[HttpFoundation] added a way to override the Request class

Author: fabpot

AccessMap.php

@@ -0,0 +1,49 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http;
+
+use Symfony\Component\HttpFoundation\RequestMatcherInterface;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * AccessMap allows configuration of different access control rules for
+ * specific parts of the website.
+ *
+ * @author Fabien Potencier <[email protected]>
+ */
+class AccessMap implements AccessMapInterface
+{
+    private $map = array();
+
+    /**
+     * Constructor.
+     *
+     * @param RequestMatcherInterface $requestMatcher A RequestMatcherInterface instance
+     * @param array                   $roles          An array of roles needed to access the resource
+     * @param string|null             $channel        The channel to enforce (http, https, or null)
+     */
+    public function add(RequestMatcherInterface $requestMatcher, array $roles = array(), $channel = null)
+    {
+        $this->map[] = array($requestMatcher, $roles, $channel);
+    }
+
+    public function getPatterns(Request $request)
+    {
+        foreach ($this->map as $elements) {
+            if (null === $elements[0] || $elements[0]->matches($request)) {
+                return array($elements[1], $elements[2]);
+            }
+        }
+
+        return array(null, null);
+    }
+}

AccessMapInterface.php

@@ -0,0 +1,33 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http;
+
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * AccessMap allows configuration of different access control rules for
+ * specific parts of the website.
+ *
+ * @author Fabien Potencier <[email protected]>
+ * @author Kris Wallsmith <[email protected]>
+ */
+interface AccessMapInterface
+{
+    /**
+     * Returns security attributes and required channel for the supplied request.
+     *
+     * @param Request $request The current request
+     *
+     * @return array A tuple of security attributes and the required channel
+     */
+    public function getPatterns(Request $request);
+}

Authentication/AuthenticationFailureHandlerInterface.php

@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Interface for custom authentication failure handlers.
+ *
+ * If you want to customize the failure handling process, instead of
+ * overwriting the respective listener globally, you can set a custom failure
+ * handler which implements this interface.
+ *
+ * @author Johannes M. Schmitt <[email protected]>
+ */
+interface AuthenticationFailureHandlerInterface
+{
+    /**
+     * This is called when an interactive authentication attempt fails. This is
+     * called by authentication listeners inheriting from
+     * AbstractAuthenticationListener.
+     *
+     * @param Request                 $request
+     * @param AuthenticationException $exception
+     *
+     * @return Response The response to return, never null
+     */
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception);
+}

Authentication/AuthenticationSuccessHandlerInterface.php

@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Interface for a custom authentication success handler
+ *
+ * If you want to customize the success handling process, instead of
+ * overwriting the respective listener globally, you can set a custom success
+ * handler which implements this interface.
+ *
+ * @author Johannes M. Schmitt <[email protected]>
+ */
+interface AuthenticationSuccessHandlerInterface
+{
+    /**
+     * This is called when an interactive authentication attempt succeeds. This
+     * is called by authentication listeners inheriting from
+     * AbstractAuthenticationListener.
+     *
+     * @param Request        $request
+     * @param TokenInterface $token
+     *
+     * @return Response never null
+     */
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token);
+}

Authentication/DefaultAuthenticationFailureHandler.php

@@ -0,0 +1,92 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\SecurityContextInterface;
+use Symfony\Component\Security\Http\HttpUtils;
+
+/**
+ * Class with the default authentication failure handling logic.
+ *
+ * Can be optionally be extended from by the developer to alter the behaviour
+ * while keeping the default behaviour.
+ *
+ * @author Fabien Potencier <[email protected]>
+ * @author Johannes M. Schmitt <[email protected]>
+ * @author Alexander <[email protected]>
+ */
+class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
+{
+    protected $httpKernel;
+    protected $httpUtils;
+    protected $logger;
+    protected $options;
+
+    /**
+     * Constructor.
+     *
+     * @param HttpKernelInterface $httpKernel
+     * @param HttpUtils           $httpUtils
+     * @param array               $options    Options for processing a failed authentication attempt.
+     * @param LoggerInterface     $logger     Optional logger
+     */
+    public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options, LoggerInterface $logger = null)
+    {
+        $this->httpKernel = $httpKernel;
+        $this->httpUtils  = $httpUtils;
+        $this->logger     = $logger;
+
+        $this->options = array_merge(array(
+            'failure_path'           => null,
+            'failure_forward'        => false,
+            'login_path'             => '/login',
+            'failure_path_parameter' => '_failure_path'
+        ), $options);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
+    {
+        if ($failureUrl = $request->get($this->options['failure_path_parameter'], null, true)) {
+             $this->options['failure_path'] = $failureUrl;
+         }
+
+        if (null === $this->options['failure_path']) {
+            $this->options['failure_path'] = $this->options['login_path'];
+        }
+
+        if ($this->options['failure_forward']) {
+            if (null !== $this->logger) {
+                $this->logger->debug(sprintf('Forwarding to %s', $this->options['failure_path']));
+            }
+
+            $subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']);
+            $subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception);
+
+            return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
+        }
+
+        if (null !== $this->logger) {
+            $this->logger->debug(sprintf('Redirecting to %s', $this->options['failure_path']));
+        }
+
+        $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception);
+
+        return $this->httpUtils->createRedirectResponse($request, $this->options['failure_path']);
+    }
+}

Authentication/DefaultAuthenticationSuccessHandler.php

@@ -0,0 +1,110 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\HttpUtils;
+
+/**
+ * Class with the default authentication success handling logic.
+ *
+ * Can be optionally be extended from by the developer to alter the behaviour
+ * while keeping the default behaviour.
+ *
+ * @author Fabien Potencier <[email protected]>
+ * @author Johannes M. Schmitt <[email protected]>
+ * @author Alexander <[email protected]>
+ */
+class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
+{
+    protected $httpUtils;
+    protected $options;
+    protected $providerKey;
+
+    /**
+     * Constructor.
+     *
+     * @param HttpUtils $httpUtils
+     * @param array     $options   Options for processing a successful authentication attempt.
+     */
+    public function __construct(HttpUtils $httpUtils, array $options)
+    {
+        $this->httpUtils   = $httpUtils;
+
+        $this->options = array_merge(array(
+            'always_use_default_target_path' => false,
+            'default_target_path'            => '/',
+            'login_path'                     => '/login',
+            'target_path_parameter'          => '_target_path',
+            'use_referer'                    => false,
+        ), $options);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
+    {
+        return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
+    }
+
+    /**
+     * Get the provider key.
+     *
+     * @return string
+     */
+    public function getProviderKey()
+    {
+        return $this->providerKey;
+    }
+
+    /**
+     * Set the provider key.
+     *
+     * @param string $providerKey
+     */
+    public function setProviderKey($providerKey)
+    {
+        $this->providerKey = $providerKey;
+    }
+
+    /**
+     * Builds the target URL according to the defined options.
+     *
+     * @param Request $request
+     *
+     * @return string
+     */
+    protected function determineTargetUrl(Request $request)
+    {
+        if ($this->options['always_use_default_target_path']) {
+            return $this->options['default_target_path'];
+        }
+
+        if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
+            return $targetUrl;
+        }
+
+        if (null !== $this->providerKey && $targetUrl = $request->getSession()->get('_security.'.$this->providerKey.'.target_path')) {
+            $request->getSession()->remove('_security.'.$this->providerKey.'.target_path');
+
+            return $targetUrl;
+        }
+
+        if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
+            return $targetUrl;
+        }
+
+        return $this->options['default_target_path'];
+    }
+}