vendor/symfony/security-http/Authenticator/RememberMeAuthenticator.php line 45

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the Symfony package.
  5. *
  6. * (c) Fabien Potencier <fabien@symfony.com>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace Symfony\Component\Security\Http\Authenticator;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\HttpFoundation\Request;
  16. use Symfony\Component\HttpFoundation\Response;
  17. use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
  18. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  19. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  20. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  21. use Symfony\Component\Security\Core\Exception\CookieTheftException;
  22. use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
  23. use Symfony\Component\Security\Core\Exception\UserNotFoundException;
  24. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  25. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  26. use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
  27. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  28. use Symfony\Component\Security\Http\RememberMe\RememberMeDetails;
  29. use Symfony\Component\Security\Http\RememberMe\RememberMeHandlerInterface;
  30. use Symfony\Component\Security\Http\RememberMe\ResponseListener;
  32. /**
  33. * The RememberMe *Authenticator* performs remember me authentication.
  34. *
  35. * This authenticator is executed whenever a user's session
  36. * expired and a remember-me cookie was found. This authenticator
  37. * then "re-authenticates" the user using the information in the
  38. * cookie.
  39. *
  40. * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  41. * @author Wouter de Jong <wouter@wouterj.nl>
  42. *
  43. * @final
  44. */
  45. class RememberMeAuthenticator implements InteractiveAuthenticatorInterface
  46. {
  47. private $rememberMeHandler;
  48. private $secret;
  49. private $tokenStorage;
  50. private $cookieName;
  51. private $logger;
  53. public function __construct(RememberMeHandlerInterface $rememberMeHandler, string $secret, TokenStorageInterface $tokenStorage, string $cookieName, ?LoggerInterface $logger = null)
  54. {
  55. $this->rememberMeHandler = $rememberMeHandler;
  56. $this->secret = $secret;
  57. $this->tokenStorage = $tokenStorage;
  58. $this->cookieName = $cookieName;
  59. $this->logger = $logger;
  60. }
  62. public function supports(Request $request): ?bool
  63. {
  64. // do not overwrite already stored tokens (i.e. from the session)
  65. if (null !== $this->tokenStorage->getToken()) {
  66. return false;
  67. }
  69. if (($cookie = $request->attributes->get(ResponseListener::COOKIE_ATTR_NAME)) && null === $cookie->getValue()) {
  70. return false;
  71. }
  73. if (!$request->cookies->has($this->cookieName) || !\is_scalar($request->cookies->all()[$this->cookieName] ?: null)) {
  74. return false;
  75. }
  77. if (null !== $this->logger) {
  78. $this->logger->debug('Remember-me cookie detected.');
  79. }
  81. // the `null` return value indicates that this authenticator supports lazy firewalls
  82. return null;
  83. }
  85. public function authenticate(Request $request): PassportInterface
  86. {
  87. $rawCookie = $request->cookies->get($this->cookieName);
  88. if (!$rawCookie) {
  89. throw new \LogicException('No remember-me cookie is found.');
  90. }
  92. $rememberMeCookie = RememberMeDetails::fromRawCookie($rawCookie);
  94. return new SelfValidatingPassport(new UserBadge($rememberMeCookie->getUserIdentifier(), function () use ($rememberMeCookie) {
  95. return $this->rememberMeHandler->consumeRememberMeCookie($rememberMeCookie);
  96. }));
  97. }
  99. /**
  100. * @deprecated since Symfony 5.4, use {@link createToken()} instead
  101. */
  102. public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
  103. {
  104. trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
  106. return $this->createToken($passport, $firewallName);
  107. }
  109. public function createToken(Passport $passport, string $firewallName): TokenInterface
  110. {
  111. return new RememberMeToken($passport->getUser(), $firewallName, $this->secret);
  112. }
  114. public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
  115. {
  116. return null; // let the original request continue
  117. }
  119. public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
  120. {
  121. if (null !== $this->logger) {
  122. if ($exception instanceof UserNotFoundException) {
  123. $this->logger->info('User for remember-me cookie not found.', ['exception' => $exception]);
  124. } elseif ($exception instanceof UnsupportedUserException) {
  125. $this->logger->warning('User class for remember-me cookie not supported.', ['exception' => $exception]);
  126. } elseif (!$exception instanceof CookieTheftException) {
  127. $this->logger->debug('Remember me authentication failed.', ['exception' => $exception]);
  128. }
  129. }
  131. return null;
  132. }
  134. public function isInteractive(): bool
  135. {
  136. return true;
  137. }
  138. }