Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- namespace App\Security;
- use App\Entity\Langilea;
- use App\Entity\User; // your user entity
- use Doctrine\ORM\EntityManagerInterface;
- use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
- use KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator;
- use Symfony\Component\HttpFoundation\RedirectResponse;
- use Symfony\Component\HttpFoundation\Request;
- use Symfony\Component\HttpFoundation\Response;
- use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
- use Symfony\Component\Routing\RouterInterface;
- use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
- use Symfony\Component\Security\Core\Exception\AuthenticationException;
- use Symfony\Component\Security\Core\Exception\UserNotFoundException;
- use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
- use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
- use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
- use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
- use Symfony\Component\Security\Http\Util\TargetPathTrait;
- class OauthAuthenticator extends OAuth2Authenticator implements AuthenticationEntrypointInterface
- {
- use TargetPathTrait;
- public const LOGIN_ROUTE = 'app_login';
- private ClientRegistry $clientRegistry;
- private EntityManagerInterface $entityManager;
- private RouterInterface $router;
- public function __construct(
- private readonly UrlGeneratorInterface $urlGenerator,
- ClientRegistry $clientRegistry,
- EntityManagerInterface $entityManager,
- RouterInterface $router)
- {
- $this->clientRegistry = $clientRegistry;
- $this->entityManager = $entityManager;
- $this->router = $router;
- }
- public function supports(Request $request): ?bool
- {
- // continue ONLY if the current ROUTE matches the check ROUTE
- return $request->attributes->get('_route') === 'oauth_check';
- }
- public function authenticate(Request $request): Passport
- {
- $client = $this->clientRegistry->getClient('generic');
- $accessToken = $this->fetchAccessToken($client);
- return new SelfValidatingPassport(
- new UserBadge($accessToken->getToken(), function() use ($accessToken, $client) {
- $user = $client->fetchUserFromToken($accessToken);
- $na = $user->getId();
- // 1) have they logged in with Facebook before? Easy!
- $existingUser = $this->entityManager->getRepository(Langilea::class)->findOneBy(['NA' => $na]);
- if ($existingUser) {
- return $existingUser;
- }
- throw new UserNotFoundException();
- })
- );
- }
- public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
- {
- if ($targetPath = $this->getTargetPath($request->getSession(), $firewallName)) {
- return new RedirectResponse($targetPath);
- }
- if (in_array('ROLE_ADMIN',$token->getRoleNames())) {
- return new RedirectResponse($this->urlGenerator->generate('app_admin'));
- }
- return new RedirectResponse($this->urlGenerator->generate('app_default'));
- }
- protected function getLoginUrl(Request $request): string
- {
- return $this->urlGenerator->generate(self::LOGIN_ROUTE);
- }
- public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
- {
- $message = strtr($exception->getMessageKey(), $exception->getMessageData());
- return new Response($message, Response::HTTP_FORBIDDEN);
- }
- public function start(Request $request, AuthenticationException $authException = null): RedirectResponse
- {
- return new RedirectResponse(
- '/connect/', // might be the site, where users choose their oauth provider
- Response::HTTP_TEMPORARY_REDIRECT
- );
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement