usenamepassword

1. <?php
2. namespace TYPO3\FLOW3\Security\Authentication\Token;
3.  
4. /* *
5. * This script belongs to the FLOW3 framework. *
6. * *
7. * It is free software; you can redistribute it and/or modify it under *
8. * the terms of the GNU Lesser General Public License, either version 3 *
9. * of the License, or (at your option) any later version. *
10. * *
11. * The TYPO3 project - inspiring people to share! *
12. * */
13.  
14. use TYPO3\FLOW3\Annotations as FLOW3;
15.  
16. /**
17. * An authentication token used for simple username and password authentication.
18. *
19. */
20. class UsernamePassword implements \TYPO3\FLOW3\Security\Authentication\TokenInterface {
21.  
22. /**
23. * @var \TYPO3\FLOW3\Utility\Environment
24. * @FLOW3\Inject
25. */
26. protected $environment;
27.  
28. /**
29. * @var string
30. */
31. protected $authenticationProviderName;
32.  
33. /**
34. * Current authentication status of this token
35. * @var integer
36. */
37. protected $authenticationStatus = self::NO_CREDENTIALS_GIVEN;
38.  
39. /**
40. * The username/password credentials
41. * @var array
42. * @FLOW3\Transient
43. */
44. protected $credentials = array('username' => '', 'password' => '');
45.  
46. /**
47. * @var \TYPO3\FLOW3\Security\Account
48. */
49. protected $account;
50.  
51. /**
52. * @var \TYPO3\FLOW3\Security\AccountRepository
53. * @FLOW3\Inject
54. */
55. protected $accountRepository;
56.  
57. /**
58. * @var array
59. */
60. protected $requestPatterns = NULL;
61.  
62. /**
63. * The authentication entry point
64. * @var \TYPO3\FLOW3\Security\Authentication\EntryPointInterface
65. */
66. protected $entryPoint = NULL;
67.  
68. /**
69. * Returns the name of the authentication provider responsible for this token
70. *
71. * @return string The authentication provider name
72. */
73. public function getAuthenticationProviderName() {
74. return $this->authenticationProviderName;
75. }
76.  
77. /**
78. * Sets the name of the authentication provider responsible for this token
79. *
80. * @param string $authenticationProviderName The authentication provider name
81. * @return void
82. */
83. public function setAuthenticationProviderName($authenticationProviderName) {
84. $this->authenticationProviderName = $authenticationProviderName;
85. }
86.  
87. /**
88. * Returns TRUE if this token is currently authenticated
89. *
90. * @return boolean TRUE if this this token is currently authenticated
91. */
92. public function isAuthenticated() {
93. return ($this->authenticationStatus === self::AUTHENTICATION_SUCCESSFUL);
94. }
95.  
96. /**
97. * Sets the authentication entry point
98. *
99. * @param \TYPO3\FLOW3\Security\Authentication\EntryPointInterface $entryPoint The authentication entry point
100. * @return void
101. */
102. public function setAuthenticationEntryPoint(\TYPO3\FLOW3\Security\Authentication\EntryPointInterface $entryPoint) {
103. $this->entryPoint = $entryPoint;
104. }
105.  
106. /**
107. * Returns the configured authentication entry point, NULL if none is available
108. *
109. * @return \TYPO3\FLOW3\Security\Authentication\EntryPointInterface The configured authentication entry point, NULL if none is available
110. */
111. public function getAuthenticationEntryPoint() {
112. return $this->entryPoint;
113. }
114.  
115. /**
116. * Returns TRUE if \TYPO3\FLOW3\Security\RequestPattern were set
117. *
118. * @return boolean True if a \TYPO3\FLOW3\Security\RequestPatternInterface was set
119. */
120. public function hasRequestPatterns() {
121. if ($this->requestPatterns != NULL) return TRUE;
122. return FALSE;
123. }
124.  
125. /**
126. * Sets request patterns
127. *
128. * @param array $requestPatterns Array of \TYPO3\FLOW3\Security\RequestPattern to be set
129. * @return void
130. * @see hasRequestPattern()
131. */
132. public function setRequestPatterns(array $requestPatterns) {
133. $this->requestPatterns = $requestPatterns;
134. }
135.  
136. /**
137. * Returns an array of set \TYPO3\FLOW3\Security\RequestPatternInterface, NULL if none was set
138. *
139. * @return array Array of set request patterns
140. * @see hasRequestPattern()
141. */
142. public function getRequestPatterns() {
143. return $this->requestPatterns;
144. }
145.  
146. /**
147. * Updates the username and password credentials from the POST vars, if the POST parameters
148. * are available. Sets the authentication status to REAUTHENTICATION_NEEDED, if credentials have been sent.
149. *
150. * Note: You need to send the username and password in these two POST parameters:
151. * __authentication[TYPO3][FLOW3][Security][Authentication][Token][UsernamePassword][username]
152. * and __authentication[TYPO3][FLOW3][Security][Authentication][Token][UsernamePassword][password]
153. *
154. * @param \TYPO3\FLOW3\MVC\RequestInterface $request The current request instance
155. * @return void
156. */
157. public function updateCredentials(\TYPO3\FLOW3\MVC\RequestInterface $request) {
158. $postArguments = $this->environment->getRawPostArguments();
159. $username = \TYPO3\FLOW3\Reflection\ObjectAccess::getPropertyPath($postArguments, '__authentication.TYPO3.FLOW3.Security.Authentication.Token.UsernamePassword.username');
160. $password = \TYPO3\FLOW3\Reflection\ObjectAccess::getPropertyPath($postArguments, '__authentication.TYPO3.FLOW3.Security.Authentication.Token.UsernamePassword.password');
161.  
162. if (!empty($username) && !empty($password)) {
163. $this->credentials['username'] = $username;
164. $this->credentials['password'] = $password;
165.  
166. $this->setAuthenticationStatus(self::AUTHENTICATION_NEEDED);
167. }
168. }
169.  
170. /**
171. * Returns the credentials (username and password) of this token.
172. *
173. * @return object $credentials The needed credentials to authenticate this token
174. */
175. public function getCredentials() {
176. return $this->credentials;
177. }
178.  
179. /**
180. * Returns the account if one is authenticated, NULL otherwise.
181. *
182. * @return \TYPO3\FLOW3\Security\Account An account object
183. */
184. public function getAccount() {
185. return $this->account;
186. }
187.  
188. /**
189. * Set the (authenticated) account
190. *
191. * @param \TYPO3\FLOW3\Security\Account $account An account object
192. * @return void
193. */
194. public function setAccount(\TYPO3\FLOW3\Security\Account $account = NULL) {
195. $this->account = $account;
196. }
197.  
198. /**
199. * Returns the currently valid roles.
200. *
201. * @return array Array of TYPO3\FLOW3\Security\Authentication\Role objects
202. */
203. public function getRoles() {
204. $account = $this->getAccount();
205. return ($account !== NULL && $this->isAuthenticated()) ? $account->getRoles() : array();
206. }
207.  
208. /**
209. * Sets the authentication status. Usually called by the responsible \TYPO3\FLOW3\Security\Authentication\AuthenticationManagerInterface
210. *
211. * @param integer $authenticationStatus One of NO_CREDENTIALS_GIVEN, WRONG_CREDENTIALS, AUTHENTICATION_SUCCESSFUL, AUTHENTICATION_NEEDED
212. * @return void
213. * @throws TYPO3\FLOW3\Security\Exception\InvalidAuthenticationStatusException
214. */
215. public function setAuthenticationStatus($authenticationStatus) {
216. if (!in_array($authenticationStatus, array(self::NO_CREDENTIALS_GIVEN, self::WRONG_CREDENTIALS, self::AUTHENTICATION_SUCCESSFUL, self::AUTHENTICATION_NEEDED))) {
217. throw new \TYPO3\FLOW3\Security\Exception\InvalidAuthenticationStatusException('Invalid authentication status.', 1237224453);
218. }
219. $this->authenticationStatus = $authenticationStatus;
220. }
221.  
222. /**
223. * Returns the current authentication status
224. *
225. * @return integer One of NO_CREDENTIALS_GIVEN, WRONG_CREDENTIALS, AUTHENTICATION_SUCCESSFUL, AUTHENTICATION_NEEDED
226. */
227. public function getAuthenticationStatus() {
228. return $this->authenticationStatus;
229. }
230.  
231. /**
232. * Returns a string representation of the token for logging purposes.
233. *
234. * @return string The username credential
235. */
236. public function __toString() {
237. return 'Username: "' . $this->credentials['username'] . '"';
238. }
239. }
240.  
241. ?>