Code Coverage for /app/packages/apie-bundle/src/Security/ApieUserAuthenticator.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	90.20% covered (success)	90.20%	46 / 51	83.33% covered (warning)	83.33%	5 / 6	CRAP	0.00% covered (danger)	0.00%	0 / 1
ApieUserAuthenticator	90.20% covered (success)	90.20%	46 / 51	83.33% covered (warning)	83.33%	5 / 6	18.31	0.00% covered (danger)	0.00%	0 / 1
__construct	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
supports	100.00% covered (success)	100.00%	2 / 2	100.00% covered (success)	100.00%	1 / 1	2
isVerifyAuthenticationAction	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	5
authenticate	87.80% covered (warning)	87.80%	36 / 41	0.00% covered (danger)	0.00%	0 / 1	8.12
onAuthenticationSuccess	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
onAuthenticationFailure	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1

1	<?php
2
3	namespace Apie\ApieBundle\Security;
4
5	use Apie\Common\ApieFacade;
6	use Apie\Common\Events\AddAuthenticationCookie;
7	use Apie\Common\RequestBodyDecoder;
8	use Apie\Common\ValueObjects\DecryptedAuthenticatedUser;
9	use Apie\Core\Actions\ActionInterface;
10	use Apie\Core\BoundedContext\BoundedContextId;
11	use Apie\Core\ContextBuilders\ContextBuilderFactory;
12	use Apie\Core\ContextConstants;
13	use Apie\Core\Entities\EntityInterface;
14	use Apie\Serializer\Exceptions\ValidationException;
15	use Exception;
16	use Psr\Log\LoggerInterface;
17	use Symfony\Bridge\PsrHttpMessage\HttpMessageFactoryInterface;
18	use Symfony\Component\HttpFoundation\Request;
19	use Symfony\Component\HttpFoundation\Response;
20	use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
21	use Symfony\Component\Security\Core\Exception\AuthenticationException;
22	use Symfony\Component\Security\Core\Exception\CustomUserMessageAuthenticationException;
23	use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
24	use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
25	use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
26	use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
27	use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
28
29	class ApieUserAuthenticator extends AbstractAuthenticator
30	{
31	public function __construct(
32	private readonly ApieFacade $apieFacade,
33	private readonly HttpMessageFactoryInterface $httpMessageFactory,
34	private readonly ContextBuilderFactory $contextBuilderFactory,
35	private readonly RequestBodyDecoder $decoder,
36	private readonly LoggerInterface $logger
37	) {
38	}
39
40	public function supports(Request $request): ?bool
41	{
42	return $request->cookies->has(AddAuthenticationCookie::COOKIE_NAME)
43	\|\| $this->isVerifyAuthenticationAction($request);
44	}
45
46	private function isVerifyAuthenticationAction(Request $request): bool
47	{
48	return $request->attributes->has('_is_apie')
49	&& in_array($request->getMethod(), ['POST', 'PUT', 'PATCH'])
50	&& $request->attributes->get(ContextConstants::OPERATION_ID)
51	&& str_starts_with($request->attributes->get(ContextConstants::OPERATION_ID), 'call-method-')
52	&& 'verifyAuthentication' === $request->attributes->get(ContextConstants::METHOD_NAME);
53	}
54
55	public function authenticate(Request $request): Passport
56	{
57	$psrRequest = $this->httpMessageFactory->createRequest($request)
58	->withHeader('Accept', 'application/json');
59	$context = $this->contextBuilderFactory->createFromRequest($psrRequest, $psrRequest->getAttributes());
60	try {
61	$decryptedUserId = $context->getContext(DecryptedAuthenticatedUser::class, false);
62	$loginAction = $this->isVerifyAuthenticationAction($request);
63	if ($decryptedUserId instanceof DecryptedAuthenticatedUser) {
64	if ($decryptedUserId->isExpired()) {
65	throw new \LogicException('Token is expired!');
66	}
67	if (!$loginAction) {
68	return new SelfValidatingPassport(
69	new UserBadge($decryptedUserId->toNative()),
70	[
71	new RememberMeBadge()
72	]
73	);
74	}
75	}
76	if ($loginAction) {
77	$actionClass = $psrRequest->getAttribute(ContextConstants::APIE_ACTION);
78	/** @var ActionInterface $action */
79	$action = new $actionClass($this->apieFacade);
80	$actionResponse = $action($context, $this->decoder->decodeBody($psrRequest));
81	if ($actionResponse->result instanceof EntityInterface) {
82	$decryptedUserId = DecryptedAuthenticatedUser::createFromEntity(
83	$actionResponse->result,
84	new BoundedContextId($psrRequest->getAttribute(ContextConstants::BOUNDED_CONTEXT_ID)),
85	time() + 3600
86	);
87	$request->attributes->set(ContextConstants::AUTHENTICATED_USER, $actionResponse->result);
88	$request->attributes->set(DecryptedAuthenticatedUser::class, $decryptedUserId);
89	$request->attributes->set(ContextConstants::ALREADY_CALCULATED, $actionResponse);
90	return new SelfValidatingPassport(
91	new UserBadge($decryptedUserId->toNative()),
92	[
93	new RememberMeBadge()
94	]
95	);
96	}
97	if ($actionResponse->result instanceof ValidationException) {
98	throw $actionResponse->result;
99	}
100	}
101	} catch (Exception $error) {
102	$this->logger->error('Could not authenticate user: ' . $error->getMessage(), ['error' => $error]);
103	throw new CustomUserMessageAuthenticationException('Could not authenticate user!', [], 0, $error);
104	}
105	$this->logger->error('Could not authenticate user, but no exception was thrown');
106	throw new CustomUserMessageAuthenticationException('Could not authenticate user!');
107	}
108
109	public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
110	{
111	return null;
112	}
113
114	public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
115	{
116	return null;
117	}
118	}