vendor/symfony/security/Http/Firewall/AccessListener.php line 68

Open in your IDE?
  1. <?php
  2. /*
  3.  * This file is part of the Symfony package.
  4.  *
  5.  * (c) Fabien Potencier <[email protected]>
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  10. namespace Symfony\Component\Security\Http\Firewall;
  11. use Symfony\Component\HttpKernel\Event\GetResponseEvent;
  12. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  13. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  14. use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
  15. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  16. use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException;
  17. use Symfony\Component\Security\Http\AccessMapInterface;
  18. /**
  19.  * AccessListener enforces access control rules.
  20.  *
  21.  * @author Fabien Potencier <[email protected]>
  22.  */
  23. class AccessListener implements ListenerInterface
  24. {
  25.     private $tokenStorage;
  26.     private $accessDecisionManager;
  27.     private $map;
  28.     private $authManager;
  29.     public function __construct(TokenStorageInterface $tokenStorageAccessDecisionManagerInterface $accessDecisionManagerAccessMapInterface $mapAuthenticationManagerInterface $authManager)
  30.     {
  31.         $this->tokenStorage $tokenStorage;
  32.         $this->accessDecisionManager $accessDecisionManager;
  33.         $this->map $map;
  34.         $this->authManager $authManager;
  35.     }
  36.     /**
  37.      * Handles access authorization.
  38.      *
  39.      * @throws AccessDeniedException
  40.      * @throws AuthenticationCredentialsNotFoundException
  41.      */
  42.     public function handle(GetResponseEvent $event)
  43.     {
  44.         if (null === $token $this->tokenStorage->getToken()) {
  45.             throw new AuthenticationCredentialsNotFoundException('A Token was not found in the TokenStorage.');
  46.         }
  47.         $request $event->getRequest();
  48.         list($attributes) = $this->map->getPatterns($request);
  49.         if (null === $attributes) {
  50.             return;
  51.         }
  52.         if (!$token->isAuthenticated()) {
  53.             $token $this->authManager->authenticate($token);
  54.             $this->tokenStorage->setToken($token);
  55.         }
  56.         if (!$this->accessDecisionManager->decide($token$attributes$request)) {
  57.             $exception = new AccessDeniedException();
  58.             $exception->setAttributes($attributes);
  59.             $exception->setSubject($request);
  60.             throw $exception;
  61.         }
  62.     }
  63. }