vendor/scheb/two-factor-bundle/Security/TwoFactor/EventListener/InteractiveLoginListener.php line 56

Open in your IDE?
  1. <?php
  3. namespace Scheb\TwoFactorBundle\Security\TwoFactor\EventListener;
  5. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  6. use Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationHandlerInterface;
  7. use Scheb\TwoFactorBundle\Security\TwoFactor\AuthenticationContextFactoryInterface;
  9. class InteractiveLoginListener
  10. {
  11.     /**
  12.      * @var AuthenticationContextFactoryInterface
  13.      */
  14.     private $authenticationContextFactory;
  16.     /**
  17.      * @var AuthenticationHandlerInterface
  18.      */
  19.     private $authHandler;
  21.     /**
  22.      * @var array
  23.      */
  24.     private $supportedTokens;
  26.     /**
  27.      * @var array
  28.      */
  29.     private $ipWhitelist;
  31.     /**
  32.      * Construct a listener for login events.
  33.      *
  34.      * @param AuthenticationContextFactoryInterface $authenticationContextFactory
  35.      * @param AuthenticationHandlerInterface $authHandler
  36.      * @param array $supportedTokens
  37.      * @param array $ipWhitelist
  38.      */
  39.     public function __construct(
  40.         AuthenticationContextFactoryInterface $authenticationContextFactory,
  41.         AuthenticationHandlerInterface $authHandler,
  42.         array $supportedTokens,
  43.         array $ipWhitelist
  44.     ) {
  45.         $this->authenticationContextFactory $authenticationContextFactory;
  46.         $this->authHandler $authHandler;
  47.         $this->supportedTokens $supportedTokens;
  48.         $this->ipWhitelist $ipWhitelist;
  49.     }
  51.     /**
  52.      * Listen for successful login events.
  53.      *
  54.      * @param InteractiveLoginEvent $event
  55.      */
  56.     public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
  57.     {
  58.         $request $event->getRequest();
  60.         // Skip two-factor authentication for whitelisted IPs
  61.         if (in_array($request->getClientIp(), $this->ipWhitelist)) {
  62.             return;
  63.         }
  65.         // Check if security token is supported
  66.         $token $event->getAuthenticationToken();
  67.         if (!$this->isTokenSupported($token)) {
  68.             return;
  69.         }
  71.         // Forward to two-factor providers
  72.         // They decide if they will do two-factor authentication
  73.         $context $this->authenticationContextFactory->create($request$token);
  74.         $this->authHandler->beginAuthentication($context);
  75.     }
  77.     /**
  78.      * Check if the token class is supported.
  79.      *
  80.      * @param mixed $token
  81.      *
  82.      * @return bool
  83.      */
  84.     private function isTokenSupported($token)
  85.     {
  86.         if (null === $token) {
  87.             return false;
  88.         }
  90.         $class get_class($token);
  92.         return in_array($class$this->supportedTokens);
  93.     }
  94. }