Home Explore Help
Sign In
bachir
/
edlp_d8
1
0
Fork 0
Files Issues 8 Pull Requests 0 Wiki
Tree: 5c71ef4c46
Branches Tags
edlp_d8
/
core
/
lib
/
Drupal
/
Core
/
EventSubscriber
/
AuthenticationSubscriber.php

AuthenticationSubscriber.php 5.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. <?php
    2. 

  2. 

  3. namespace Drupal\Core\EventSubscriber;
    4. 

  4. 

  5. use Drupal\Core\Authentication\AuthenticationProviderFilterInterface;
    6. 

  6. use Drupal\Core\Authentication\AuthenticationProviderChallengeInterface;
    7. 

  7. use Drupal\Core\Authentication\AuthenticationProviderInterface;
    8. 

  8. use Drupal\Core\Session\AccountProxyInterface;
    9. 

  9. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
    10. 

  10. use Symfony\Component\HttpKernel\Event\GetResponseEvent;
    11. 

  11. use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
    12. 

  12. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
    13. 

  13. use Symfony\Component\HttpKernel\HttpKernelInterface;
    14. 

  14. use Symfony\Component\HttpKernel\KernelEvents;
    15. 

  15. 

  16. /**
    17. 

  17.  * Authentication subscriber.
    18. 

  18.  *
    19. 

  19.  * Trigger authentication during the request.
    20. 

  20.  */
    21. 

  21. class AuthenticationSubscriber implements EventSubscriberInterface {
    22. 

  22. 

  23.   /**
    24. 

  24.    * Authentication provider.
    25. 

  25.    *
    26. 

  26.    * @var \Drupal\Core\Authentication\AuthenticationProviderInterface
    27. 

  27.    */
    28. 

  28.   protected $authenticationProvider;
    29. 

  29. 

  30.   /**
    31. 

  31.    * Authentication provider filter.
    32. 

  32.    *
    33. 

  33.    * @var \Drupal\Core\Authentication\AuthenticationProviderFilterInterface|null
    34. 

  34.    */
    35. 

  35.   protected $filter;
    36. 

  36. 

  37.   /**
    38. 

  38.    * Authentication challenge provider.
    39. 

  39.    *
    40. 

  40.    * @var \Drupal\Core\Authentication\AuthenticationProviderChallengeInterface|null
    41. 

  41.    */
    42. 

  42.   protected $challengeProvider;
    43. 

  43. 

  44.   /**
    45. 

  45.    * Account proxy.
    46. 

  46.    *
    47. 

  47.    * @var \Drupal\Core\Session\AccountProxyInterface
    48. 

  48.    */
    49. 

  49.   protected $accountProxy;
    50. 

  50. 

  51.   /**
    52. 

  52.    * Constructs an authentication subscriber.
    53. 

  53.    *
    54. 

  54.    * @param \Drupal\Core\Authentication\AuthenticationProviderInterface $authentication_provider
    55. 

  55.    *   An authentication provider.
    56. 

  56.    * @param \Drupal\Core\Session\AccountProxyInterface $account_proxy
    57. 

  57.    *   Account proxy.
    58. 

  58.    */
    59. 

  59.   public function __construct(AuthenticationProviderInterface $authentication_provider, AccountProxyInterface $account_proxy) {
    60. 

  60.     $this->authenticationProvider = $authentication_provider;
    61. 

  61.     $this->filter = ($authentication_provider instanceof AuthenticationProviderFilterInterface) ? $authentication_provider : NULL;
    62. 

  62.     $this->challengeProvider = ($authentication_provider instanceof AuthenticationProviderChallengeInterface) ? $authentication_provider : NULL;
    63. 

  63.     $this->accountProxy = $account_proxy;
    64. 

  64.   }
    65. 

  65. 

  66.   /**
    67. 

  67.    * Authenticates user on request.
    68. 

  68.    *
    69. 

  69.    * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
    70. 

  70.    *   The request event.
    71. 

