- Moved Authenticate to DI file def
This commit is contained in:
Dave Mc Nicoll
parent
23079e6040
commit
d149e0a741
@ -5,11 +5,13 @@ namespace Ulmus\User\Authorize\Header;
|
|||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Ulmus\User\Entity\BasicAuthUserInterface;
|
use Ulmus\User\Entity\BasicAuthUserInterface;
|
||||||
use Ulmus\User\Entity\UserInterface;
|
use Ulmus\User\Entity\UserInterface;
|
||||||
|
use Ulmus\User\Lib\Authenticate;
|
||||||
use Ulmus\User\Lib\Authorize;
|
use Ulmus\User\Lib\Authorize;
|
||||||
|
|
||||||
class BasicMethod implements MethodInterface
|
class BasicMethod implements MethodInterface
|
||||||
{
|
{
|
||||||
public function __construct(
|
public function __construct(
|
||||||
|
protected Authenticate $authorize,
|
||||||
protected BasicAuthUserInterface $user,
|
protected BasicAuthUserInterface $user,
|
||||||
protected string|array $arguments
|
protected string|array $arguments
|
||||||
) {}
|
) {}
|
||||||
@ -29,7 +31,8 @@ class BasicMethod implements MethodInterface
|
|||||||
throw new \RuntimeException("A password must be provided");
|
throw new \RuntimeException("A password must be provided");
|
||||||
}
|
}
|
||||||
|
|
||||||
( new Authorize($this->user) )->authenticate([ $this->user->usernameField() => $userName ], $password);
|
$this->authorize->user = $this->user;
|
||||||
|
$this->authorize->authenticate([ $this->user->usernameField() => $userName ], $password);
|
||||||
|
|
||||||
return $this->user->loggedIn();
|
return $this->user->loggedIn();
|
||||||
}
|
}
|
||||||
|
|||||||
@ -6,6 +6,7 @@ use Psr\Http\Message\ServerRequestInterface;
|
|||||||
use Ulmus\User\Authorize\Bearer\JsonWebToken;
|
use Ulmus\User\Authorize\Bearer\JsonWebToken;
|
||||||
use Ulmus\User\Authorize\Bearer\JsonWebTokenDecoder;
|
use Ulmus\User\Authorize\Bearer\JsonWebTokenDecoder;
|
||||||
use Ulmus\User\Entity\UserInterface;
|
use Ulmus\User\Entity\UserInterface;
|
||||||
|
use Ulmus\User\Lib\Authenticate;
|
||||||
use Ulmus\User\Lib\Authorize;
|
use Ulmus\User\Lib\Authorize;
|
||||||
|
|
||||||
class BearerMethod implements MethodInterface
|
class BearerMethod implements MethodInterface
|
||||||
@ -13,20 +14,21 @@ class BearerMethod implements MethodInterface
|
|||||||
protected JsonWebTokenDecoder $jwt;
|
protected JsonWebTokenDecoder $jwt;
|
||||||
|
|
||||||
public function __construct(
|
public function __construct(
|
||||||
|
protected Authenticate $authorize,
|
||||||
protected UserInterface $user,
|
protected UserInterface $user,
|
||||||
protected string $token
|
protected string $token
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
public function execute(ServerRequestInterface $request) : bool
|
public function execute(ServerRequestInterface $request) : bool
|
||||||
{
|
{
|
||||||
|
$this->authorize->user = $this->user;
|
||||||
|
|
||||||
switch($this->autodetectTokenType()) {
|
switch($this->autodetectTokenType()) {
|
||||||
case BearerTokenTypeEnum::JsonWebToken:
|
case BearerTokenTypeEnum::JsonWebToken:
|
||||||
$authorize = new Authorize($this->user);
|
|
||||||
|
|
||||||
$payload = $this->jwt->getPayload();
|
$payload = $this->jwt->getPayload();
|
||||||
|
|
||||||
if ($payload['sub'] ?? false) {
|
if ($payload['sub'] ?? false) {
|
||||||
if ( ! $authorize->logUser((int) $payload['sub']) ) {
|
if ( ! $this->authorize->logUser($payload['sub']) ) {
|
||||||
throw new \Exception("Given user id do not match with an existing/active user");
|
throw new \Exception("Given user id do not match with an existing/active user");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -4,10 +4,12 @@ namespace Ulmus\User\Authorize\Header;
|
|||||||
|
|
||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Ulmus\User\Entity\DigestAuthUserInterface;
|
use Ulmus\User\Entity\DigestAuthUserInterface;
|
||||||
|
use Ulmus\User\Lib\Authenticate;
|
||||||
|
|
||||||
class DigestMethod implements MethodInterface
|
class DigestMethod implements MethodInterface
|
||||||
{
|
{
|
||||||
public function __construct(
|
public function __construct(
|
||||||
|
protected Authenticate $authorize,
|
||||||
protected DigestAuthUserInterface $user,
|
protected DigestAuthUserInterface $user,
|
||||||
protected string|array $arguments
|
protected string|array $arguments
|
||||||
) {}
|
) {}
|
||||||
|
|||||||
@ -5,9 +5,14 @@ namespace Ulmus\User\Authorize;
|
|||||||
use Psr\Http\Message\ServerRequestInterface;
|
use Psr\Http\Message\ServerRequestInterface;
|
||||||
use Ulmus\User\Common\AuthorizeContentTypeEnum;
|
use Ulmus\User\Common\AuthorizeContentTypeEnum;
|
||||||
use Ulmus\User\Entity\{ DigestAuthUserInterface, UserInterface };
|
use Ulmus\User\Entity\{ DigestAuthUserInterface, UserInterface };
|
||||||
|
use Ulmus\User\Lib\Authenticate;
|
||||||
|
|
||||||
class HeaderAuthentication implements AuthorizeMethodInterface
|
class HeaderAuthentication implements AuthorizeMethodInterface
|
||||||
{
|
{
|
||||||
|
public function __construct(
|
||||||
|
protected Authenticate $authorize,
|
||||||
|
) { }
|
||||||
|
|
||||||
public function connect(ServerRequestInterface $request, UserInterface $user): bool
|
public function connect(ServerRequestInterface $request, UserInterface $user): bool
|
||||||
{
|
{
|
||||||
if (null !== ( $auth = $request->getHeaderLine('Authorization') )) {
|
if (null !== ( $auth = $request->getHeaderLine('Authorization') )) {
|
||||||
@ -15,7 +20,7 @@ class HeaderAuthentication implements AuthorizeMethodInterface
|
|||||||
|
|
||||||
switch(strtolower($method)) {
|
switch(strtolower($method)) {
|
||||||
case "basic":
|
case "basic":
|
||||||
$methodObj = new Header\BasicMethod($user, $value);
|
$methodObj = new Header\BasicMethod($this->authorize, $user, $value);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "digest":
|
case "digest":
|
||||||
@ -23,11 +28,11 @@ class HeaderAuthentication implements AuthorizeMethodInterface
|
|||||||
throw new \RuntimeException("Your user entity must provide a valid hash of `user:realm:password` ");
|
throw new \RuntimeException("Your user entity must provide a valid hash of `user:realm:password` ");
|
||||||
}
|
}
|
||||||
|
|
||||||
$methodObj = new Header\DigestMethod($user, $value);
|
$methodObj = new Header\DigestMethod($this->authorize, $user, $value);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "bearer":
|
case "bearer":
|
||||||
$methodObj = new Header\BearerMethod($user, $value);
|
$methodObj = new Header\BearerMethod($this->authorize, $user, $value);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case "token":
|
case "token":
|
||||||
|
|||||||
@ -10,17 +10,19 @@ use Psr\Http\{
|
|||||||
};
|
};
|
||||||
use Ulmus\User\Entity\UserInterface;
|
use Ulmus\User\Entity\UserInterface;
|
||||||
use Ulmus\User\Authorize\HeaderAuthentication;
|
use Ulmus\User\Authorize\HeaderAuthentication;
|
||||||
|
use Ulmus\User\Lib\Authenticate;
|
||||||
|
|
||||||
class HeaderAuthenticationMiddleware implements MiddlewareInterface
|
class HeaderAuthenticationMiddleware implements MiddlewareInterface
|
||||||
{
|
{
|
||||||
protected HeaderAuthentication $authenticator;
|
protected HeaderAuthentication $authenticator;
|
||||||
|
|
||||||
public function __construct(
|
public function __construct(
|
||||||
|
protected Authenticate $authorize,
|
||||||
protected UserInterface $entity,
|
protected UserInterface $entity,
|
||||||
protected \Closure $loginFailedResponse,
|
protected \Closure $loginFailedResponse,
|
||||||
HeaderAuthentication $authenticator = null,
|
HeaderAuthentication $authenticator = null,
|
||||||
) {
|
) {
|
||||||
$this->authenticator = $authenticator ?: new HeaderAuthentication();
|
$this->authenticator = $authenticator ?: new HeaderAuthentication($authorize);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
public function process(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user