tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->accessTokenService = $accessTokenService; } /** * Se crea el User y Token mediante alguno de los métodos * * 1. Http Basic * 2. Authorization * 3. Client Ip * * @param GetResponseEvent $event * * @return type */ public function handle(GetResponseEvent $event) { $request = $event->getRequest(); $auth_info = array(); if ($request->headers->has("php-auth-user") && $request->headers->has("php-auth-pw")) { $username = $request->headers->get("php-auth-user"); $password = $request->headers->get("php-auth-pw"); $token = $this->accessTokenService->getToken($username, $password); unset($token['user_info']); $accessToken = $token; $auth_info = $this->accessTokenService->getUserInfo($username, $password); } elseif ($request->headers->has("authorization")) { $authorization = $request->headers->get("authorization"); $pieces = explode(' ', $authorization); $accessToken = array( 'access_token' => $pieces[1], ); $auth_info = $this->accessTokenService->requestUserInfo($authorization); if (isset($auth_info['username'])) { $username = $auth_info['username']; } else { return $this->deny($event); } } elseif ($request->getClientIp()) { $username = $clientIp = $request->getClientIp(); $auth = new \AuthBundle\Utils\IpUtils(); if ($auth->checkIp($clientIp) === false) { return $this->deny($event); } // @TODO: Generar access token para el caso de IP valida $accessToken = array( 'access_token' => '', ); $auth_info['roles'] = array('ROLE_USER'); // @TODO: Traer la tenencia Base de la app Base $tenancy = array( 'id' => 1, 'name' => 'Tenencia Base', ); $auth_info['tenancies'] = $auth_info['tenancyCurrent'] = $tenancy; } else { return $this->deny($event); } try { $user = new CustomOAuthUser($username); if (count($auth_info)) { $user->setRoles($auth_info['roles']); $user->setTenancies($auth_info['tenancies']); $user->setTenancyCurrent($auth_info['tenancyCurrent']); } $token = new OAuthToken($accessToken, $user->getRoles()); $token->setUser($user); $authToken = $this->authenticationManager->authenticate($token); $this->tokenStorage->setToken($authToken); return; } catch (\Exception $failed) { var_dump($failed->getMessage()); } $this->deny($event); } /** * @param GetResponseEvent $event */ private function deny(GetResponseEvent $event) { $this->tokenStorage->setToken(null); $response = new Response(); $response->setStatusCode(Response::HTTP_FORBIDDEN); $event->setResponse($response); echo 'The OAuth authentication failed.' . PHP_EOL; return; } }