src/webkul/uvdesk/api-bundle/Security/Guards/APIGuard.php line 41

Open in your IDE?
  1. <?php
  3. namespace Webkul\UVDesk\ApiBundle\Security\Guards;
  5. use Doctrine\ORM\Tools\Setup;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use Symfony\Component\HttpFoundation\Request;
  8. use Symfony\Component\HttpFoundation\Response;
  9. use Symfony\Component\HttpFoundation\RequestStack;
  10. use Symfony\Component\HttpFoundation\JsonResponse;
  11. use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
  12. use Symfony\Component\Security\Core\User\UserInterface;
  13. use Webkul\UVDesk\ApiBundle\Entity\ApiAccessCredential;
  14. use Symfony\Component\DependencyInjection\ContainerInterface;
  15. use Symfony\Component\Security\Core\User\UserProviderInterface;
  16. use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  18. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  19. use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
  20. use Webkul\UVDesk\CoreFrameworkBundle\Entity\User;
  21. use Doctrine\Persistence\ManagerRegistry;
  22. class APIGuard extends AbstractGuardAuthenticator
  23. {
  24. /**
  25. * [API-*] API Exception Codes
  26. */
  27. const API_UNAUTHORIZED = 'API-001';
  28. const API_NOT_AUTHENTICATED = 'API-002';
  29. const API_INSUFFICIENT_PARAMS = 'API-003';
  31. /**
  32. * [CC-*] Campus Connect Exception Codes
  33. */
  34. const USER_NOT_FOUND = 'CC-001';
  35. const INVALID_CREDNETIALS = 'CC-002';
  36. const UNEXPECTED_ERROR = 'CC-005';
  38. public function __construct(FirewallMap $firewall, ContainerInterface $container, EntityManagerInterface $entityManager, UserPasswordEncoderInterface $encoder)
  39. {
  41. $this->firewall = $firewall;
  42. $this->container = $container;
  43. $this->entityManager = $entityManager;
  44. $this->globalAuthEntityManager = $entityManager;
  45. $this->encoder = $encoder;
  46. }
  48. /**
  49. * Check whether this guard is applicable for the current request.
  50. */
  51. public function supports(Request $request)
  52. {
  53. return 'OPTIONS' != $request->getRealMethod() && 'uvdesk_api' === $this->firewall->getFirewallConfig($request)->getName();
  54. }
  56. /**
  57. * Retrieve and prepare credentials from the request.
  58. */
  59. public function getCredentials(Request $request)
  60. {
  63. // print_r("adadsa");
  64. // dd( $this->entityManager->getRepository(User::class,'global_auth')->findOneByEmail("snehal.yugasa@gmail.com"));
  65. $accessToken = null;
  66. $authorization = $request->headers->get('Authorization');
  68. // $parameters = json_decode($request->getContent(), true);
  70. //for admin
  71. // if($parameters['userType'] == 1){
  73. $authorization = "bearer.PSKTANSI8XIIFLXO0IV4GAVXQM7VUYVPB2FFOJKIKS0YAWWX4ZZK9MQNI63OOKDT";
  74. // $authorization = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdGFmZklkIjoxNTAsImlhdCI6MTY5NDQzNDg4OH0.21KO-3183ALXji8vxCP1cDUEK0Q-P6Reao5OvWNydfA";
  75. // $tokenParts = explode(".", $authorization);
  76. // $tokenHeader = base64_decode($tokenParts[0]);
  77. // $tokenPayload = base64_decode($tokenParts[1]);
  78. // $jwtHeader = json_decode($tokenHeader);
  79. // $jwtPayload = json_decode($tokenPayload);
  80. // print $jwtPayload->username;
  82. // print_r($jwtPayload);
  84. // exit;
  87. // exit;
  89. // }else{
  91. // $authorization = $request->headers->get('Authorization');
  93. // }
  94. // dd($authorization);
  95. if (!empty($authorization) && strpos(strtolower($authorization), 'basic') === 0) {
  96. $accessToken = substr($authorization, 6);
