<?phpnamespace Vendor\Application\Security\Authentication\Oauth\Provider;abs

1. <?php
2.  
3. namespace Vendor\Application\Security\Authentication\Oauth\Provider;
4.  
5. abstract class AbstractOauthProvider extends AbstractProvider {
6.  
7. /**
8. * Oauth manager
9. *
10. * @var OauthManager
11. * @Flow\Inject
12. */
13. protected $oauthManager;
14.  
15. /**
16. * @Flow\Inject
17. * @var \Neos\Flow\Persistence\PersistenceManagerInterface
18. */
19. protected $persistenceManager;
20.  
21. /**
22. * @var PropertyMapper
23. * @Flow\Inject
24. */
25. protected $propertyMapper;
26.  
27. /**
28. * @var HashService
29. * @Flow\Inject
30. */
31. protected $hashService;
32.  
33. /**
34. * Account repository
35. *
36. * @var AccountRepository
37. * @Flow\Inject
38. */
39. protected $accountRepository;
40.  
41. /**
42. * User repository
43. *
44. * @var UserRepository
45. * @Flow\Inject
46. */
47. protected $userRepository;
48.  
49. /**
50. * @Flow\Inject
51. * @var \Neos\Flow\Security\Context
52. */
53. protected $securityContext;
54.  
55.  
56. /**
57. * @return string
58. */
59. abstract protected function getResourceOwnerClassName();
60.  
61. /**
62. * Get oauth provider
63. *
64. * @return \League\OAuth2\Client\Provider\AbstractProvider
65. */
66. protected function getOauthProvider() {
67. $strategy = $this->oauthManager->getStrategyNameByProviderName($this->name);
68. $provider = $this->oauthManager->getImplementedProviderByStrategyName($strategy);
69. return $provider;
70. }
71.  
72. /**
73. * @param TokenInterface $authenticationToken
74. * @return \League\OAuth2\Client\Provider\ResourceOwnerInterface
75. */
76. protected function getResourceOwner(TokenInterface $authenticationToken) {
77. $credentials = $authenticationToken->getCredentials();
78. $provider = $this->getOauthProvider();
79. $resourceOwner = $provider->getResourceOwner($credentials['accessToken']);
80. return $resourceOwner;
81. }
82.  
83. public function authenticate(TokenInterface $authenticationToken)
84. {
85. $tokens = $this->getTokenClassNames();
86. $tokenClassName = $tokens[0];
87. if (!($authenticationToken instanceof $tokenClassName)) {
88. throw new UnsupportedAuthenticationTokenException(sprintf('This provider only supports %s', [$this->getTokenClassNames()[0]]));
89. }
90.  
91. $resourceOwner = $this->getResourceOwner($authenticationToken);
92.  
93. if (!(get_class($resourceOwner) === $this->getResourceOwnerClassName())) {
94. $authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS);
95. return;
96. }
97.  
98. $providerName = $this->name;
99. $accountRepository = $this->accountRepository;
100. $account = NULL;
101.  
102.  
103. $this->securityContext->withoutAuthorizationChecks(function () use ($resourceOwner, $providerName, $accountRepository , &$account) {
104. $account = $accountRepository->findByAccountIdentifierAndAuthenticationProviderName($resourceOwner->getId(), $providerName);
105. });
106.  
107. if ($account === NULL) {
108. $user = User::signUp(
109. $resourceOwner->getId(),
110. $this->hashService->hashPassword(Algorithms::generateRandomString(32)),
111. $this->name
112. );
113. $this->userRepository->add($user);
114. $account = $user->getAccount();
115. }
116.  
117. $authenticationToken->setAccount($account);
118.  
119. $randomPassword = $this->hashService->hashPassword(Algorithms::generateRandomString(32));
120. $account->setCredentialsSource($randomPassword);
121. $authenticationToken->setAccount($account);
122. $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL);
123.  
124. $this->accountRepository->update($account);
125. $this->persistenceManager->persistAll();
126.  
127. }
128. }