TechQA.

Symfony2 Wsse authentication

1.5k views Asked by At

I am developing a new Symfony2 project (eibrowser) and am trying to set up two things: 1. Custom Authentication Provider 2. A custom User provider

I followed the example / tutorial (word by word nearly) given on the Symfony2 documentation pages:

http://symfony.com/doc/current/cookbook/security/custom_authentication_provider.html My bundle in which the security folder lives is called 'NiwaUtilitiesBundle'.

In the end of all I end up with this (horribly) confusing error message

Catchable Fatal Error: Argument 3 passed to Niwa\UtilitiesBundle\Security\Firewall
\WsseListener::__construct() must be an instance of Niwa\UtilitiesBundle\SecurityFirewall
\SessionAuthenticationStrategyInterface, none given, called in /home/uwe/www/eibrowser2
/app/cache/dev/appDevDebugProjectContainer.php on line 2007 and defined in /home/uwe
/www/eibrowser2/src/Niwa/UtilitiesBundle/Security/Firewall/WsseListener.php line 21

I am not even sure which parts of my code to show here ....

But the code below shows the WsseProvider which I needed to change a bit as we are using a user management system in house which does the authentication for us

<?php 

namespace Niwa\UtilitiesBundle\Security\Authentication\Provider;

use Symfony\Component\Security\Core\Authentication\Provider   AuthenticationProviderInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\NonceExpiredException;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Niwa\UtilitiesBundle\Security\Authentication\Token\WsseUserToken;

use Niwa\UsermanagementBundle\Lib\UserManagement;


class WsseProvider implements AuthenticationProviderInterface
{
    private $userProvider;
    private $cacheDir;
    private $userManagement;

public function __construct(UserProviderInterface $userProvider, $cacheDir,$userManagement)
{
    $this->userProvider   = $userProvider;
    $this->cacheDir       = $cacheDir;
    $this->userManagement = $userManagement;
}

public function authenticate(TokenInterface $token)
{
    $user = $this->userProvider->loadUserByName($token->getUsername());

    if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
        $authenticatedToken = new UmUserToken($user->getRoles());
        $authenticatedToken->setUser($user);

        return $authenticatedToken;
    }

    throw new AuthenticationException('The WSSE authentication failed.');
}

/**
 * This function is specific to Wsse authentication and is only used to help this example
 *
 * For more information specific to the logic here, see
 * https://github.com/symfony/symfony-docs/pull/3134#issuecomment-27699129
 */
protected function validateDigest($digest, $nonce, $created, $secret)
{
    // Check created time is not in the future
    if (strtotime($created) > time()) {
        return false;
    }

    // Expire timestamp after 5 minutes
    if (time() - strtotime($created) > 300) {
        return false;
    }

    // Validate that the nonce is *not* used in the last 5 minutes
    // if it has, this could be a replay attack
    if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
        throw new NonceExpiredException('Previously used nonce detected');
    }
    // If cache directory does not exist we create it
    if (!is_dir($this->cacheDir)) {
        mkdir($this->cacheDir, 0777, true);
    }
    file_put_contents($this->cacheDir.'/'.$nonce, time());

    // Validate Secret
   // $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));

    //return $digest === $expected;

    $username = $this->extractUsername($token->getUsername());
    $domain   = $this->extractDomain($token->getUsername());

    $response = $this->userManagement->authenticate($username,$token->getCredentials(),$domain);

    return 200 == $response[$status];

}

public function supports(TokenInterface $token)
{
    return $token instanceof WsseUserToken;
}
}

I am trying to make Symfony use my custom provider by setting configuring my security,yml this way: security: providers: user_provider: id: um.user.provider encoders: Niwa\UtilitiesBundle\Security\User\UmUser: plaintext

    firewalls:
        wsse_secured:
            pattern: ^/

            provider: user_provider
            wsse: true
            form_login:
                login_path: /login
                check_path: /login_check
            anonymous: ~

The user provider is my custom user provider which I also created following the documentation. I created unit tests around it and it seems to work fine...

If I take the line 'wsse: true' out, Symfony2 will work without that error message but will simply use its standard authentication...

I know this ticket is a bit messy - but I just don't know where to start with his problem really.

If you have any idea what could be wrong - please let me know,

Uwe

php symfony authentication wsse
Original Q&A
0

There are 0 answers

Related Questions in PHP

Related Questions in SYMFONY

Related Questions in AUTHENTICATION

Related Questions in WSSE

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions