vendor/symfony/security-http/Authenticator/HttpBasicAuthenticator.php line 35

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Authenticator;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  18. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  19. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  20. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  21. use Symfony\Component\Security\Core\User\UserProviderInterface;
  22. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  23. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  24. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  25. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  26. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  27. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  29. /**
  30.  * @author Wouter de Jong <wouter@wouterj.nl>
  31.  * @author Fabien Potencier <fabien@symfony.com>
  32.  *
  33.  * @final
  34.  */
  35. class HttpBasicAuthenticator implements AuthenticatorInterfaceAuthenticationEntryPointInterface
  36. {
  37.     private $realmName;
  38.     private $userProvider;
  39.     private $logger;
  41.     public function __construct(string $realmNameUserProviderInterface $userProvider, ?LoggerInterface $logger null)
  42.     {
  43.         $this->realmName $realmName;
  44.         $this->userProvider $userProvider;
  45.         $this->logger $logger;
  46.     }
  48.     public function start(Request $request, ?AuthenticationException $authException null): Response
  49.     {
  50.         $response = new Response();
  51.         $response->headers->set('WWW-Authenticate'sprintf('Basic realm="%s"'$this->realmName));
  52.         $response->setStatusCode(401);
  54.         return $response;
  55.     }
  57.     public function supports(Request $request): ?bool
  58.     {
  59.         return $request->headers->has('PHP_AUTH_USER');
  60.     }
  62.     public function authenticate(Request $request): PassportInterface
  63.     {
  64.         $username $request->headers->get('PHP_AUTH_USER');
  65.         $password $request->headers->get('PHP_AUTH_PW''');
  67.         // @deprecated since Symfony 5.3, change to $this->userProvider->loadUserByIdentifier() in 6.0
  68.         $method 'loadUserByIdentifier';
  69.         if (!method_exists($this->userProvider'loadUserByIdentifier')) {
  70.             trigger_deprecation('symfony/security-core''5.3''Not implementing method "loadUserByIdentifier()" in user provider "%s" is deprecated. This method will replace "loadUserByUsername()" in Symfony 6.0.'get_debug_type($this->userProvider));
  72.             $method 'loadUserByUsername';
  73.         }
  75.         $passport = new Passport(
  76.             new UserBadge($username, [$this->userProvider$method]),
  77.             new PasswordCredentials($password)
  78.         );
  79.         if ($this->userProvider instanceof PasswordUpgraderInterface) {
  80.             $passport->addBadge(new PasswordUpgradeBadge($password$this->userProvider));
  81.         }
  83.         return $passport;
  84.     }
  86.     /**
  87.      * @deprecated since Symfony 5.4, use {@link createToken()} instead
  88.      */
  89.     public function createAuthenticatedToken(PassportInterface $passportstring $firewallName): TokenInterface
  90.     {
  91.         trigger_deprecation('symfony/security-http''5.4''Method "%s()" is deprecated, use "%s::createToken()" instead.'__METHOD____CLASS__);
  93.         return $this->createToken($passport$firewallName);
  94.     }
  96.     public function createToken(Passport $passportstring $firewallName): TokenInterface
  97.     {
  98.         return new UsernamePasswordToken($passport->getUser(), $firewallName$passport->getUser()->getRoles());
  99.     }
  101.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  102.     {
  103.         return null;
  104.     }
  106.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  107.     {
  108.         if (null !== $this->logger) {
  109.             $this->logger->info('Basic authentication failed for user.', ['username' => $request->headers->get('PHP_AUTH_USER'), 'exception' => $exception]);
  110.         }
  112.         return $this->start($request$exception);
  113.     }
  114. }