vendor/symfony/security-http/Firewall/RememberMeListener.php line 27

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of the Symfony package.
  4.  *
  5.  * (c) Fabien Potencier <fabien@symfony.com>
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  10. namespace Symfony\Component\Security\Http\Firewall;
  11. use Psr\Log\LoggerInterface;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpKernel\Event\RequestEvent;
  14. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  16. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  17. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  18. use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
  19. use Symfony\Component\Security\Http\SecurityEvents;
  20. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy;
  21. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  22. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  23. trigger_deprecation('symfony/security-http''5.3''The "%s" class is deprecated, use the new authenticator system instead.'RememberMeListener::class);
  24. /**
  25.  * RememberMeListener implements authentication capabilities via a cookie.
  26.  *
  27.  * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  28.  *
  29.  * @final
  30.  *
  31.  * @deprecated since Symfony 5.3, use the new authenticator system instead
  32.  */
  33. class RememberMeListener extends AbstractListener
  34. {
  35.     private $tokenStorage;
  36.     private $rememberMeServices;
  37.     private $authenticationManager;
  38.     private $logger;
  39.     private $dispatcher;
  40.     private $catchExceptions true;
  41.     private $sessionStrategy;
  42.     public function __construct(TokenStorageInterface $tokenStorageRememberMeServicesInterface $rememberMeServicesAuthenticationManagerInterface $authenticationManagerLoggerInterface $logger nullEventDispatcherInterface $dispatcher nullbool $catchExceptions trueSessionAuthenticationStrategyInterface $sessionStrategy null)
  43.     {
  44.         $this->tokenStorage $tokenStorage;
  45.         $this->rememberMeServices $rememberMeServices;
  46.         $this->authenticationManager $authenticationManager;
  47.         $this->logger $logger;
  48.         $this->dispatcher $dispatcher;
  49.         $this->catchExceptions $catchExceptions;
  50.         $this->sessionStrategy $sessionStrategy ?? new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE);
  51.     }
  52.     /**
  53.      * {@inheritdoc}
  54.      */
  55.     public function supports(Request $request): ?bool
  56.     {
  57.         return null// always run authenticate() lazily with lazy firewalls
  58.     }
  59.     /**
  60.      * Handles remember-me cookie based authentication.
  61.      */
  62.     public function authenticate(RequestEvent $event)
  63.     {
  64.         if (null !== $this->tokenStorage->getToken()) {
  65.             return;
  66.         }
  67.         $request $event->getRequest();
  68.         try {
  69.             if (null === $token $this->rememberMeServices->autoLogin($request)) {
  70.                 return;
  71.             }
  72.         } catch (AuthenticationException $e) {
  73.             if (null !== $this->logger) {
  74.                 $this->logger->warning(
  75.                     'The token storage was not populated with remember-me token as the'
  76.                    .' RememberMeServices was not able to create a token from the remember'
  77.                    .' me information.', ['exception' => $e]
  78.                 );
  79.             }
  80.             $this->rememberMeServices->loginFail($request);
  81.             if (!$this->catchExceptions) {
  82.                 throw $e;
  83.             }
  84.             return;
  85.         }
  86.         try {
  87.             $token $this->authenticationManager->authenticate($token);
  88.             if ($request->hasSession() && $request->getSession()->isStarted()) {
  89.                 $this->sessionStrategy->onAuthentication($request$token);
  90.             }
  91.             $this->tokenStorage->setToken($token);
  92.             if (null !== $this->dispatcher) {
  93.                 $loginEvent = new InteractiveLoginEvent($request$token);
  94.                 $this->dispatcher->dispatch($loginEventSecurityEvents::INTERACTIVE_LOGIN);
  95.             }
  96.             if (null !== $this->logger) {
  97.                 $this->logger->debug('Populated the token storage with a remember-me token.');
  98.             }
  99.         } catch (AuthenticationException $e) {
  100.             if (null !== $this->logger) {
  101.                 $this->logger->warning(
  102.                     'The token storage was not populated with remember-me token as the'
  103.                    .' AuthenticationManager rejected the AuthenticationToken returned'
  104.                    .' by the RememberMeServices.', ['exception' => $e]
  105.                 );
  106.             }
  107.             $this->rememberMeServices->loginFail($request$e);
  108.             if (!$this->catchExceptions) {
  109.                 throw $e;
  110.             }
  111.         }
  112.     }
  113. }