AppserverIo\Appserver\ServletEngine\Authenticator\FormAuthenticator::authenticate PHP Method

FormAuthenticator Class Documentation Exibir arquivo Open project: appserver-io/appserver

authenticate() public method

Return TRUE if any specified constraint has been satisfied, or FALSE if we have created a response challenge already.
public authenticate ( AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface $servletRequest, AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface $servletResponse ) : boolean
$servletRequest AppserverIo\Psr\Servlet\Http\HttpServletRequestInterface The servlet request instance
$servletResponse AppserverIo\Psr\Servlet\Http\HttpServletResponseInterface The servlet response instance
return boolean TRUE if authentication has already been processed on a request before, else FALSE 
    public function authenticate(HttpServletRequestInterface $servletRequest, HttpServletResponseInterface $servletResponse)
    {
        // start the session, if not already done
        /** @var \AppserverIo\Psr\Servlet\Http\HttpSessionInterface $session */
        $session = $servletRequest->getSession(true);
        // start the session if not already done
        if ($session->isStarted() === false) {
            $session->start();
        }
        // try to load the principal from the session if available
        if ($session->hasKey(Constants::PRINCIPAL)) {
            if ($session->getData(Constants::PRINCIPAL) instanceof PrincipalInterface) {
                // invoke the onCache callback and return
                $this->onCache($servletRequest, $servletResponse);
                return true;
            }
        }
        // is this the re-submit of the original request URI after successful
        // authentication? If so, forward the *original* request instead
        if ($this->matchRequest($servletRequest)) {
            // invoke the onRestore callback and return
            $this->onResubmit($servletRequest, $servletResponse);
            return true;
        }
        // is this the action request from the login page?
        if (FormKeys::FORM_ACTION !== pathinfo($servletRequest->getRequestUri(), PATHINFO_FILENAME)) {
            // invoke the onLogin callback and redirect to the login page
            $this->onLogin($servletRequest, $servletResponse);
            return false;
        }
        // invoke the onCredentials callback to load the credentials from the request
        $this->onCredentials($servletRequest, $servletResponse);
        // load the realm to authenticate this request for
        /** @var AppserverIo\Appserver\ServletEngine\Security\RealmInterface $realm */
        $realm = $this->getAuthenticationManager()->getRealm($this->getRealmName());
        // authenticate the request and initialize the user principal
        $userPrincipal = $realm->authenticate($this->getUsername(), $this->getPassword());
        // query whether or not the realm returned an authenticated user principal
        if ($userPrincipal == null) {
            // invoke the onFailure callback and forward the user to the error page
            $this->onFailure($realm, $servletRequest, $servletResponse);
            return false;
        }
        // invoke the onSuccess callback and redirect the user to the original page
        $this->onSuccess($userPrincipal, $servletRequest, $servletResponse);
        return false;
    }
FormAuthenticator
authenticate
forwardToErrorPage
forwardToFormRequest
forwardToLoginPage
getPassword
login
logout
matchRequest
onCache
onCredentials
onFailure
onLogin
onResubmit
onSuccess
register
restoreRequest
saveRequest