Actualización

vendor/symfony/security/Http/EntryPoint/AuthenticationEntryPointInterface.php

@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\EntryPoint;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+/**
+ * Implement this interface for any classes that will be called to "start"
+ * the authentication process (see method for more details).
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+interface AuthenticationEntryPointInterface
+{
+    /**
+     * Returns a response that directs the user to authenticate.
+     *
+     * This is called when an anonymous request accesses a resource that
+     * requires authentication. The job of this method is to return some
+     * response that "helps" the user start into the authentication process.
+     *
+     * Examples:
+     *  A) For a form login, you might redirect to the login page
+     *      return new RedirectResponse('/login');
+     *  B) For an API token authentication system, you return a 401 response
+     *      return new Response('Auth header required', 401);
+     *
+     * @param Request                 $request       The request that resulted in an AuthenticationException
+     * @param AuthenticationException $authException The exception that started the authentication process
+     *
+     * @return Response
+     */
+    public function start(Request $request, AuthenticationException $authException = null);
+}

vendor/symfony/security/Http/EntryPoint/BasicAuthenticationEntryPoint.php

@@ -0,0 +1,43 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\EntryPoint;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * BasicAuthenticationEntryPoint starts an HTTP Basic authentication.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class BasicAuthenticationEntryPoint implements AuthenticationEntryPointInterface
+{
+    private $realmName;
+
+    public function __construct($realmName)
+    {
+        $this->realmName = $realmName;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+        $response = new Response();
+        $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName));
+        $response->setStatusCode(401);
+
+        return $response;
+    }
+}

vendor/symfony/security/Http/EntryPoint/DigestAuthenticationEntryPoint.php

@@ -0,0 +1,82 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\EntryPoint;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Exception\NonceExpiredException;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\Request;
+use Psr\Log\LoggerInterface;
+
+/**
+ * DigestAuthenticationEntryPoint starts an HTTP Digest authentication.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface
+{
+    private $secret;
+    private $realmName;
+    private $nonceValiditySeconds;
+    private $logger;
+
+    public function __construct($realmName, $secret, $nonceValiditySeconds = 300, LoggerInterface $logger = null)
+    {
+        $this->realmName = $realmName;
+        $this->secret = $secret;
+        $this->nonceValiditySeconds = $nonceValiditySeconds;
+        $this->logger = $logger;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+        $expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000;
+        $signatureValue = md5($expiryTime.':'.$this->secret);
+        $nonceValue = $expiryTime.':'.$signatureValue;
+        $nonceValueBase64 = base64_encode($nonceValue);
+
+        $authenticateHeader = sprintf('Digest realm="%s", qop="auth", nonce="%s"', $this->realmName, $nonceValueBase64);
+
+        if ($authException instanceof NonceExpiredException) {
+            $authenticateHeader .= ', stale="true"';
+        }
+
+        if (null !== $this->logger) {
+            $this->logger->debug('WWW-Authenticate header sent.', array('header' => $authenticateHeader));
+        }
+
+        $response = new Response();
+        $response->headers->set('WWW-Authenticate', $authenticateHeader);
+        $response->setStatusCode(401);
+
+        return $response;
+    }
+
+    /**
+     * @return string
+     */
+    public function getSecret()
+    {
+        return $this->secret;
+    }
+
+    /**
+     * @return string
+     */
+    public function getRealmName()
+    {
+        return $this->realmName;
+    }
+}

vendor/symfony/security/Http/EntryPoint/FormAuthenticationEntryPoint.php

@@ -0,0 +1,65 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\EntryPoint;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Http\HttpUtils;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+
+/**
+ * FormAuthenticationEntryPoint starts an authentication via a login form.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class FormAuthenticationEntryPoint implements AuthenticationEntryPointInterface
+{
+    private $loginPath;
+    private $useForward;
+    private $httpKernel;
+    private $httpUtils;
+
+    /**
+     * Constructor.
+     *
+     * @param HttpKernelInterface $kernel
+     * @param HttpUtils           $httpUtils  An HttpUtils instance
+     * @param string              $loginPath  The path to the login form
+     * @param bool                $useForward Whether to forward or redirect to the login form
+     */
+    public function __construct(HttpKernelInterface $kernel, HttpUtils $httpUtils, $loginPath, $useForward = false)
+    {
+        $this->httpKernel = $kernel;
+        $this->httpUtils = $httpUtils;
+        $this->loginPath = $loginPath;
+        $this->useForward = (bool) $useForward;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+        if ($this->useForward) {
+            $subRequest = $this->httpUtils->createRequest($request, $this->loginPath);
+
+            $response = $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST);
+            if (200 === $response->getStatusCode()) {
+                $response->headers->set('X-Status-Code', 401);
+            }
+
+            return $response;
+        }
+
+        return $this->httpUtils->createRedirectResponse($request, $this->loginPath);
+    }
+}

vendor/symfony/security/Http/EntryPoint/RetryAuthenticationEntryPoint.php

@@ -0,0 +1,59 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\EntryPoint;
+
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * RetryAuthenticationEntryPoint redirects URL based on the configured scheme.
+ *
+ * This entry point is not intended to work with HTTP post requests.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class RetryAuthenticationEntryPoint implements AuthenticationEntryPointInterface
+{
+    private $httpPort;
+    private $httpsPort;
+
+    public function __construct($httpPort = 80, $httpsPort = 443)
+    {
+        $this->httpPort = $httpPort;
+        $this->httpsPort = $httpsPort;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function start(Request $request, AuthenticationException $authException = null)
+    {
+        $scheme = $request->isSecure() ? 'http' : 'https';
+        if ('http' === $scheme && 80 != $this->httpPort) {
+            $port = ':'.$this->httpPort;
+        } elseif ('https' === $scheme && 443 != $this->httpsPort) {
+            $port = ':'.$this->httpsPort;
+        } else {
+            $port = '';
+        }
+
+        $qs = $request->getQueryString();
+        if (null !== $qs) {
+            $qs = '?'.$qs;
+        }
+
+        $url = $scheme.'://'.$request->getHost().$port.$request->getBaseUrl().$request->getPathInfo().$qs;
+
+        return new RedirectResponse($url, 301);
+    }
+}