/**
* Handles all messages for authentication (Hello and Authenticate)
* This is called by the Realm to handle authentication
*
* @param \Thruway\Realm $realm
* @param \Thruway\Session $session
* @param \Thruway\Message\Message $msg
* @throws \Exception
*/
private function processMessage(Realm $realm, Session $session, Message $msg)
{
if ($session->isAuthenticated()) {
throw new \Exception("Message sent to authentication manager for already authenticated session.");
}
// trusted transports do not need any authentication
if ($session->getTransport()->isTrusted()) {
$authDetails = new AuthenticationDetails();
$authDetails->setAuthMethod('internalClient');
$authDetails->setAuthId('internal');
// set the authid if the hello has one
if ($msg instanceof HelloMessage) {
$details = $msg->getDetails();
if (isset($details) && isset($details->authid)) {
$authDetails->setAuthId($details->authid);
}
}
$authDetails->addAuthRole("authenticated_user");
$authDetails->addAuthRole("admin");
$session->setAuthenticationDetails($authDetails);
$session->setAuthenticated(true);
$details = new \stdClass();
$details->authid = $authDetails->getAuthId();
$details->authmethod = $authDetails->getAuthMethod();
$details->authrole = $authDetails->getAuthRole();
$details->authroles = $authDetails->getAuthRoles();
$session->sendMessage(new WelcomeMessage($session->getSessionId(), $details));
return;
}
if (!$this->readyToAuthenticate()) {
$session->abort(new \stdClass(), 'thruway.authenticator.not_ready');
return;
}
if ($msg instanceof HelloMessage) {
if ($session->getAuthenticationDetails() !== null) {
// Todo: probably shouldn't be so dramatic here
throw new \Exception("Hello message sent to authentication manager when there is already authentication details attached.");
}
$this->handleHelloMessage($realm, $session, $msg);
} else {
if ($msg instanceof AuthenticateMessage) {
$this->handleAuthenticateMessage($realm, $session, $msg);
} else {
throw new \Exception("Invalid message type sent to AuthenticationManager.");
}
}
}
