vendor/symfony/security-http/EventListener/CheckCredentialsListener.php line 41

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\EventListener;
  14. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  15. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  16. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\CustomCredentials;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\UserPassportInterface;
  21. use Symfony\Component\Security\Http\Event\CheckPassportEvent;
  23. /**
  24.  * This listeners uses the interfaces of authenticators to
  25.  * determine how to check credentials.
  26.  *
  27.  * @author Wouter de Jong <wouter@driveamber.com>
  28.  *
  29.  * @final
  30.  * @experimental in 5.2
  31.  */
  32. class CheckCredentialsListener implements EventSubscriberInterface
  33. {
  34.     private $encoderFactory;
  36.     public function __construct(EncoderFactoryInterface $encoderFactory)
  37.     {
  38.         $this->encoderFactory $encoderFactory;
  39.     }
  41.     public function checkPassport(CheckPassportEvent $event): void
  42.     {
  43.         $passport $event->getPassport();
  44.         if ($passport instanceof UserPassportInterface && $passport->hasBadge(PasswordCredentials::class)) {
  45.             // Use the password encoder to validate the credentials
  46.             $user $passport->getUser();
  47.             /** @var PasswordCredentials $badge */
  48.             $badge $passport->getBadge(PasswordCredentials::class);
  50.             if ($badge->isResolved()) {
  51.                 return;
  52.             }
  54.             $presentedPassword $badge->getPassword();
  55.             if ('' === $presentedPassword) {
  56.                 throw new BadCredentialsException('The presented password cannot be empty.');
  57.             }
  59.             if (null === $user->getPassword()) {
  60.                 throw new BadCredentialsException('The presented password is invalid.');
  61.             }
  63.             if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword$user->getSalt())) {
  64.                 throw new BadCredentialsException('The presented password is invalid.');
  65.             }
  67.             $badge->markResolved();
  69.             if (!$passport->hasBadge(PasswordUpgradeBadge::class)) {
  70.                 $passport->addBadge(new PasswordUpgradeBadge($presentedPassword));
  71.             }
  73.             return;
  74.         }
  76.         if ($passport->hasBadge(CustomCredentials::class)) {
  77.             /** @var CustomCredentials $badge */
  78.             $badge $passport->getBadge(CustomCredentials::class);
  79.             if ($badge->isResolved()) {
  80.                 return;
  81.             }
  83.             $badge->executeCustomChecker($passport->getUser());
  85.             return;
  86.         }
  87.     }
  89.     public static function getSubscribedEvents(): array
  90.     {
  91.         return [CheckPassportEvent::class => 'checkPassport'];
  92.     }
  93. }