add EcasAuthenticator decorator

This Symfony authenticator is only created to remove the `clientFingerprint` cookie
ecphp · May 8, 2023 · 0336e11 · 0336e11
1 parent f5137ad
commit 0336e11
Show file tree

Hide file tree

Showing 4 changed files with 67 additions and 154 deletions.
diff --git a/composer.json b/composer.json
@@ -16,8 +16,8 @@
         "php": ">= 8.1",
         "ext-json": "*",
         "ext-simplexml": "*",
-        "ecphp/cas-bundle": "dev-refactor/cas-lib-v2",
-        "ecphp/ecas": "^3",
+        "ecphp/cas-bundle": "dev-master",
+        "ecphp/ecas": "dev-master",
         "symfony/framework-bundle": "^6.1"
     },
     "require-dev": {
@@ -29,7 +29,8 @@
         "nyholm/psr7": "^1.5",
         "phpspec/phpspec": "^7",
         "symfony/http-client": "^6.1",
-        "symfony/security-core": "^6.1"
+        "symfony/security-core": "^6.1",
+        "symfony/security-bundle": "^6.1"
     },
     "minimum-stability": "dev",
     "prefer-stable": true,

diff --git a/src/Cas/SymfonyECas.php b/src/Cas/SymfonyECas.php
diff --git a/src/Resources/config/services.php b/src/Resources/config/services.php
@@ -21,6 +21,7 @@
 use EcPhp\Ecas\Service\Fingerprint\DefaultFingerprint;
 use EcPhp\Ecas\Service\Fingerprint\Fingerprint;
 use EcPhp\EuLoginBundle\Security\Core\User\EuLoginUserProvider;
+use EcPhp\EuLoginBundle\Security\EcasAuthenticator;
 
 return static function (ContainerConfigurator $container): void {
     $services = $container->services();
@@ -53,4 +54,7 @@
     $services
         ->set(DefaultFingerprint::class)
         ->alias(Fingerprint::class, DefaultFingerprint::class);
+
+    $services
+        ->set(EcasAuthenticator::class);
 };
diff --git a/src/Security/EcasAuthenticator.php b/src/Security/EcasAuthenticator.php
@@ -0,0 +1,59 @@
+<?php
+
+/**
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ *
+ * @see https://github.com/ecphp
+ */
+
+declare(strict_types=1);
+
+namespace EcPhp\EuLoginBundle\Security;
+
+use EcPhp\CasBundle\Security\CasAuthenticator;
+use EcPhp\Ecas\Handler\AttachClientFingerprintCookie;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
+use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+
+final class EcasAuthenticator extends AbstractAuthenticator implements AuthenticationEntryPointInterface
+{
+    public function __construct(
+        private readonly CasAuthenticator $casAuthenticator
+    ) {
+    }
+
+    public function authenticate(Request $request): Passport
+    {
+        return $this->casAuthenticator->authenticate($request);
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+    {
+        return $this->casAuthenticator->onAuthenticationFailure($request, $exception);
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): Response
+    {
+        $response = $this->casAuthenticator->onAuthenticationSuccess($request, $token, $firewallName);
+
+        $response->headers->clearCookie(AttachClientFingerprintCookie::CLIENT_FINGERPRINT_ATTRIBUTE);
+
+        return $response;
+    }
+
+    public function start(Request $request, ?AuthenticationException $authException = null): Response
+    {
+        return $this->casAuthenticator->start($request, $authException);
+    }
+
+    public function supports(Request $request): bool
+    {
+        return $this->casAuthenticator->supports($request);
+    }
+}