vendor/symfony/security-core/Authentication/Provider/UserAuthenticationProvider.php line 52

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Core\Authentication\Provider;
  14. use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken;
  15. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  16. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  18. use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
  19. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  20. use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
  21. use Symfony\Component\Security\Core\User\UserCheckerInterface;
  22. use Symfony\Component\Security\Core\User\UserInterface;
  24. /**
  25.  * UserProviderInterface retrieves users for UsernamePasswordToken tokens.
  26.  *
  27.  * @author Fabien Potencier <fabien@symfony.com>
  28.  */
  29. abstract class UserAuthenticationProvider implements AuthenticationProviderInterface
  30. {
  31.     private $hideUserNotFoundExceptions;
  32.     private $userChecker;
  33.     private $providerKey;
  35.     /**
  36.      * @throws \InvalidArgumentException
  37.      */
  38.     public function __construct(UserCheckerInterface $userCheckerstring $providerKeybool $hideUserNotFoundExceptions true)
  39.     {
  40.         if (empty($providerKey)) {
  41.             throw new \InvalidArgumentException('$providerKey must not be empty.');
  42.         }
  44.         $this->userChecker $userChecker;
  45.         $this->providerKey $providerKey;
  46.         $this->hideUserNotFoundExceptions $hideUserNotFoundExceptions;
  47.     }
  49.     /**
  50.      * {@inheritdoc}
  51.      */
  52.     public function authenticate(TokenInterface $token)
  53.     {
  54.         if (!$this->supports($token)) {
  55.             throw new AuthenticationException('The token is not supported by this authentication provider.');
  56.         }
  58.         $username $token->getUsername();
  59.         if ('' === $username || null === $username) {
  60.             $username AuthenticationProviderInterface::USERNAME_NONE_PROVIDED;
  61.         }
  63.         try {
  64.             $user $this->retrieveUser($username$token);
  65.         } catch (UsernameNotFoundException $e) {
  66.             if ($this->hideUserNotFoundExceptions) {
  67.                 throw new BadCredentialsException('Bad credentials.'0$e);
  68.             }
  69.             $e->setUsername($username);
  71.             throw $e;
  72.         }
  74.         if (!$user instanceof UserInterface) {
  75.             throw new AuthenticationServiceException('retrieveUser() must return a UserInterface.');
  76.         }
  78.         try {
  79.             $this->userChecker->checkPreAuth($user);
  80.             $this->checkAuthentication($user$token);
  81.             $this->userChecker->checkPostAuth($user);
  82.         } catch (BadCredentialsException $e) {
  83.             if ($this->hideUserNotFoundExceptions) {
  84.                 throw new BadCredentialsException('Bad credentials.'0$e);
  85.             }
  87.             throw $e;
  88.         }
  90.         if ($token instanceof SwitchUserToken) {
  91.             $authenticatedToken = new SwitchUserToken($user$token->getCredentials(), $this->providerKey$user->getRoles(), $token->getOriginalToken());
  92.         } else {
  93.             $authenticatedToken = new UsernamePasswordToken($user$token->getCredentials(), $this->providerKey$user->getRoles());
  94.         }
  96.         $authenticatedToken->setAttributes($token->getAttributes());
  98.         return $authenticatedToken;
  99.     }
  101.     /**
  102.      * {@inheritdoc}
  103.      */
  104.     public function supports(TokenInterface $token)
  105.     {
  106.         return $token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey();
  107.     }
  109.     /**
  110.      * Retrieves the user from an implementation-specific location.
  111.      *
  112.      * @return UserInterface The user
  113.      *
  114.      * @throws AuthenticationException if the credentials could not be validated
  115.      */
  116.     abstract protected function retrieveUser(string $usernameUsernamePasswordToken $token);
  118.     /**
  119.      * Does additional checks on the user and token (like validating the
  120.      * credentials).
  121.      *
  122.      * @throws AuthenticationException if the credentials could not be validated
  123.      */
  124.     abstract protected function checkAuthentication(UserInterface $userUsernamePasswordToken $token);
  125. }