src/Security/MyAzureAuthenticator.php line 22

Open in your IDE?
  1. <?php
  2. namespace App\Security;
  4. use App\Entity\Kernel\User// your user entity
  5. use Doctrine\ORM\EntityManagerInterface;
  6. use KnpU\OAuth2ClientBundle\Security\Authenticator\SocialAuthenticator;
  7. use KnpU\OAuth2ClientBundle\Client\Provider\AzureClient;
  8. use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\Response;
  11. use Symfony\Component\Routing\RouterInterface;
  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  14. use Symfony\Component\Security\Core\User\UserProviderInterface;
  15. use Symfony\Component\HttpFoundation\RedirectResponse;
  16. use App\Service\Kernel\UserService;
  17. use App\Service\Kernel\KernelService;
  18. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  19. use Symfony\Contracts\Translation\TranslatorInterface;
  22. class MyAzureAuthenticator extends SocialAuthenticator
  23. {
  24.     private $clientRegistry;
  25.     private $em;
  26.     private $router;
  27.     private $userService;
  28.     private $kernelService;
  29.     private $session;
  30.     private $translator;
  32.     public function __construct(ClientRegistry $clientRegistryEntityManagerInterface $emRouterInterface $routerUserService $userServiceKernelService $kernelServiceSessionInterface $sessionTranslatorInterface $translator)
  33.     {
  34.         $this->clientRegistry $clientRegistry;
  35.         $this->em $em;
  36.     $this->router $router;
  37.         $this->userService $userService;
  38.         $this->kernelService $kernelService;
  39.         $this->session $session;
  40.         $this->translator $translator;
  41.     }
  43.     public function supports(Request $request)
  44.     {
  45.         // continue ONLY if the current ROUTE matches the check ROUTE
  46.         return $request->attributes->get('_route') === 'connect_azure_check';
  47.     }
  49.     public function getCredentials(Request $request)
  50.     {
  51.         // this method is only called if supports() returns true
  53.         // For Symfony lower than 3.4 the supports method need to be called manually here:
  54.         // if (!$this->supports($request)) {
  55.         //     return null;
  56.         // }
  58.         return $this->fetchAccessToken($this->getAzureClient());
  59.     }
  61.     public function getUser($credentialsUserProviderInterface $userProvider)
  62.     {
  63.         /** @var FacebookUser $facebookUser */
  64.         $azureUser $this->getAzureClient()
  65.             ->fetchUserFromToken($credentials);
  66.         
  67.         //$email = $azureUser->getEmail();
  69.         // 1) have they logged in with Facebook before? Easy!
  70.         $existingUser $this->em->getRepository(User::class)
  71.             ->findOneBy(['uuid' => $azureUser->getId()]);
  72.         if ($existingUser) {
  73.             return $existingUser;
  74.         }
  76.         
  77.         
  78.         // 2) do we have a matching user by email?
  79.         //$user = $this->em->getRepository(User::class)
  80.         //    ->findOneBy(['email' => $email]);
  82.         // 3) Maybe you just want to "register" them by creating
  83.         // a User object
  84.                 
  85.         /*$user = new User();
  86.         $user->setUuid($azureUser->getId());
  87.         $user->setEmail($azureUser->toArray()['upn']);
  88.         $user->setFirstName($azureUser->getFirstName());
  89.         $user->setLastName($azureUser->getLastName());
  90.         $user->setPassword("?E(H+MbQeThWmZq4t7w!zPP&F)J@NcRf");
  91.         $this->em->persist($user);
  92.         $this->em->flush();*/
  93.         $defaultorg $this->kernelService->getApplicationInfoValue("Kernel.Defaultorganization");
  94.         $defaulttimezone $this->kernelService->getApplicationInfoValue("Kernel.Defaulttimezone");
  95.         $user $this->userService->CreateUser($azureUser->getId(), $azureUser->toArray()['upn'], $azureUser->getFirstName(), $azureUser->getLastName(), "?E(H+MbQeThWmZq4t7w!zPP&F)J@NcRf",
  96.                 """en-US"$defaulttimezonenull$defaultorg,1);
  98.         return $user;
  99.     }
  101.     /**
  102.      * @return AzureClient
  103.      */
  104.     private function getAzureClient()
  105.     {
  106.         return $this->clientRegistry
  107.             // "facebook_main" is the key used in config/packages/knpu_oauth2_client.yaml
  108.             ->getClient('azure');
  109.     }
  111.     public function onAuthenticationSuccess(Request $requestTokenInterface $token$providerKey)
  112.     {
  113.         $user $token->getUser();
  114.         if ($this->userService->CanLogin($user) == true)
  115.         {
  116.             $this->userService->Login($user);
  117.             $targetUrl $this->router->generate('app_home', ['_locale' => "".$user->getLocale()]);
  118.         }
  119.         else
  120.         {
  121.             $token->setAuthenticated(false);
  122.             $this->session->set('error'$this->translator->trans("User.NotAllowedToLogin", [], 'messages'"en-US"));
  123.             $targetUrl $this->router->generate('app_logout');
  124.         }
  125.         // change "app_homepage" to some route in your app
  126.         
  128.         return new RedirectResponse($targetUrl);
  129.     
  130.         // or, on success, let the request continue to be handled by the controller
  131.         //return null;
  132.     }
  134.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception)
  135.     {
  136.         $message strtr($exception->getMessageKey(), $exception->getMessageData());
  138.         return new Response($messageResponse::HTTP_FORBIDDEN);
  139.     }
  141.     /**
  142.      * Called when authentication is needed, but it's not sent.
  143.      * This redirects to the 'login'.
  144.      */
  145.     public function start(Request $requestAuthenticationException $authException null)
  146.     {
  147.         return new RedirectResponse(
  148.             '/connect/azure/'// might be the site, where users choose their oauth provider
  149.             Response::HTTP_TEMPORARY_REDIRECT
  150.         );
  151.     }
  153.     // ...
  154. }