Skip to content

Improved code of custom authentication provider cookbook article #2614

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 10, 2013
Merged

Improved code of custom authentication provider cookbook article #2614

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dd6cae4
Improved code of custom authentication provider cookbook article
May 6, 2013
a7d22e1
Removed extra spaces on is_dir check
May 8, 2013
20a6775
Modified return statement place
May 9, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 10 additions & 1 deletion cookbook/security/custom_authentication_provider.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -138,7 +138,7 @@ set an authenticated token in the security context if successful.
try {
$authToken = $this->authenticationManager->authenticate($token);

$this->securityContext->setToken($authToken);
return $this->securityContext->setToken($authToken);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

setToken does not return anything so this is misleading. You should put a return; statement after it instead.

} catch (AuthenticationException $failed) {
// ... you might log something here

Expand All @@ -152,6 +152,11 @@ set an authenticated token in the security context if successful.
$event->setResponse($response);

}

// By default deny authorization
$response = new Response();
$response->setStatusCode(403);
$event->setResponse($response);
}
}

Expand Down Expand Up @@ -233,6 +238,10 @@ the ``PasswordDigest`` header value matches with the user's password.
if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected');
}
// If cache directory does not exist we create it
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir.'/'.$nonce, time());

// Validate Secret
Expand Down