vendor/scheb/two-factor-bundle/Security/Authentication/Provider/AuthenticationProviderDecorator.php line 70

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Scheb\TwoFactorBundle\Security\Authentication\Provider;
  7. use Scheb\TwoFactorBundle\DependencyInjection\Factory\Security\TwoFactorFactory;
  8. use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorTokenInterface;
  9. use Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationContextFactoryInterface;
  10. use Scheb\TwoFactorBundle\Security\TwoFactor\Handler\AuthenticationHandlerInterface;
  11. use Symfony\Bundle\SecurityBundle\Security\FirewallConfig;
  12. use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\RequestStack;
  15. use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
  16. use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
  17. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  19. class AuthenticationProviderDecorator implements AuthenticationProviderInterface
  20. {
  21.     /**
  22.      * @var AuthenticationProviderInterface
  23.      */
  24.     private $decoratedAuthenticationProvider;
  26.     /**
  27.      * @var AuthenticationHandlerInterface
  28.      */
  29.     private $twoFactorAuthenticationHandler;
  31.     /**
  32.      * @var AuthenticationContextFactoryInterface
  33.      */
  34.     private $authenticationContextFactory;
  36.     /**
  37.      * @var FirewallMap
  38.      */
  39.     private $firewallMap;
  41.     /**
  42.      * @var RequestStack
  43.      */
  44.     private $requestStack;
  46.     public function __construct(
  47.         AuthenticationProviderInterface $decoratedAuthenticationProvider,
  48.         AuthenticationHandlerInterface $twoFactorAuthenticationHandler,
  49.         AuthenticationContextFactoryInterface $authenticationContextFactory,
  50.         FirewallMap $firewallMap,
  51.         RequestStack $requestStack
  52.     ) {
  53.         $this->decoratedAuthenticationProvider $decoratedAuthenticationProvider;
  54.         $this->twoFactorAuthenticationHandler $twoFactorAuthenticationHandler;
  55.         $this->authenticationContextFactory $authenticationContextFactory;
  56.         $this->firewallMap $firewallMap;
  57.         $this->requestStack $requestStack;
  58.     }
  60.     public function supports(TokenInterface $token)
  61.     {
  62.         return $this->decoratedAuthenticationProvider->supports($token);
  63.     }
  65.     /**
  66.      * @psalm-suppress InvalidNullableReturnType
  67.      */
  68.     public function authenticate(TokenInterface $token)
  69.     {
  70.         $wasAlreadyAuthenticated $token->isAuthenticated();
  71.         $token $this->decoratedAuthenticationProvider->authenticate($token);
  73.         // Only trigger two-factor authentication when the provider was called with an unauthenticated token. When we
  74.         // get an authenticated token passed, we're not doing a login, but the system refreshes the token. Then we don't
  75.         // want to start two-factor authentication or we're ending in an endless loop.
  76.         if ($wasAlreadyAuthenticated) {
  77.             return $token;
  78.         }
  80.         // AnonymousToken and TwoFactorTokenInterface can be ignored
  81.         // in case of Guard, it can return null due to having multiple guard authenticators (#127, to be removed in v5)
  82.         /** @psalm-suppress DocblockTypeContradiction */
  83.         if ($token instanceof AnonymousToken || $token instanceof TwoFactorTokenInterface || null === $token) {
  84.             /** @psalm-suppress NullableReturnStatement */ return $token;
  85.         }
  87.         $request $this->getRequest();
  88.         $firewallConfig $this->getFirewallConfig($request);
  90.         if (!\in_array(TwoFactorFactory::AUTHENTICATION_PROVIDER_KEY$firewallConfig->getListeners(), true)) {
  91.             return $token// This firewall doesn't support two-factor authentication
  92.         }
  94.         $context $this->authenticationContextFactory->create($request$token$firewallConfig->getName());
  96.         return $this->twoFactorAuthenticationHandler->beginTwoFactorAuthentication($context);
  97.     }
  99.     /**
  100.      * @return mixed
  101.      */
  102.     public function __call(string $method, array $arguments)
  103.     {
  104.         return ($this->decoratedAuthenticationProvider)->{$method}(...$arguments);
  105.     }
  107.     private function getRequest(): Request
  108.     {
  109.         $request $this->requestStack->getMasterRequest();
  110.         if (null === $request) {
  111.             throw new \RuntimeException('No request available');
  112.         }
  114.         return $request;
  115.     }
  117.     private function getFirewallConfig(Request $request): FirewallConfig
  118.     {
  119.         $firewallConfig $this->firewallMap->getFirewallConfig($request);
  120.         if (null === $firewallConfig) {
  121.             throw new \RuntimeException('No firewall configuration available');
  122.         }
  124.         return $firewallConfig;
  125.     }
  126. }