  71.    *
    72. 

  72.    * @see \Drupal\Core\Authentication\AuthenticationProviderInterface::authenticate()
    73. 

  73.    */
    74. 

  74.   public function onKernelRequestAuthenticate(GetResponseEvent $event) {
    75. 

  75.     if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
    76. 

  76.       $request = $event->getRequest();
    77. 

  77.       if ($this->authenticationProvider->applies($request)) {
    78. 

  78.         $account = $this->authenticationProvider->authenticate($request);
    79. 

  79.         if ($account) {
    80. 

  80.           $this->accountProxy->setAccount($account);
    81. 

  81.           return;
    82. 

  82.         }
    83. 

  83.       }
    84. 

  84.       // No account has been set explicitly, initialize the timezone here.
    85. 

  85.       date_default_timezone_set(drupal_get_user_timezone());
    86. 

  86.     }
    87. 

  87.   }
    88. 

  88. 

  89.   /**
    90. 

  90.    * Denies access if authentication provider is not allowed on this route.
    91. 

  91.    *
    92. 

  92.    * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
    93. 

  93.    *   The request event.
    94. 

  94.    */
    95. 

  95.   public function onKernelRequestFilterProvider(GetResponseEvent $event) {
    96. 

  96.     if (isset($this->filter) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
    97. 

  97.       $request = $event->getRequest();
    98. 

  98.       if ($this->authenticationProvider->applies($request) && !$this->filter->appliesToRoutedRequest($request, TRUE)) {
    99. 

  99.         throw new AccessDeniedHttpException('The used authentication method is not allowed on this route.');
    100. 

  100.       }
    101. 

  101.     }
    102. 

  102.   }
    103. 

  103. 

  104.   /**
    105. 

  105.    * Respond with a challenge on access denied exceptions if appropriate.
    106. 

  106.    *
    107. 

  107.    * On a 403 (access denied), if there are no credentials on the request, some
    108. 

  108.    * authentication methods (e.g. basic auth) require that a challenge is sent
    109. 

  109.    * to the client.
    110. 

  110.    *
    111. 

  111.    * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
    112. 

  112.    *   The exception event.
    113. 

  113.    */
    114. 

  114.   public function onExceptionSendChallenge(GetResponseForExceptionEvent $event) {
    115. 

  115.     if (isset($this->challengeProvider) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
    116. 

  116.       $request = $event->getRequest();
    117. 

  117.       $exception = $event->getException();
    118. 

  118.       if ($exception instanceof AccessDeniedHttpException && !$this->authenticationProvider->applies($request) && (!isset($this->filter) || $this->filter->appliesToRoutedRequest($request, FALSE))) {
    119. 

  119.         $challenge_exception = $this->challengeProvider->challengeException($request, $exception);
    120. 

  120.         if ($challenge_exception) {
    121. 

  121.           $event->setException($challenge_exception);
    122. 

  122.         }
    123. 

  123.       }
    124. 

  124.     }
    125. 

  125.   }
    126. 

  126. 

  127.   /**
    128. 

  128.    * {@inheritdoc}
    129. 

  129.    */
    130. 

  130.   public static function getSubscribedEvents() {
    131. 

  131.     // The priority for authentication must be higher than the highest event
    132. 

  132.     // subscriber accessing the current user. Especially it must be higher than
    133. 

  133.     // LanguageRequestSubscriber as LanguageManager accesses the current user if
    134. 

  134.     // the language module is enabled.
    135. 

  135.     $events[KernelEvents::REQUEST][] = ['onKernelRequestAuthenticate', 300];
    136. 

  136. 

  137.     // Access check must be performed after routing.
    138. 

  138.     $events[KernelEvents::REQUEST][] = ['onKernelRequestFilterProvider', 31];
    139. 

  139.     $events[KernelEvents::EXCEPTION][] = ['onExceptionSendChallenge', 75];
    140. 

  140.     return $events;
    141. 

  141.   }
    142. 

  142. 

  143. }
    144.