vendor/symfony/security-http/Authenticator/HttpBasicAuthenticator.php line 35

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of the Symfony package.
  4.  *
  5.  * (c) Fabien Potencier <fabien@symfony.com>
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  10. namespace Symfony\Component\Security\Http\Authenticator;
  11. use Psr\Log\LoggerInterface;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
  16. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  17. use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
  18. use Symfony\Component\Security\Core\User\UserProviderInterface;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  21. use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
  22. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  23. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  24. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  25. /**
  26.  * @author Wouter de Jong <wouter@wouterj.nl>
  27.  * @author Fabien Potencier <fabien@symfony.com>
  28.  *
  29.  * @final
  30.  */
  31. class HttpBasicAuthenticator implements AuthenticatorInterfaceAuthenticationEntryPointInterface
  32. {
  33.     private $realmName;
  34.     private $userProvider;
  35.     private $logger;
  36.     public function __construct(string $realmNameUserProviderInterface $userProvider, ?LoggerInterface $logger null)
  37.     {
  38.         $this->realmName $realmName;
  39.         $this->userProvider $userProvider;
  40.         $this->logger $logger;
  41.     }
  42.     public function start(Request $request, ?AuthenticationException $authException null): Response
  43.     {
  44.         $response = new Response();
  45.         $response->headers->set('WWW-Authenticate'sprintf('Basic realm="%s"'$this->realmName));
  46.         $response->setStatusCode(401);
  47.         return $response;
  48.     }
  49.     public function supports(Request $request): ?bool
  50.     {
  51.         return $request->headers->has('PHP_AUTH_USER');
  52.     }
  53.     public function authenticate(Request $request): PassportInterface
  54.     {
  55.         $username $request->headers->get('PHP_AUTH_USER');
  56.         $password $request->headers->get('PHP_AUTH_PW''');
  57.         // @deprecated since Symfony 5.3, change to $this->userProvider->loadUserByIdentifier() in 6.0
  58.         $method 'loadUserByIdentifier';
  59.         if (!method_exists($this->userProvider'loadUserByIdentifier')) {
  60.             trigger_deprecation('symfony/security-core''5.3''Not implementing method "loadUserByIdentifier()" in user provider "%s" is deprecated. This method will replace "loadUserByUsername()" in Symfony 6.0.'get_debug_type($this->userProvider));
  61.             $method 'loadUserByUsername';
  62.         }
  63.         $passport = new Passport(
  64.             new UserBadge($username, [$this->userProvider$method]),
  65.             new PasswordCredentials($password)
  66.         );
  67.         if ($this->userProvider instanceof PasswordUpgraderInterface) {
  68.             $passport->addBadge(new PasswordUpgradeBadge($password$this->userProvider));
  69.         }
  70.         return $passport;
  71.     }
  72.     /**
  73.      * @deprecated since Symfony 5.4, use {@link createToken()} instead
  74.      */
  75.     public function createAuthenticatedToken(PassportInterface $passportstring $firewallName): TokenInterface
  76.     {
  77.         trigger_deprecation('symfony/security-http''5.4''Method "%s()" is deprecated, use "%s::createToken()" instead.'__METHOD____CLASS__);
  78.         return $this->createToken($passport$firewallName);
  79.     }
  80.     public function createToken(Passport $passportstring $firewallName): TokenInterface
  81.     {
  82.         return new UsernamePasswordToken($passport->getUser(), $firewallName$passport->getUser()->getRoles());
  83.     }
  84.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  85.     {
  86.         return null;
  87.     }
  88.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  89.     {
  90.         if (null !== $this->logger) {
  91.             $this->logger->info('Basic authentication failed for user.', ['username' => $request->headers->get('PHP_AUTH_USER'), 'exception' => $exception]);
  92.         }
  93.         return $this->start($request$exception);
  94.     }
  95. }