vendor/symfony/security-http/EventListener/CheckCredentialsListener.php line 40

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of the Symfony package.
  4.  *
  5.  * (c) Fabien Potencier <fabien@symfony.com>
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  10. namespace Symfony\Component\Security\Http\EventListener;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  13. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  14. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  15. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  16. use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
  17. use Symfony\Component\Security\Http\Event\CheckPassportEvent;
  18. /**
  19.  * This listeners uses the interfaces of authenticators to
  20.  * determine how to check credentials.
  21.  *
  22.  * @author Wouter de Jong <wouter@driveamber.com>
  23.  *
  24.  * @final
  25.  * @experimental in 5.1
  26.  */
  27. class CheckCredentialsListener implements EventSubscriberInterface
  28. {
  29.     private $encoderFactory;
  30.     public function __construct(EncoderFactoryInterface $encoderFactory)
  31.     {
  32.         $this->encoderFactory $encoderFactory;
  33.     }
  34.     public function checkPassport(CheckPassportEvent $event): void
  35.     {
  36.         $passport $event->getPassport();
  37.         if ($passport instanceof UserPassportInterface && $passport->hasBadge(PasswordCredentials::class)) {
  38.             // Use the password encoder to validate the credentials
  39.             $user $passport->getUser();
  40.             /** @var PasswordCredentials $badge */
  41.             $badge $passport->getBadge(PasswordCredentials::class);
  42.             if ($badge->isResolved()) {
  43.                 return;
  44.             }
  45.             $presentedPassword $badge->getPassword();
  46.             if ('' === $presentedPassword) {
  47.                 throw new BadCredentialsException('The presented password cannot be empty.');
  48.             }
  49.             if (null === $user->getPassword()) {
  50.                 throw new BadCredentialsException('The presented password is invalid.');
  51.             }
  52.             if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword$user->getSalt())) {
  53.                 throw new BadCredentialsException('The presented password is invalid.');
  54.             }
  55.             $badge->markResolved();
  56.             return;
  57.         }
  58.         if ($passport->hasBadge(CustomCredentials::class)) {
  59.             /** @var CustomCredentials $badge */
  60.             $badge $passport->getBadge(CustomCredentials::class);
  61.             if ($badge->isResolved()) {
  62.                 return;
  63.             }
  64.             $badge->executeCustomChecker($passport->getUser());
  65.             return;
  66.         }
  67.     }
  68.     public static function getSubscribedEvents(): array
  69.     {
  70.         return [CheckPassportEvent::class => 'checkPassport'];
  71.     }
  72. }