ホーム エクスプローラ ヘルプ
サインイン
kevin
/
Popsu-coloque
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: c11935cb48
ブランチ タグ
Popsu-coloque
/
web
/
core
/
lib
/
Drupal
/
Core
/
Authentication
/
AuthenticationManager.php

AuthenticationManager.php 5.6 KB
履歴 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 
  1. <?php
    2. 

  2. 

  3. namespace Drupal\Core\Authentication;
    4. 

  4. 

  5. use Drupal\Core\Routing\RouteMatch;
    6. 

  6. use Symfony\Component\HttpFoundation\Request;
    7. 

  7. 

  8. /**
    9. 

  9.  * Manager for authentication.
    10. 

  10.  *
    11. 

  11.  * On each request, let all authentication providers try to authenticate the
    12. 

  12.  * user. The providers are iterated according to their priority and the first
    13. 

  13.  * provider detecting credentials for its method wins. No further provider will
    14. 

  14.  * get triggered.
    15. 

  15.  *
    16. 

  16.  * If no provider sets an active user then the user remains anonymous.
    17. 

  17.  */
    18. 

  18. class AuthenticationManager implements AuthenticationProviderInterface, AuthenticationProviderFilterInterface, AuthenticationProviderChallengeInterface {
    19. 

  19. 

  20.   /**
    21. 

  21.    * The authentication provider collector.
    22. 

  22.    *
    23. 

  23.    * @var \Drupal\Core\Authentication\AuthenticationCollectorInterface
    24. 

  24.    */
    25. 

  25.   protected $authCollector;
    26. 

  26. 

  27.   /**
    28. 

  28.    * Creates a new authentication manager instance.
    29. 

  29.    *
    30. 

  30.    * @param \Drupal\Core\Authentication\AuthenticationCollectorInterface $auth_collector
    31. 

  31.    *   The authentication provider collector.
    32. 

  32.    */
    33. 

  33.   public function __construct(AuthenticationCollectorInterface $auth_collector) {
    34. 

  34.     $this->authCollector = $auth_collector;
    35. 

  35.   }
    36. 

  36. 

  37.   /**
    38. 

  38.    * {@inheritdoc}
    39. 

  39.    */
    40. 

  40.   public function applies(Request $request) {
    41. 

  41.     return (bool) $this->getProvider($request);
    42. 

  42.   }
    43. 

  43. 

  44.   /**
    45. 

  45.    * {@inheritdoc}
    46. 

  46.    */
    47. 

  47.   public function authenticate(Request $request) {
    48. 

  48.     $provider_id = $this->getProvider($request);
    49. 

  49.     $provider = $this->authCollector->getProvider($provider_id);
    50. 

  50. 

  51.     if ($provider) {
    52. 

  52.       return $provider->authenticate($request);
    53. 

  53.     }
    54. 

  54. 

  55.     return NULL;
    56. 

  56.   }
    57. 

  57. 

  58.   /**
    59. 

  59.    * {@inheritdoc}
    60. 

  60.    */
    61. 

  61.   public function appliesToRoutedRequest(Request $request, $authenticated) {
    62. 

  62.     $result = FALSE;
    63. 

  63. 

  64.     if ($authenticated) {
    65. 

  65.       $result = $this->applyFilter($request, $authenticated, $this->getProvider($request));
    66. 

  66.     }
    67. 

  67.     else {
    68. 

  68.       foreach ($this->authCollector->getSortedProviders() as $provider_id => $provider) {
    69. 

  69.         if ($this->applyFilter($request, $authenticated, $provider_id)) {
    70. 

  70.           $result = TRUE;
    71. 

  71.           break;
    72. 

  72.         }
    73. 

  73.       }
    74. 

  74.     }
    75. 

  75. 

  76.     return $result;
    77. 

  77.   }
    78. 

  78. 

  79.   /**
    80. 

  80.    * {@inheritdoc}
    81. 

  81.    */
    82. 

  82.   public function challengeException(Request $request, \Exception $previous) {
    83. 

  83.     $provider_id = $this->getChallenger($request);
    84. 

  84. 

  85.     if ($provider_id) {
    86. 

  86.       $provider = $this->authCollector->getProvider($provider_id);
    87. 

  87.       return $provider->challengeException($request, $previous);
    88. 

  88.     }
    89. 

  89.   }
    90. 

  90. 

  91.   /**
    92. 

  92.    * Returns the id of the authentication provider for a request.
    93. 

  93.    *
    94. 

  94.    * @param \Symfony\Component\HttpFoundation\Request $request
    95. 

  95.    *   The incoming request.
    96. 

  96.    *
    97. 

  97.    * @return string|null
    98. 

  98.    *   The id of the first authentication provider which applies to the request.
    99. 

  99.    *   If no application detects appropriate credentials, then NULL is returned.
    100. 

  100.    */
    101. 

  101.   protected function getProvider(Request $request) {
    102. 

  102.     foreach ($this->authCollector->getSortedProviders() as $provider_id => $provider) {
    103. 

  103.       if ($provider->applies($request)) {
    104. 

  104.         return $provider_id;
    105. 

  105.       }
    106. 

  106.     }
    107. 

  107.   }
    108. 

  108. 

  109.   /**
    110. 

  110.    * Returns the ID of the challenge provider for a request.
    111. 

  111.    *
    112. 

  112.    * @param \Symfony\Component\HttpFoundation\Request $request
    113. 

  113.    *   The incoming request.
    114. 

  114.    *
    115. 

  115.    * @return string|null
    116. 

  116.    *   The ID of the first authentication provider which applies to the request.
    117. 

  117.    *   If no application detects appropriate credentials, then NULL is returned.
    118. 

  118.    */
    119. 

  119.   protected function getChallenger(Request $request) {
    120. 

  120.     foreach ($this->authCollector->getSortedProviders() as $provider_id => $provider) {
    121. 

  121.       if (($provider instanceof AuthenticationProviderChallengeInterface) && !$provider->applies($request) && $this->applyFilter($request, FALSE, $provider_id)) {
    122. 

  122.         return $provider_id;
    123. 

  123.       }
    124. 

  124.     }
    125. 

  125.   }
    126. 

  126. 

  127.   /**
    128. 

  128.    * Checks whether a provider is allowed on the given request.
    129. 

  129.    *
    130. 

  130.    * If no filter is registered for the given provider id, the default filter
    131. 

  131.    * is applied.
    132. 

  132.    *
    133. 

  133.    * @param \Symfony\Component\HttpFoundation\Request $request
    134. 

  134.    *   The incoming request.
    135. 

  135.    * @param bool $authenticated
    136. 

  136.    *   Whether or not the request is authenticated.
    137. 

  137.    * @param string $provider_id
    138. 

  138.    *   The id of the authentication provider to check access for.
    139. 

  139.    *
    140. 

  140.    * @return bool
    141. 

  141.    *   TRUE if provider is allowed, FALSE otherwise.
    142. 

  142.    */
    143. 

  143.   protected function applyFilter(Request $request, $authenticated, $provider_id) {
    144. 

  144.     $provider = $this->authCollector->getProvider($provider_id);
    145. 

  145. 

  146.     if ($provider && ($provider instanceof AuthenticationProviderFilterInterface)) {
    147. 

  147.       $result = $provider->appliesToRoutedRequest($request, $authenticated);
    148. 

  148.     }
    149. 

  149.     else {
    150. 

  150.       $result = $this->defaultFilter($request, $provider_id);
    151. 

  151.     }
    152. 

  152. 

  153.     return $result;
    154. 

  154.   }
    155. 

  155. 

  156.   /**
    157. 

  157.    * Default implementation of the provider filter.
    158. 

  158.    *
    159. 

  159.    * Checks whether a provider is allowed as per the _auth option on a route. If
    160. 

  160.    * the option is not set or if the request did not match any route, only
    161. 

  161.    * providers from the global provider set are allowed.
    162. 

  162.    *
    163. 

  163.    * If no filter is registered for the given provider id, the default filter
    164. 

  164.    * is applied.
    165. 

  165.    *
    166. 

  166.    * @param \Symfony\Component\HttpFoundation\Request $request
    167. 

  167.    *   The incoming request.
    168. 

  168.    * @param string $provider_id
    169. 

  169.    *   The id of the authentication provider to check access for.
    170. 

  170.    *
    171. 

  171.    * @return bool
    172. 

  172.    *   TRUE if provider is allowed, FALSE otherwise.
    173. 

  173.    */
    174. 

  174.   protected function defaultFilter(Request $request, $provider_id) {
    175. 

  175.     $route = RouteMatch::createFromRequest($request)->getRouteObject();
    176. 

  176.     $has_auth_option = isset($route) && $route->hasOption('_auth');
    177. 

  177. 

  178.     if ($has_auth_option) {
    179. 

  179.       return in_array($provider_id, $route->getOption('_auth'));
    180. 

  180.     }
    181. 

  181.     else {
    182. 

  182.       return $this->authCollector->isGlobal($provider_id);
    183. 

  183.     }
    184. 

  184.   }
    185. 

  185. 

  186. }
    187.