autoload": {
"psr-4": {
"BiiG\\SecurityTest\\": "src/"
}
},
"require": {
"silex/silex": "^2.2",
"symfony/security": "^3.3"
},
"require-dev": {
"phpunit/phpunit": "^6.3"
},
"license": "private",
"authors": [
{
"name": "Nek (Maxime Veber)",
"email": "nek.dev@gmail.com"
}
]
}
This diff is collapsed.
foo.php 0 → 100644
<?php
require __DIR__ . '/vendor/autoload.php';
$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
$dispatcher = new \Symfony\Component\EventDispatcher\EventDispatcher();
/////////////////////////
/// AUTHENTICATION
// Preparation
// Auth
// Should happen in CustomAuthenticationListener
/*
$providers = [new \BiiG\SecurityTest\CustomAuthenticationProvider()];
$authenticationManager = new \Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager($providers);
$authenticatedToken = $authenticationManager->authenticate($unauthenticatedToken);
//*/
///////////////////////
/// FIREWALL
$map = new \Symfony\Component\Security\Http\FirewallMap();
$requestMatcher = new \Symfony\Component\HttpFoundation\RequestMatcher('^/');
$tokenStorage = new \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage();
// instances of Symfony\Component\Security\Http\Firewall\ListenerInterface
$listeners = [new \BiiG\SecurityTest\CustomAuthenticationListener(
$tokenStorage,
new \BiiG\SecurityTest\CustomAuthenticationProvider(),
'swagg'
)];
$anonymousClass = \Symfony\Component\Security\Core\Authentication\Token\AnonymousToken::class;
$rememberMeClass = \Symfony\Component\Security\Core\Authentication\Token\RememberMeToken::class;
$trustResolver = new \Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver($anonymousClass, $rememberMeClass);
// The exception listener object is too complex for this example
/*
$exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionListener($tokenStorage, $trustResolver);
//*/
$map->add($requestMatcher, $listeners);
$firewall = new \Symfony\Component\Security\Http\Firewall($map, $dispatcher);
$dispatcher->addListener(
\Symfony\Component\HttpKernel\KernelEvents::REQUEST,
array($firewall, 'onKernelRequest')
);
$kernel = new \BiiG\SecurityTest\Kernel($dispatcher, function() {
echo "<h1>Hello</h1>";
});
$kernel->handle($request);
<?php
require __DIR__ . '/vendor/autoload.php';
use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Core\Authentication\Provider\DaoAuthenticationProvider;
use Symfony\Component\Security\Core\User\UserChecker;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use Symfony\Component\Security\Core\User\User;
$app = new Silex\Application();
$app['debug'] = true;
$userProvider = new InMemoryUserProvider(
array(
'admin' => array(
// password is "foo"
'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==',
'roles' => array('ROLE_ADMIN'),
),
)
);
$app->get('/', function () use ($userProvider) {
$providers = [new \BiiG\SecurityTest\CustomAuthenticationProvider()];
$authenticationManager = new AuthenticationProviderManager($providers);
// for some extra checks: is account enabled, locked, expired, etc.
$userChecker = new \Symfony\Component\Security\Core\User\UserChecker();
try {
$authenticatedToken = $authenticationManager
->authenticate($unauthenticatedToken);
// for some extra checks: is account enabled, locked, expired, etc.
$userChecker = new UserChecker();
// an array of password encoders (see below)
$encoderFactory = new EncoderFactory([
User::class => new MessageDigestPasswordEncoder('sha512', true, 5000),
]);
$provider = new DaoAuthenticationProvider(
$userProvider,
$userChecker,
'secured_area',
$encoderFactory
);
$provider->authenticate($unauthenticatedToken);
} catch (AuthenticationException $failed) {
// authentication failed
}
return '<h1>Hello world</h1>';
});
$app->run();
<?php
namespace BiiG\SecurityTest;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Http\Firewall\ListenerInterface;
/**
* Class CustomAuthenticationListener
* @package BiiG\SecurityTest
*
* Son job: transformer la request en token non authentifié puis l'authentifier avec le authenticationManager
*/
class CustomAuthenticationListener implements ListenerInterface
{
/**
* @var TokenStorageInterface
*/
private $tokenStorage;
/**
* @var AuthenticationManagerInterface
*/
private $authenticationManager;
/**
* @var string Uniquely identifies the secured area
*/
private $providerKey;
/**
* CustomAuthenticationListener constructor.
* @param TokenStorageInterface $tokenStorage
* @param AuthenticationManagerInterface $authenticationManager
* @param string $providerKey
*/
public function __construct(
TokenStorageInterface $tokenStorage,
AuthenticationManagerInterface $authenticationManager,
$providerKey
) {
$this->tokenStorage = $tokenStorage;
$this->authenticationManager = $authenticationManager;
$this->providerKey = $providerKey;
}
public function handle(GetResponseEvent $event)
{
$request = $event->getRequest();
$username = $request->query->get('username', '');
$password = $request->query->get('password', '');
$unauthenticatedToken = new UsernamePasswordToken(
$username,
$password,
$this->providerKey
);
$authenticatedToken = $this
->authenticationManager
->authenticate($unauthenticatedToken);
$this->tokenStorage->setToken($authenticatedToken);
}
}
<?php
/**
* This file is a part of SymfonySecurity package.
*
* (c) Nekland <dev@nekland.fr>
*
* For the full license, take a look to the LICENSE file
* on the root directory of this project
*/
namespace BiiG\SecurityTest;
use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
use Symfony\Component\Security\Core\User\User;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Class CustomAuthenticationProvider
* @package BiiG\SecurityTest
*
* Pourrait hériter de UserAuthenticationProvider pour simplifier le traitement d'un utilisateur standard.
*/
class CustomAuthenticationProvider implements AuthenticationProviderInterface
{
private $userProvider;
private $encoderFactory;
public function __construct()
{
$this->userProvider = new InMemoryUserProvider(
array(
'admin' => array(
// password is "foo"
'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==',
'roles' => array('ROLE_ADMIN'),
),
)
);
$this->encoderFactory = new EncoderFactory([
User::class => new MessageDigestPasswordEncoder('sha512', true, 5000)
]);
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByUsername($token->getUsername());
// Un certain nombre de cas comme celui-ci sont à gérer
if (!$user instanceof UserInterface) {
throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
}
$encoder = $this->encoderFactory->getEncoder($user);
if (!$encoder->isPasswordValid($user->getPassword(), $token->getCredentials(), $user->getSalt())) {
throw new BadCredentialsException('The presented password is invalid.');
}
}
public function supports(TokenInterface $token)
{
return $token instanceof UsernamePasswordToken;
}
}
<?php
/**
* This file is a part of SymfonySecurity package.
*
* (c) Nekland <dev@nekland.fr>
*
* For the full license, take a look to the LICENSE file
* on the root directory of this project
*/
namespace BiiG\SecurityTest;
use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\KernelEvents;
class Kernel implements HttpKernelInterface
{
private $dispatcher;
private $run;
public function __construct(EventDispatcher $dispatcher, \Closure $run)
{
$this->dispatcher = $dispatcher;
$this->run = $run;
}
public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = true)
{
$this->dispatcher->dispatch(KernelEvents::REQUEST, new GetResponseEvent($this, $request, $type));
// Some work
$run = $this->run;
$run();
$this->dispatcher->dispatch(KernelEvents::FINISH_REQUEST, new FinishRequestEvent($this, $request, $type));
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment