vendor/symfony/security-core/Authentication/AuthenticationProviderManager.php line 78

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Core\Authentication;
  14. use Symfony\Component\PasswordHasher\Exception\InvalidPasswordException;
  15. use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
  16. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  17. use Symfony\Component\Security\Core\AuthenticationEvents;
  18. use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
  19. use Symfony\Component\Security\Core\Event\AuthenticationSuccessEvent;
  20. use Symfony\Component\Security\Core\Exception\AccountStatusException;
  21. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  22. use Symfony\Component\Security\Core\Exception\BadCredentialsException;
  23. use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
  24. use Symfony\Component\Security\Core\User\UserInterface;
  25. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  27. trigger_deprecation('symfony/security-core''5.3''The "%s" class is deprecated, use the new authenticator system instead.'AuthenticationProviderManager::class);
  29. // Help opcache.preload discover always-needed symbols
  30. class_exists(AuthenticationEvents::class);
  31. class_exists(AuthenticationFailureEvent::class);
  32. class_exists(AuthenticationSuccessEvent::class);
  34. /**
  35.  * AuthenticationProviderManager uses a list of AuthenticationProviderInterface
  36.  * instances to authenticate a Token.
  37.  *
  38.  * @author Fabien Potencier <fabien@symfony.com>
  39.  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  40.  *
  41.  * @deprecated since Symfony 5.3, use the new authenticator system instead
  42.  */
  43. class AuthenticationProviderManager implements AuthenticationManagerInterface
  44. {
  45.     private $providers;
  46.     private $eraseCredentials;
  47.     private $eventDispatcher;
  49.     /**
  50.      * @param iterable<mixed, AuthenticationProviderInterface> $providers        An iterable with AuthenticationProviderInterface instances as values
  51.      * @param bool                                             $eraseCredentials Whether to erase credentials after authentication or not
  52.      *
  53.      * @throws \InvalidArgumentException
  54.      */
  55.     public function __construct(iterable $providersbool $eraseCredentials true)
  56.     {
  57.         if (!$providers) {
  58.             throw new \InvalidArgumentException('You must at least add one authentication provider.');
  59.         }
  61.         $this->providers $providers;
  62.         $this->eraseCredentials $eraseCredentials;
  63.     }
  65.     public function setEventDispatcher(EventDispatcherInterface $dispatcher)
  66.     {
  67.         $this->eventDispatcher $dispatcher;
  68.     }
  70.     /**
  71.      * {@inheritdoc}
  72.      */
  73.     public function authenticate(TokenInterface $token)
  74.     {
  75.         $lastException null;
  76.         $result null;
  78.         foreach ($this->providers as $provider) {
  79.             if (!$provider instanceof AuthenticationProviderInterface) {
  80.                 throw new \InvalidArgumentException(sprintf('Provider "%s" must implement the AuthenticationProviderInterface.'get_debug_type($provider)));
  81.             }
  83.             if (!$provider->supports($token)) {
  84.                 continue;
  85.             }
  87.             try {
  88.                 $result $provider->authenticate($token);
  90.                 if (null !== $result) {
  91.                     break;
  92.                 }
  93.             } catch (AccountStatusException $e) {
  94.                 $lastException $e;
  96.                 break;
  97.             } catch (AuthenticationException $e) {
  98.                 $lastException $e;
  99.             } catch (InvalidPasswordException $e) {
  100.                 $lastException = new BadCredentialsException('Bad credentials.'0$e);
  101.             }
  102.         }
  104.         if (null !== $result) {
  105.             if (true === $this->eraseCredentials) {
  106.                 $result->eraseCredentials();
  107.             }
  109.             if (null !== $this->eventDispatcher) {
  110.                 $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($result), AuthenticationEvents::AUTHENTICATION_SUCCESS);
  111.             }
  113.             // @deprecated since Symfony 5.3
  114.             if ($result->getUser() instanceof UserInterface && !method_exists($result->getUser(), 'getUserIdentifier')) {
  115.                 trigger_deprecation('symfony/security-core''5.3''Not implementing method "getUserIdentifier(): string" in user class "%s" is deprecated. This method will replace "getUsername()" in Symfony 6.0.'get_debug_type($result->getUser()));
  116.             }
  118.             return $result;
  119.         }
  121.         if (null === $lastException) {
  122.             $lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', \get_class($token)));
  123.         }
  125.         if (null !== $this->eventDispatcher) {
  126.             $this->eventDispatcher->dispatch(new AuthenticationFailureEvent($token$lastException), AuthenticationEvents::AUTHENTICATION_FAILURE);
  127.         }
  129.         $lastException->setToken($token);
  131.         throw $lastException;
  132.     }
  133. }