-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy pathWechatAuthenticator.php
More file actions
139 lines (118 loc) · 3.76 KB
/
WechatAuthenticator.php
File metadata and controls
139 lines (118 loc) · 3.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
namespace WechatBundle\Security\Guard\Authenticator;
use Thenbsp\Wechat\OAuth\Client;
use WechatBundle\Event\Events;
use WechatBundle\Event\WechatAuthorizeEvent;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\EventDispatcher\GenericEvent;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\Security\Http\Util\TargetPathTrait;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
class WechatAuthenticator extends AbstractGuardAuthenticator
{
/**
* Symfony\Component\Security\Http\Util\TargetPathTrait
*/
use TargetPathTrait;
/**
* Symfony\Component\Security\Http\HttpUtils
*/
protected $httpUtils;
/**
* Thenbsp\Wechat\OAuth\Client
*/
protected $client;
/**
* 自定义参数
*/
protected $options = [
'authorize_path' => '/wechat/authorize',
'default_path' => '/'
];
/**
* 构造方法
*/
public function __construct(
EventDispatcherInterface $dispatcher,
HttpUtils $httpUtils,
Client $client)
{
$this->dispatcher = $dispatcher;
$this->httpUtils = $httpUtils;
$this->client = $client;
}
/**
* 从 Request 对象中取得凭证
*/
public function getCredentials(Request $request)
{
if (!$this->httpUtils->checkRequestPath($request, $this->options['authorize_path'])) {
return;
}
if (!$request->query->has('code')) {
return;
}
return $request->query->get('code');
}
/**
* 根据凭证取得用户对象
*/
public function getUser($credentials, UserProviderInterface $userProvider)
{
try {
$accessToken = $this->client->getAccessToken($credentials);
$event = new WechatAuthorizeEvent($accessToken);
$this->dispatcher->dispatch(Events::WECHAT_AUTHORIZE, $event);
return $event->getUser();
} catch (\Exception $e) {
throw new AuthenticationException($e->getMessage());
}
}
/**
* 检测用户对象是否有效
*/
public function checkCredentials($credentials, UserInterface $user)
{
return true;
}
/**
* 认证失败操作
*/
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
$session = $request->getSession();
$session->set(Security::AUTHENTICATION_ERROR, $exception);
return $this->httpUtils->createRedirectResponse($request, $this->options['authorize_path']);
}
/**
* 认证成功操作
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
{
$targetPath = $this->getTargetPath($request->getSession(), $providerKey);
if (!$targetPath) {
$targetPath = $this->httpUtils->generateUri($request, $this->options['default_path']);
}
return $this->httpUtils->createRedirectResponse($request, $targetPath);
}
/**
* 是否支持自动登录
*/
public function supportsRememberMe()
{
return false;
}
/**
* 防火墙入口点
*/
public function start(Request $request, AuthenticationException $authException = null)
{
return $this->httpUtils->createRedirectResponse($request, $this->options['authorize_path']);
}
}