Skip to content
Snippets Groups Projects
Select Git revision
  • 58ca2f02412c68afc9dde9f3c582823a0ff228d2
  • main default protected
  • demo protected
  • master
  • icon-set-mapping
  • production protected
  • revert-62666d1a
  • favorites-and-recent-files
  • lit2
  • wc-part
  • mark-downloaded-files
  • feature/annotpdf-test
  • fix-zip-upload
  • config-cleanup
  • wip
  • app-shell-update
16 results

app.config.js

Blame
    • BearerAuthenticator.php 2.39 KiB 
    <?php

declare(strict_types=1);

namespace Dbp\Relay\AuthBundle\Authenticator;

use Psr\Log\LoggerAwareInterface;
use Psr\Log\LoggerAwareTrait;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;

class BearerAuthenticator extends AbstractAuthenticator implements LoggerAwareInterface
{
    use LoggerAwareTrait;

    private $userProvider;

    /**
     * @var OIDCUserSessionProviderInterface
     */
    private $userSession;

    public function __construct(OIDCUserSessionProviderInterface $userSession, BearerUserProviderInterface $userProvider)
    {
        $this->userProvider = $userProvider;
        $this->userSession = $userSession;
    }

    public function supports(Request $request): ?bool
    {
        return $request->headers->has('Authorization');
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
    {
        return null;
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
    {
        return new JsonResponse(['error' => $exception->getMessage()], Response::HTTP_FORBIDDEN);
    }

    public function authenticate(Request $request): PassportInterface
    {
        $auth = $request->headers->get('Authorization', '');
        if ($auth === '') {
            throw new BadCredentialsException('Token is not present in the request headers');
        }

        $token = trim(preg_replace('/^(?:\s+)?Bearer\s/', '', $auth));

        $user = $this->userProvider->loadUserByToken($token);

        $passport = new SelfValidatingPassport(new UserBadge($user->getUserIdentifier(), function ($token) use ($user) {
            return $user;
        }));
        $passport->setAttribute('relay_user_session_provider', $this->userSession);

        return $passport;
    }
}