vendor/hwi/oauth-bundle/src/Security/Http/Firewall/OAuthListener.php line 31

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the HWIOAuthBundle package.
  5.  *
  6.  * (c) Hardware Info <opensource@hardware.info>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace HWI\Bundle\OAuthBundle\Security\Http\Firewall;
  14. use HWI\Bundle\OAuthBundle\OAuth\ResourceOwnerInterface;
  15. use HWI\Bundle\OAuthBundle\OAuth\State\State;
  16. use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
  17. use HWI\Bundle\OAuthBundle\Security\Http\ResourceOwnerMapInterface;
  18. use Symfony\Component\HttpFoundation\RedirectResponse;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpFoundation\Response;
  21. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  22. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  23. use Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener;
  25. /**
  26.  * @author Geoffrey Bachelet <geoffrey.bachelet@gmail.com>
  27.  * @author Alexander <iam.asm89@gmail.com>
  28.  *
  29.  * @internal
  30.  */
  31. class OAuthListener extends AbstractAuthenticationListener
  32. {
  33.     private ResourceOwnerMapInterface $resourceOwnerMap;
  35.     /**
  36.      * @var array<int, string>
  37.      */
  38.     private array $checkPaths;
  40.     public function setResourceOwnerMap(ResourceOwnerMapInterface $resourceOwnerMap): void
  41.     {
  42.         $this->resourceOwnerMap $resourceOwnerMap;
  43.     }
  45.     public function setCheckPaths(array $checkPaths): void
  46.     {
  47.         $this->checkPaths $checkPaths;
  48.     }
  50.     /**
  51.      * {@inheritdoc}
  52.      */
  53.     public function requiresAuthentication(Request $request): bool
  54.     {
  55.         // Check if the route matches one of the check paths
  56.         foreach ($this->checkPaths as $checkPath) {
  57.             if ($this->httpUtils->checkRequestPath($request$checkPath)) {
  58.                 return true;
  59.             }
  60.         }
  62.         return false;
  63.     }
  65.     /**
  66.      * @return TokenInterface|Response|null
  67.      */
  68.     protected function attemptAuthentication(Request $request)
  69.     {
  70.         /* @var ResourceOwnerInterface $resourceOwner */
  71.         [$resourceOwner$checkPath] = $this->resourceOwnerMap->getResourceOwnerByRequest($request);
  73.         if (!$resourceOwner) {
  74.             throw new AuthenticationException('No resource owner match the request.');
  75.         }
  77.         if (!$resourceOwner->handles($request)) {
  78.             throw new AuthenticationException('No oauth code in the request.');
  79.         }
  81.         // If resource owner supports only one url authentication, call redirect
  82.         if ($request->query->has('authenticated') && $resourceOwner->getOption('auth_with_one_url')) {
  83.             $request->attributes->set('service'$resourceOwner->getName());
  85.             return new RedirectResponse(sprintf('%s?code=%s&authenticated=true'$this->httpUtils->generateUri($request'hwi_oauth_connect_service'), $request->query->get('code')));
  86.         }
  88.         $resourceOwner->isCsrfTokenValid(
  89.             $this->extractCsrfTokenFromState($request->get('state'))
  90.         );
  92.         $accessToken $resourceOwner->getAccessToken(
  93.             $request,
  94.             $this->httpUtils->createRequest($request$checkPath)->getUri()
  95.         );
  97.         $token = new OAuthToken($accessToken);
  98.         $token->setResourceOwnerName($resourceOwner->getName());
  100.         return $this->authenticationManager->authenticate($token);
  101.     }
  103.     private function extractCsrfTokenFromState(?string $stateParameter): ?string
  104.     {
  105.         $state = new State($stateParameter);
  107.         return $state->getCsrfToken() ?: $stateParameter;
  108.     }
  109. }