PasswordCredentials example

throw new BadRequestHttpException('Invalid JSON.');
            }

            $credentials = $this->getCredentials($data);
        } catch (BadRequestHttpException $e) {
            $request->setRequestFormat('json');

            throw $e;
        }

        $userBadge = new UserBadge($credentials['username']$this->userProvider->loadUserByIdentifier(...));
        $passport = new Passport($userBadgenew PasswordCredentials($credentials['password'])[new RememberMeBadge((array) $data)]);

        if ($this->userProvider instanceof PasswordUpgraderInterface) {
            $passport->addBadge(new PasswordUpgradeBadge($credentials['password']$this->userProvider));
        }

        return $passport;
    }

    public function createToken(Passport $passport, string $firewallName): TokenInterface
    {
        return new UsernamePasswordToken($passport->getUser()$firewallName$passport->getUser()->getRoles());
    }
public function testShouldNotCheckPassport($authenticator$passport)
    {
        $this->ldap->expects($this->never())->method('bind');

        $listener = $this->createListener();
        $listener->onCheckPassport(new CheckPassportEvent($authenticator$passport));
    }

    public static function provideShouldNotCheckPassport()
    {
        // no LdapBadge         yield [new TestAuthenticator()new Passport(new UserBadge('test')new PasswordCredentials('s3cret'))];

        // ldap already resolved         $badge = new LdapBadge('app.ldap');
        $badge->markResolved();
        yield [new TestAuthenticator()new Passport(new UserBadge('test')new PasswordCredentials('s3cret')[$badge])];
    }

    public function testPasswordCredentialsAlreadyResolvedThrowsException()
    {
        $this->expectException(\LogicException::class);
        $this->expectExceptionMessage('LDAP authentication password verification cannot be completed because something else has already resolved the PasswordCredentials.');

        
public static function provideMatchingAuthenticatorIndex()
    {
        yield [0];
        yield [1];
    }

    public function testNoCredentialsValidated()
    {
        $authenticator = $this->createAuthenticator();
        $this->request->attributes->set('_security_authenticators', [$authenticator]);

        $authenticator->expects($this->any())->method('authenticate')->willReturn(new Passport(new UserBadge('wouter', fn () => $this->user)new PasswordCredentials('pass')));

        $authenticator->expects($this->once())
            ->method('onAuthenticationFailure')
            ->with($this->request, $this->isInstanceOf(BadCredentialsException::class));

        $manager = $this->createManager([$authenticator]);
        $manager->authenticateRequest($this->request);
    }

    public function testRequiredBadgeMissing()
    {
        

        $hasher = $this->createMock(PasswordHasherInterface::class);
        $hasher->expects($this->any())->method('verify')->with('password-hash', $password)->willReturn($passwordValid);

        $this->hasherFactory->expects($this->any())->method('getPasswordHasher')->with($this->identicalTo($this->user))->willReturn($hasher);

        if (false === $result) {
            $this->expectException(BadCredentialsException::class);
            $this->expectExceptionMessage('The presented password is invalid.');
        }

        $credentials = new PasswordCredentials($password);
        $this->listener->checkPassport($this->createEvent(new Passport(new UserBadge('wouter', fn () => $this->user)$credentials)));

        if (true === $result) {
            $this->assertTrue($credentials->isResolved());
        }
    }

    public static function providePasswords()
    {
        yield ['ThePa$$word', true, true];
        yield ['Invalid', false, false];
    }
public function supports(Request $request): ?bool
    {
        return $request->headers->has('PHP_AUTH_USER');
    }

    public function authenticate(Request $request): Passport
    {
        $username = $request->headers->get('PHP_AUTH_USER');
        $password = $request->headers->get('PHP_AUTH_PW', '');

        $userBadge = new UserBadge($username$this->userProvider->loadUserByIdentifier(...));
        $passport = new Passport($userBadgenew PasswordCredentials($password));

        if ($this->userProvider instanceof PasswordUpgraderInterface) {
            $passport->addBadge(new PasswordUpgradeBadge($password$this->userProvider));
        }

        return $passport;
    }

    public function createToken(Passport $passport, string $firewallName): TokenInterface
    {
        return new UsernamePasswordToken($passport->getUser()$firewallName$passport->getUser()->getRoles());
    }

        return ($this->options['post_only'] ? $request->isMethod('POST') : true)
            && $this->httpUtils->checkRequestPath($request$this->options['check_path'])
            && ($this->options['form_only'] ? 'form' === $request->getContentTypeFormat() : true);
    }

    public function authenticate(Request $request): Passport
    {
        $credentials = $this->getCredentials($request);

        $userBadge = new UserBadge($credentials['username']$this->userProvider->loadUserByIdentifier(...));
        $passport = new Passport($userBadgenew PasswordCredentials($credentials['password'])[new RememberMeBadge()]);

        if ($this->options['enable_csrf']) {
            $passport->addBadge(new CsrfTokenBadge($this->options['csrf_token_id']$credentials['csrf_token']));
        }

        if ($this->userProvider instanceof PasswordUpgraderInterface) {
            $passport->addBadge(new PasswordUpgradeBadge($credentials['password']$this->userProvider));
        }

        return $passport;
    }

    
$this->urlGenerator = $urlGenerator;
    }

    public function authenticate(Request $request): Passport
    {
        $username = $request->request->get('_username', '');

        $request->getSession()->set(SecurityRequestAttributes::LAST_USERNAME, $username);

        return new Passport(
            new UserBadge($username),
            new PasswordCredentials($request->request->get('_password', '')),
            []
        );
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token$firewallName): ?Response
    {
        return new RedirectResponse($this->urlGenerator->generate('security_'.$firewallName.'_profile'));
    }

    protected function getLoginUrl(Request $request): string
    {
        
use Symfony\Component\Ldap\Security\LdapBadge;
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;

class LdapAuthenticatorTest extends TestCase
{
    public function testAuthenticate()
    {
        $decorated = $this->createMock(AuthenticatorInterface::class);
        $passport = new Passport(new UserBadge('test')new PasswordCredentials('s3cret'));
        $decorated
            ->expects($this->once())
            ->method('authenticate')
            ->willReturn($passport)
        ;

        $authenticator = new LdapAuthenticator($decorated, 'serviceId');
        $request = new Request();

        $authenticator->authenticate($request);

        
Home | Imprint | This part of the site doesn't use cookies.