src/Security/MyAzureAuthenticator.php line 23

Open in your IDE?
  1. <?php
  2. namespace App\Security;
  4. use App\Entity\Kernel\User// your user entity
  5. use Doctrine\ORM\EntityManagerInterface;
  6. use KnpU\OAuth2ClientBundle\Security\Authenticator\SocialAuthenticator;
  7. use KnpU\OAuth2ClientBundle\Client\Provider\AzureClient;
  8. use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\Routing\RouterInterface;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  14. use Symfony\Component\Security\Core\User\UserProviderInterface;
  15. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. use App\Service\Kernel\UserService;
  17. use App\Service\Kernel\KernelService;
  18. //use Symfony\Component\HttpFoundation\Session\SessionInterface;
  19. use Symfony\Component\HttpFoundation\RequestStack;
  20. use Symfony\Contracts\Translation\TranslatorInterface;
  23. class MyAzureAuthenticator extends SocialAuthenticator
  24. {
  25.     private $clientRegistry;
  26.     private $em;
  27.     private $router;
  28.     private $userService;
  29.     private $kernelService;
  30.     //private $session;
  31.     private $translator;
  32.     private $requestStack;
  34.     public function __construct(ClientRegistry $clientRegistryEntityManagerInterface $emRouterInterface $routerUserService $userServiceKernelService $kernelServiceRequestStack $requestStackTranslatorInterface $translator)
  35.     {
  36.         $this->clientRegistry $clientRegistry;
  37.         $this->em $em;
  38.     $this->router $router;
  39.         $this->userService $userService;
  40.         $this->kernelService $kernelService;
  41.         //$this->session = $session;
  42.         $this->requestStack $requestStack;
  43.         $this->translator $translator;
  44.     }
  46.     public function supports(Request $request)
  47.     {
  48.         // continue ONLY if the current ROUTE matches the check ROUTE
  49.         return $request->attributes->get('_route') === 'connect_azure_check';
  50.     }
  52.     public function getCredentials(Request $request)
  53.     {
  54.         // this method is only called if supports() returns true
  56.         // For Symfony lower than 3.4 the supports method need to be called manually here:
  57.         // if (!$this->supports($request)) {
  58.         //     return null;
  59.         // }
  61.         return $this->fetchAccessToken($this->getAzureClient());
  62.     }
  64.     public function getUser($credentialsUserProviderInterface $userProvider)
  65.     {
  66.         /** @var FacebookUser $facebookUser */
  67.         $azureUser $this->getAzureClient()
  68.             ->fetchUserFromToken($credentials);
  69.         
  70.         //$email = $azureUser->getEmail();
  72.         // 1) have they logged in with Facebook before? Easy!
  73.         $existingUser $this->em->getRepository(User::class)
  74.             ->findOneBy(['uuid' => $azureUser->getId()]);
  75.         if ($existingUser) {
  76.             return $existingUser;
  77.         }
  79.         
  80.         
  81.         // 2) do we have a matching user by email?
  82.         //$user = $this->em->getRepository(User::class)
  83.         //    ->findOneBy(['email' => $email]);
  85.         // 3) Maybe you just want to "register" them by creating
  86.         // a User object
  87.                 
  88.         /*$user = new User();
  89.         $user->setUuid($azureUser->getId());
  90.         $user->setEmail($azureUser->toArray()['upn']);
  91.         $user->setFirstName($azureUser->getFirstName());
  92.         $user->setLastName($azureUser->getLastName());
  93.         $user->setPassword("?E(H+MbQeThWmZq4t7w!zPP&F)J@NcRf");
  94.         $this->em->persist($user);
  95.         $this->em->flush();*/
  96.         $defaultorg $this->kernelService->getApplicationInfoValue("Kernel.Defaultorganization");
  97.         $defaulttimezone $this->kernelService->getApplicationInfoValue("Kernel.Defaulttimezone");
  98.         $user $this->userService->CreateUser($azureUser->getId(), $azureUser->toArray()['upn'], $azureUser->getFirstName(), $azureUser->getLastName(), "?E(H+MbQeThWmZq4t7w!zPP&F)J@NcRf",
  99.                 """en-US"$defaulttimezonenull$defaultorg,1);
  101.         return $user;
  102.     }
  104.     /**
  105.      * @return AzureClient
  106.      */
  107.     private function getAzureClient()
  108.     {
  109.         return $this->clientRegistry
  110.             // "facebook_main" is the key used in config/packages/knpu_oauth2_client.yaml
  111.             ->getClient('azure');
  112.     }
  114.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  115.     {
  116.         $user $token->getUser();
  117.         if ($this->userService->CanLogin($user) == true)
  118.         {
  119.             $this->userService->Login($user);
  120.             $targetUrl $this->router->generate('app_home', ['_locale' => "".$user->getLocale()]);
  121.         }
  122.         else
  123.         {
  124.             $token->setAuthenticated(false);
  125.             //$this->session->set('error', $this->translator->trans("User.NotAllowedToLogin", [], 'messages', "en-US"));
  126.             $this->requestStack->getSession()->set('error'$this->translator->trans("User.NotAllowedToLogin", [], 'messages'"en-US"));
  127.             $targetUrl $this->router->generate('app_logout');
  128.         }
  129.         // change "app_homepage" to some route in your app
  130.         
  132.         return new RedirectResponse($targetUrl);
  133.     
  134.         // or, on success, let the request continue to be handled by the controller
  135.         //return null;
  136.     }
  138.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception)
  139.     {
  140.         $message strtr($exception->getMessageKey(), $exception->getMessageData());
  142.         return new Response($messageResponse::HTTP_FORBIDDEN);
  143.     }
  145.     /**
  146.      * Called when authentication is needed, but it's not sent.
  147.      * This redirects to the 'login'.
  148.      */
  149.     public function start(Request $requestAuthenticationException $authException null)
  150.     {
  151.         return new RedirectResponse(
  152.             '/connect/azure/'// might be the site, where users choose their oauth provider
  153.             Response::HTTP_TEMPORARY_REDIRECT
  154.         );
  155.     }
  157.     // ...
  158. }