From dd6cae471d0ee8f958df48210c7194dda97a47f4 Mon Sep 17 00:00:00 2001 From: Nassim Date: Mon, 6 May 2013 13:18:06 -0600 Subject: [PATCH 1/3] Improved code of custom authentication provider cookbook article --- cookbook/security/custom_authentication_provider.rst | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index c528b69ae32..d198a165740 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -138,7 +138,7 @@ set an authenticated token in the security context if successful. try { $authToken = $this->authenticationManager->authenticate($token); - $this->securityContext->setToken($authToken); + return $this->securityContext->setToken($authToken); } catch (AuthenticationException $failed) { // ... you might log something here @@ -152,6 +152,11 @@ set an authenticated token in the security context if successful. $event->setResponse($response); } + + // By default deny authorization + $response = new Response(); + $response->setStatusCode(403); + $event->setResponse($response); } } @@ -233,6 +238,10 @@ the ``PasswordDigest`` header value matches with the user's password. if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) { throw new NonceExpiredException('Previously used nonce detected'); } + // If cache directory does not exist we create it + if ( !is_dir($this->cacheDir) ) { + mkdir($this->cacheDir, 0777, true); + } file_put_contents($this->cacheDir.'/'.$nonce, time()); // Validate Secret From a7d22e1d409bf84ce3299b8331455d730cc8b562 Mon Sep 17 00:00:00 2001 From: Nassim Date: Tue, 7 May 2013 18:50:15 -0600 Subject: [PATCH 2/3] Removed extra spaces on is_dir check --- cookbook/security/custom_authentication_provider.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index d198a165740..209c0921699 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -239,7 +239,7 @@ the ``PasswordDigest`` header value matches with the user's password. throw new NonceExpiredException('Previously used nonce detected'); } // If cache directory does not exist we create it - if ( !is_dir($this->cacheDir) ) { + if (!is_dir($this->cacheDir)) { mkdir($this->cacheDir, 0777, true); } file_put_contents($this->cacheDir.'/'.$nonce, time()); From 20a677531fc7a369a491d2534ceef7ad154b5842 Mon Sep 17 00:00:00 2001 From: Nassim Date: Thu, 9 May 2013 11:09:01 -0600 Subject: [PATCH 3/3] Modified return statement place --- cookbook/security/custom_authentication_provider.rst | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cookbook/security/custom_authentication_provider.rst b/cookbook/security/custom_authentication_provider.rst index 209c0921699..677e69e8b72 100644 --- a/cookbook/security/custom_authentication_provider.rst +++ b/cookbook/security/custom_authentication_provider.rst @@ -137,8 +137,9 @@ set an authenticated token in the security context if successful. try { $authToken = $this->authenticationManager->authenticate($token); - - return $this->securityContext->setToken($authToken); + $this->securityContext->setToken($authToken); + + return; } catch (AuthenticationException $failed) { // ... you might log something here