  97. } else if (!empty($authorization) && strpos(strtolower($authorization), 'bearer') === 0) {
  98. $accessToken = substr($authorization, 7);
  99. }
  101. if (!empty($accessToken)) {
  102. try {
  103. if (in_array($request->attributes->get('_route'), ['uvdesk_api_bundle_sessions_api_v1.0_login_session'])) {
  104. list($email, $password) = explode(':', base64_decode($accessToken));
  106. return [
  107. 'email' => $email,
  108. 'password' => $password,
  109. ];
  110. } else {
  111. $user = $this->entityManager->getRepository(ApiAccessCredential::class)->getUserEmailByAccessToken($accessToken);
  113. // $test = $user = $this->globalAuthEntityManager->getRepository(ApiAccessCredential::class)
  114. // ->findOneBy(['accessToken' => $accessToken]);
  117. return [
  118. 'email' => $user['email'],
  119. 'accessToken' => $accessToken,
  120. ];
  121. }
  122. } catch (\Exception $e) {
  123. throw new AuthenticationException("An unexpected error occurred while authenticating credentials: {$e->getMessage()}");
  124. }
  125. }
  127. return [];
  128. }
  130. /**
  131. * Retrieve the current user on behalf of which the request is being performed.
  132. */
  133. public function getUser($credentials, UserProviderInterface $provider)
  134. {
  135. return !empty($credentials['email']) ? $provider->loadUserByUsername($credentials['email']) : null;
  136. }
  138. /**
  139. * Process the provided credentials and check whether the current request is properly authenticated.
  140. */
  141. public function checkCredentials($credentials, UserInterface $user)
  142. {
  143. if (!empty($credentials['password'])) {
  144. return $this->encoder->isPasswordValid($user, $credentials['password']);
  145. }
  147. if (!empty($credentials['accessToken'])) {
  148. $accessCredentials = $this->entityManager->getRepository(ApiAccessCredential::class)->findOneBy([
  149. 'user' => $user,
  150. 'token' => $credentials['accessToken'],
  151. ]);
  153. if (!empty($accessCredentials) && true == $accessCredentials->getIsEnabled() && false == $accessCredentials->getIsExpired()) {
  154. return true;
  155. }
  156. }
  158. return false;
  159. }
  161. /**
  162. * Disable support for the "remember me" functionality.
  163. */
  164. public function supportsRememberMe()
  165. {
  166. return false;
  167. }
  169. public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
  170. {
  171. return null;
  172. }
  174. public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
  175. {
  176. // dd($exception->getMessageKey());
  177. switch ($exception->getMessageKey()) {
  178. case 'Username could not be found.':
  179. $data = [
  180. 'status' => false,
  181. 'message' => 'No such user found',
  182. 'error_code' => self::USER_NOT_FOUND,
  183. ];
  185. break;
  186. case 'Invalid Credentials.':
  187. $data = [
  188. 'status' => false,
  189. 'message' => 'Invalid credentials provided.',
  190. 'error_code' => self::INVALID_CREDNETIALS,
  191. ];
  193. break;
  194. default:
  195. $data = [
  196. 'status' => false,
  197. 'message' => strtr($exception->getMessageKey(), $exception->getMessageData()),
  198. 'error_code' => self::UNEXPECTED_ERROR,
  199. ];
  201. break;
  202. }
  204. return new JsonResponse($data, Response::HTTP_FORBIDDEN);
  205. }
  207. public function start(Request $request, AuthenticationException $authException = null)
  208. {
  209. $data = [
  210. 'status' => false,
  211. 'message' => 'Authentication Required',
  212. 'error_code' => self::API_NOT_AUTHENTICATED,
  213. ];
  215. return new JsonResponse($data, Response::HTTP_UNAUTHORIZED);
  216. }
  217. }