CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
consumeRememberMeCookie example
$this->locator = $rememberMeHandlerLocator;
$this->requestStack = $requestStack;
}
public function createRememberMeCookie(UserInterface $user): void
{
$this->getForFirewall()->createRememberMeCookie($user);
}
public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
{
return $this->getForFirewall()->consumeRememberMeCookie($rememberMeDetails);
}
public function clearRememberMeCookie(): void
{
$this->getForFirewall()->clearRememberMeCookie();
}
}
$this->requestStack = $requestStack;
}
public function createRememberMeCookie(UserInterface $user): void
{
$this->getForFirewall()->createRememberMeCookie($user);
}
public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
{
return $this->getForFirewall()->consumeRememberMeCookie($rememberMeDetails);
}
public function clearRememberMeCookie(): void
{
$this->getForFirewall()->clearRememberMeCookie();
}
}
public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
{
try {
$this->signatureHasher->acceptSignatureHash($rememberMeDetails->getUserIdentifier(), $rememberMeDetails->getExpires(), $rememberMeDetails->getValue());
} catch (InvalidSignatureException $e) {
throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
} catch (ExpiredSignatureException $e) {
throw new AuthenticationException('The cookie has expired.', 0, $e);
}
return parent::consumeRememberMeCookie($rememberMeDetails);
}
public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
{
try {
$this->signatureHasher->verifySignatureHash($user, $rememberMeDetails->getExpires(), $rememberMeDetails->getValue());
} catch (InvalidSignatureException $e) {
throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
} catch (ExpiredSignatureException $e) {
throw new AuthenticationException('The cookie has expired.', 0, $e);
}
{
try {
$this->signatureHasher->acceptSignatureHash($rememberMeDetails->getUserIdentifier(), $rememberMeDetails->getExpires(), $rememberMeDetails->getValue());
} catch (InvalidSignatureException $e) {
throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
} catch (ExpiredSignatureException $e) {
throw new AuthenticationException('The cookie has expired.', 0, $e);
}
return parent::consumeRememberMeCookie($rememberMeDetails);
}
public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
{
try {
$this->signatureHasher->verifySignatureHash($user, $rememberMeDetails->getExpires(), $rememberMeDetails->getValue());
} catch (InvalidSignatureException $e) {
throw new AuthenticationException('The cookie\'s hash is invalid.', 0, $e);
} catch (ExpiredSignatureException $e) {
throw new AuthenticationException('The cookie has expired.', 0, $e);
}
return null;
}
public function authenticate(Request $request): Passport
{
if (!$rawCookie = $request->cookies->get($this->cookieName)) {
throw new \LogicException('No remember-me cookie is found.');
}
$rememberMeCookie = RememberMeDetails::fromRawCookie($rawCookie);
$userBadge = new UserBadge($rememberMeCookie->getUserIdentifier(), fn () => $this->rememberMeHandler->consumeRememberMeCookie($rememberMeCookie));
return new SelfValidatingPassport($userBadge);
}
public function createToken(Passport $passport, string $firewallName): TokenInterface
{
return new RememberMeToken($passport->getUser(), $firewallName, $this->secret);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
}
public function authenticate(Request $request): Passport
{
if (!$rawCookie = $request->cookies->get($this->cookieName)) {
throw new \LogicException('No remember-me cookie is found.');
}
$rememberMeCookie = RememberMeDetails::fromRawCookie($rawCookie);
$userBadge = new UserBadge($rememberMeCookie->getUserIdentifier(), fn () => $this->rememberMeHandler->consumeRememberMeCookie($rememberMeCookie));
return new SelfValidatingPassport($userBadge);
}
public function createToken(Passport $passport, string $firewallName): TokenInterface
{
return new RememberMeToken($passport->getUser(), $firewallName, $this->secret);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
{
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
$this->assertNull($cookie->getValue());
}
public function testConsumeRememberMeCookieValid()
{
$user = new InMemoryUser('wouter', null);
$signature = $this->signatureHasher->computeSignatureHash($user, $expire = time() + 3600);
$this->userProvider->createUser(new InMemoryUser('wouter', null));
$rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', $expire, $signature);
$this->handler->consumeRememberMeCookie($rememberMeDetails);
$this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));
/** @var Cookie $cookie */
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
$this->assertNotEquals((new RememberMeDetails(InMemoryUser::class, 'wouter', $expire, $signature))->toString(), $cookie->getValue());
}
public function testConsumeRememberMeCookieInvalidHash()
{
$this->expectException(AuthenticationException::class);
$this->assertNull($cookie->getValue());
}
public function testConsumeRememberMeCookieValid()
{
$user = new InMemoryUser('wouter', null);
$signature = $this->signatureHasher->computeSignatureHash($user, $expire = time() + 3600);
$this->userProvider->createUser(new InMemoryUser('wouter', null));
$rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', $expire, $signature);
$this->handler->consumeRememberMeCookie($rememberMeDetails);
$this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));
/** @var Cookie $cookie */
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
$this->assertNotEquals((new RememberMeDetails(InMemoryUser::class, 'wouter', $expire, $signature))->toString(), $cookie->getValue());
}
public function testConsumeRememberMeCookieInvalidHash()
{
$this->expectException(AuthenticationException::class);
public function testConsumeRememberMeCookieValid()
{
$this->tokenProvider->expects($this->any())
->method('loadTokenBySeries')
->with('series1')
->willReturn(new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTimeImmutable('-10 min')))
;
$this->tokenProvider->expects($this->once())->method('updateToken')->with('series1');
$rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', 360, 'series1:tokenvalue');
$this->handler->consumeRememberMeCookie($rememberMeDetails);
// assert that the cookie has been updated with a new base64 encoded token value $this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));
/** @var Cookie $cookie */
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
$rememberParts = explode(':', $rememberMeDetails->toString(), 4);
$cookieParts = explode(':', $cookie->getValue(), 4);
$this->assertSame($rememberParts[0], $cookieParts[0]); // class $this->assertSame($rememberParts[1], $cookieParts[1]); // identifier
{
$this->tokenProvider->expects($this->any())
->method('loadTokenBySeries')
->with('series1')
->willReturn(new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTimeImmutable('-10 min')))
;
$this->tokenProvider->expects($this->once())->method('updateToken')->with('series1');
$rememberMeDetails = new RememberMeDetails(InMemoryUser::class, 'wouter', 360, 'series1:tokenvalue');
$this->handler->consumeRememberMeCookie($rememberMeDetails);
// assert that the cookie has been updated with a new base64 encoded token value $this->assertTrue($this->request->attributes->has(ResponseListener::COOKIE_ATTR_NAME));
/** @var Cookie $cookie */
$cookie = $this->request->attributes->get(ResponseListener::COOKIE_ATTR_NAME);
$rememberParts = explode(':', $rememberMeDetails->toString(), 4);
$cookieParts = explode(':', $cookie->getValue(), 4);
$this->assertSame($rememberParts[0], $cookieParts[0]); // class $this->assertSame($rememberParts[1], $cookieParts[1]); // identifier
$this->handler = $handler;
}
public function createRememberMeCookie(UserInterface $user): void
{
$this->handler->createRememberMeCookie($user);
}
public function consumeRememberMeCookie(RememberMeDetails $rememberMeDetails): UserInterface
{
return $this->handler->consumeRememberMeCookie($rememberMeDetails);
}
public function clearRememberMeCookie(): void
{
$this->handler->clearRememberMeCookie();
}
}
else {
$isTokenValid = hash_equals($persistentToken->getTokenValue(), $tokenValue);
}
if (!$isTokenValid) {
throw new CookieTheftException('This token was already used. The account is possibly compromised.');
}
if ($persistentToken->getLastUsed()->getTimestamp() + $this->options['lifetime'] < time()) {
throw new AuthenticationException('The cookie has expired.');
}
return parent::consumeRememberMeCookie($rememberMeDetails->withValue($persistentToken->getLastUsed()->getTimestamp().':'.$rememberMeDetails->getValue().':'.$persistentToken->getClass()));
}
public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
{
[$lastUsed, $series, $tokenValue, $class] = explode(':', $rememberMeDetails->getValue(), 4);
$persistentToken = new PersistentToken($class, $rememberMeDetails->getUserIdentifier(), $series, $tokenValue, new \DateTimeImmutable('@'.$lastUsed));
// if a token was regenerated less than a minute ago, there is no need to regenerate it // if multiple concurrent requests reauthenticate a user we do not want to update the token several times if ($persistentToken->getLastUsed()->getTimestamp() + 60 >= time()) {
return;
}
$isTokenValid = hash_equals($persistentToken->getTokenValue(), $tokenValue);
}
if (!$isTokenValid) {
throw new CookieTheftException('This token was already used. The account is possibly compromised.');
}
if ($persistentToken->getLastUsed()->getTimestamp() + $this->options['lifetime'] < time()) {
throw new AuthenticationException('The cookie has expired.');
}
return parent::consumeRememberMeCookie($rememberMeDetails->withValue($persistentToken->getLastUsed()->getTimestamp().':'.$rememberMeDetails->getValue().':'.$persistentToken->getClass()));
}
public function processRememberMe(RememberMeDetails $rememberMeDetails, UserInterface $user): void
{
[$lastUsed, $series, $tokenValue, $class] = explode(':', $rememberMeDetails->getValue(), 4);
$persistentToken = new PersistentToken($class, $rememberMeDetails->getUserIdentifier(), $series, $tokenValue, new \DateTimeImmutable('@'.$lastUsed));
// if a token was regenerated less than a minute ago, there is no need to regenerate it // if multiple concurrent requests reauthenticate a user we do not want to update the token several times if ($persistentToken->getLastUsed()->getTimestamp() + 60 >= time()) {
return;
}