src/Security/SocialAuthenticator.php line 43

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\User;
  6. use Doctrine\ORM\EntityManagerInterface;
  7. use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
  8. use KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpFoundation\Response;
  12. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  13. use Symfony\Component\Routing\RouterInterface;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  16. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  17. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  19. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  21. class SocialAuthenticator extends OAuth2Authenticator implements AuthenticationEntrypointInterface
  22. {
  23.     private $clientRegistry;
  24.     private $entityManager;
  25.     private $router;
  26.     private $passwordEncoder;
  28.     public function __construct(ClientRegistry $clientRegistryEntityManagerInterface $entityManagerRouterInterface $routerUserPasswordHasherInterface $passwordEncoder)
  29.     {
  30.         $this->clientRegistry $clientRegistry;
  31.         $this->entityManager $entityManager;
  32.         $this->router $router;
  33.         $this->passwordEncoder $passwordEncoder;
  34.     }
  36.     public function supports(Request $request): ?bool
  37.     {
  38.         // continue ONLY if the current ROUTE matches the check ROUTE
  39.         return $request->attributes->get('_route') === 'connect_facebook_check' 
  40.         || $request->attributes->get('_route') === 'connect_google_check';
  41.     }
  43.     public function authenticate(Request $request): Passport
  44.     {
  45.         if ($request->attributes->get('_route') === 'connect_facebook_check') {
  46.             $client $this->clientRegistry->getClient('facebook_main');
  47.         } elseif ($request->attributes->get('_route') === 'connect_google_check') {
  48.             $client $this->clientRegistry->getClient('google_main');
  49.         }
  50.         $accessToken $this->fetchAccessToken($client);
  52.         return new SelfValidatingPassport(
  53.             new UserBadge($accessToken->getToken(), function() use ($accessToken$client) {
  54.                 
  55.                 /** @var FacebookUser $facebookUser */
  56.                 $facebookUser $client->fetchUserFromToken($accessToken);
  57.                 $email $facebookUser->getEmail();
  58.                 $firstName $facebookUser->getFirstName();
  59.                 $lastName $facebookUser->getLastName();
  60.                 $social_id $facebookUser->getId();
  61.                 $role 'ROLE_PARENT';
  63.                 // Generate random bytes
  64.                 $randomBytes random_bytes(10);
  65.                 // Convert random bytes to a password using base64 encoding
  66.                 $password base64_encode($randomBytes);
  67.                 // Optionally, you can remove characters that are not suitable for a password
  68.                 $password strtr($password'+/''-_');
  70.                 // 1) have they logged in with Facebook before? Easy!
  71. /*                 $existingUser = $this->entityManager->getRepository(User::class)->findOneBy(['facebookId' => $facebookUser->getId()]);
  73.                 if ($existingUser) {
  74.                     return $existingUser;
  75.                 }
  76.  */
  77.                 // 2) do we have a matching user by email?
  78.                 $user $this->entityManager->getRepository(User::class)->findOneBy(['username' => $email]);
  79.                 
  80.                 if ($user) {
  81.                     return $user;
  82.                 }
  84.                 // 3) Maybe you just want to "register" them by creating
  85.                 // a User object
  86.                 $user = new User();
  87.                 $user->setNom($lastName);
  88.                 $user->setPrenom($firstName);
  89.                 $user->setUsername($email);
  90.                 $user->setMailnotif(1);
  91.                 $user->setShowpubprod(true);
  92.                 //$user->setNummobile('');
  93.                 $user->setEmail(trim($email));
  94.                 $user->setDateCreation(new \DateTime());
  95.                 $user->addRole($role);
  96.                 $user->setPassword(
  97.                     $this->passwordEncoder->hashPassword(
  98.                         $user,
  99.                         $password
  100.                     )
  101.                 );
  102.                 $this->entityManager->persist($user);
  103.                 $this->entityManager->flush();
  105.                 return $user;
  106.             })
  107.         );
  108.     }
  110.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  111.     {
  112.         // change "app_homepage" to some route in your app
  113.         $targetUrl $this->router->generate('CodeSejour');
  115.         return new RedirectResponse($targetUrl);
  116.     
  117.         // or, on success, let the request continue to be handled by the controller
  118.         //return null;
  119.     }
  121.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  122.     {
  123.         $message strtr($exception->getMessageKey(), $exception->getMessageData());
  125.         return new Response($messageResponse::HTTP_FORBIDDEN);
  126.     }
  127.     
  128.    /**
  129.      * Called when authentication is needed, but it's not sent.
  130.      * This redirects to the 'login'.
  131.      */
  132.     public function start(Request $requestAuthenticationException $authException null): Response
  133.     {
  134.         return new RedirectResponse(
  135.             '/connect/'// might be the site, where users choose their oauth provider
  136.             Response::HTTP_TEMPORARY_REDIRECT
  137.         );
  138.     }
  139. }