Php Symfony2 Wsse身份验证
我正在开发一个新的Symfony2项目(eibrowser),并尝试设置两件事: 1.自定义身份验证提供程序 2.自定义用户提供程序 我遵循了Symfony2文档页面上给出的示例/教程(逐字逐句): 安全文件夹所在的我的包称为“NiwaUtilitiesBundle” 最后,我得到了这个(可怕的)令人困惑的错误消息Php Symfony2 Wsse身份验证,php,symfony,authentication,wsse,Php,Symfony,Authentication,Wsse,我正在开发一个新的Symfony2项目(eibrowser),并尝试设置两件事: 1.自定义身份验证提供程序 2.自定义用户提供程序 我遵循了Symfony2文档页面上给出的示例/教程(逐字逐句): 安全文件夹所在的我的包称为“NiwaUtilitiesBundle” 最后,我得到了这个(可怕的)令人困惑的错误消息 Catchable Fatal Error: Argument 3 passed to Niwa\UtilitiesBundle\Security\Firewall \WsseLi
Catchable Fatal Error: Argument 3 passed to Niwa\UtilitiesBundle\Security\Firewall
\WsseListener::__construct() must be an instance of Niwa\UtilitiesBundle\SecurityFirewall
\SessionAuthenticationStrategyInterface, none given, called in /home/uwe/www/eibrowser2
/app/cache/dev/appDevDebugProjectContainer.php on line 2007 and defined in /home/uwe
/www/eibrowser2/src/Niwa/UtilitiesBundle/Security/Firewall/WsseListener.php line 21
我甚至不知道我的代码的哪一部分要在这里显示
但是下面的代码显示了WsseProvider,我需要对其进行一些更改,因为我们正在使用内部的用户管理系统来为我们进行身份验证
<?php
namespace Niwa\UtilitiesBundle\Security\Authentication\Provider;
use Symfony\Component\Security\Core\Authentication\Provider AuthenticationProviderInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\NonceExpiredException;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Niwa\UtilitiesBundle\Security\Authentication\Token\WsseUserToken;
use Niwa\UsermanagementBundle\Lib\UserManagement;
class WsseProvider implements AuthenticationProviderInterface
{
private $userProvider;
private $cacheDir;
private $userManagement;
public function __construct(UserProviderInterface $userProvider, $cacheDir,$userManagement)
{
$this->userProvider = $userProvider;
$this->cacheDir = $cacheDir;
$this->userManagement = $userManagement;
}
public function authenticate(TokenInterface $token)
{
$user = $this->userProvider->loadUserByName($token->getUsername());
if ($user && $this->validateDigest($token->digest, $token->nonce, $token->created, $user->getPassword())) {
$authenticatedToken = new UmUserToken($user->getRoles());
$authenticatedToken->setUser($user);
return $authenticatedToken;
}
throw new AuthenticationException('The WSSE authentication failed.');
}
/**
* This function is specific to Wsse authentication and is only used to help this example
*
* For more information specific to the logic here, see
* https://github.com/symfony/symfony-docs/pull/3134#issuecomment-27699129
*/
protected function validateDigest($digest, $nonce, $created, $secret)
{
// Check created time is not in the future
if (strtotime($created) > time()) {
return false;
}
// Expire timestamp after 5 minutes
if (time() - strtotime($created) > 300) {
return false;
}
// Validate that the nonce is *not* used in the last 5 minutes
// if it has, this could be a replay attack
if (file_exists($this->cacheDir.'/'.$nonce) && file_get_contents($this->cacheDir.'/'.$nonce) + 300 > time()) {
throw new NonceExpiredException('Previously used nonce detected');
}
// If cache directory does not exist we create it
if (!is_dir($this->cacheDir)) {
mkdir($this->cacheDir, 0777, true);
}
file_put_contents($this->cacheDir.'/'.$nonce, time());
// Validate Secret
// $expected = base64_encode(sha1(base64_decode($nonce).$created.$secret, true));
//return $digest === $expected;
$username = $this->extractUsername($token->getUsername());
$domain = $this->extractDomain($token->getUsername());
$response = $this->userManagement->authenticate($username,$token->getCredentials(),$domain);
return 200 == $response[$status];
}
public function supports(TokenInterface $token)
{
return $token instanceof WsseUserToken;
}
}
用户提供程序是我的自定义用户提供程序,我还按照文档创建了它。我围绕它创建了单元测试,它似乎工作得很好
如果我去掉“wsse:true”一行,Symfony2将在没有错误消息的情况下工作,但将只使用其标准身份验证
我知道这张票有点乱,但我真的不知道从哪里开始他的问题
如果你知道什么地方出了问题,请告诉我
Uwe问题可能出在您的WSSE侦听器上,您能否提供WSSE侦听器的内容?
firewalls:
wsse_secured:
pattern: ^/
provider: user_provider
wsse: true
form_login:
login_path: /login
check_path: /login_check
anonymous: ~