Skip to content
Snippets Groups Projects
Commit c15b6b01 authored by Maxime Veber's avatar Maxime Veber
Browse files

Add authorization

parent 5a79b5c7
Branches master
No related tags found
No related merge requests found
<?php
require __DIR__ . '/vendor/autoload.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\EventDispatcher\EventDispatcher;
use BiiG\SecurityTest\Kernel;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\FirewallMap;
use Symfony\Component\HttpFoundation\RequestMatcher,
Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage,
BiiG\SecurityTest\CustomAuthenticationListener,
BiiG\SecurityTest\CustomAuthenticationProvider,
Symfony\Component\Security\Http\Firewall,
Symfony\Component\HttpKernel\KernelEvents,
Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter,
Symfony\Component\Security\Core\Role\RoleHierarchy,
Symfony\Component\Security\Core\Authorization\AccessDecisionManager
;
use Symfony\Component\Security\Http\AccessMap;
use Symfony\Component\Security\Http\Firewall\AccessListener;
$request = Request::createFromGlobals();
$dispatcher = new EventDispatcher();
$kernel = new Kernel($dispatcher, function() {
return new Response("<h1>Hello</h1>");
});
$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
$dispatcher = new \Symfony\Component\EventDispatcher\EventDispatcher();
///////////////////////
/// FIREWALL
$map = new \Symfony\Component\Security\Http\FirewallMap();
$requestMatcher = new \Symfony\Component\HttpFoundation\RequestMatcher('^/');
/// FIREWALL CONFIG
$tokenStorage = new \Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage();
$map = new FirewallMap();
$requestMatcher = new RequestMatcher('^/');
$tokenStorage = new TokenStorage();
// instances of Symfony\Component\Security\Http\Firewall\ListenerInterface
$authManager = new CustomAuthenticationProvider();
$listeners = [
new \BiiG\SecurityTest\CustomAuthenticationListener(
new CustomAuthenticationListener(
$tokenStorage,
new \BiiG\SecurityTest\CustomAuthenticationProvider(),
$authManager,
'swagg'
)
];
// The exception listener object is too complex for this example
/*
$exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionListener($tokenStorage, $trustResolver);
......@@ -33,16 +54,46 @@ $exceptionListener = new \Symfony\Component\Security\Http\Firewall\ExceptionList
$map->add($requestMatcher, $listeners);
$firewall = new \Symfony\Component\Security\Http\Firewall($map, $dispatcher);
$firewall = new Firewall($map, $dispatcher);
$dispatcher->addListener(
\Symfony\Component\HttpKernel\KernelEvents::REQUEST,
KernelEvents::REQUEST,
array($firewall, 'onKernelRequest')
);
$kernel = new \BiiG\SecurityTest\Kernel($dispatcher, function() {
echo "<h1>Hello</h1>";
});
/////////////////////////
/// Authorization
// instances of Symfony\Component\Security\Core\Authorization\Voter\VoterInterface
$voters = [
new RoleHierarchyVoter(
new RoleHierarchy([
'ROLE_SUPER_ADMIN' => [
'ROLE_ADMIN',
'ROLE_USER'
]
])
),
];
$strategy = AccessDecisionManager::STRATEGY_AFFIRMATIVE;
$accessDecisionManager = new AccessDecisionManager(
$voters,
$strategy
);
$accessMap = new AccessMap();
$requestMatcher = new RequestMatcher('^/admin');
$accessMap->add($requestMatcher, array('ROLE_ADMIN'));
$accessListener = new AccessListener(
$tokenStorage,
$accessDecisionManager,
$accessMap,
$authManager
);
/////////////////////////
/// Run kernel
$kernel->handle($request);
$kernel->handle($request)->send();
......@@ -66,6 +66,11 @@ class CustomAuthenticationProvider implements AuthenticationProviderInterface
if (!$encoder->isPasswordValid($user->getPassword(), $token->getCredentials(), $user->getSalt())) {
throw new BadCredentialsException('The presented password is invalid.');
}
$token->setUser($user);
$token->setAuthenticated(true);
return $token;
}
public function supports(TokenInterface $token)
......
......@@ -13,7 +13,6 @@ namespace BiiG\SecurityTest;
use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\HttpKernelInterface;
......@@ -37,8 +36,10 @@ class Kernel implements HttpKernelInterface
// Some work
$run = $this->run;
$run();
$response = $run();
$this->dispatcher->dispatch(KernelEvents::FINISH_REQUEST, new FinishRequestEvent($this, $request, $type));
return $response;
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment