Code Coverage for /Users/ericduran/Sites/drupal/drupal/core/lib/Drupal/Core/EventSubscriber/AuthenticationSubscriber.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	CRAP	0.00% covered (danger)	0.00%	0 / 40
AuthenticationSubscriber	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 5	462	0.00% covered (danger)	0.00%	0 / 40
__construct				0.00% covered (danger)	0.00%	0 / 1	12	0.00% covered (danger)	0.00%	0 / 5
onKernelRequestAuthenticate				0.00% covered (danger)	0.00%	0 / 1	20	0.00% covered (danger)	0.00%	0 / 12
onKernelRequestFilterProvider				0.00% covered (danger)	0.00%	0 / 1	30	0.00% covered (danger)	0.00%	0 / 7
onExceptionSendChallenge				0.00% covered (danger)	0.00%	0 / 1	72	0.00% covered (danger)	0.00%	0 / 11
getSubscribedEvents				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 5

1	<?php
2
3	/**
4	* @file
5	* Contains \Drupal\Core\EventSubscriber\AuthenticationSubscriber.
6	*/
7
8	namespace Drupal\Core\EventSubscriber;
9
10	use Drupal\Core\Authentication\AuthenticationProviderFilterInterface;
11	use Drupal\Core\Authentication\AuthenticationProviderChallengeInterface;
12	use Drupal\Core\Authentication\AuthenticationProviderInterface;
13	use Drupal\Core\Session\AccountProxyInterface;
14	use Symfony\Component\EventDispatcher\EventSubscriberInterface;
15	use Symfony\Component\HttpKernel\Event\GetResponseEvent;
16	use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
17	use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
18	use Symfony\Component\HttpKernel\HttpKernelInterface;
19	use Symfony\Component\HttpKernel\KernelEvents;
20
21	/**
22	* Authentication subscriber.
23	*
24	* Trigger authentication during the request.
25	*/
26	class AuthenticationSubscriber implements EventSubscriberInterface {
27
28	/**
29	* Authentication provider.
30	*
31	* @var \Drupal\Core\Authentication\AuthenticationProviderInterface
32	*/
33	protected $authenticationProvider;
34
35	/**
36	* Authentication provider filter.
37	*
38	* @var \Drupal\Core\Authentication\AuthenticationProviderFilterInterface\|NULL
39	*/
40	protected $filter;
41
42	/**
43	* Authentication challenge provider.
44	*
45	* @var \Drupal\Core\Authentication\AuthenticationProviderChallengeInterface\|NULL
46	*/
47	protected $challengeProvider;
48
49	/**
50	* Account proxy.
51	*
52	* @var \Drupal\Core\Session\AccountProxyInterface
53	*/
54	protected $accountProxy;
55
56	/**
57	* Constructs an authentication subscriber.
58	*
59	* @param \Drupal\Core\Authentication\AuthenticationProviderInterface $authentication_provider
60	* An authentication provider.
61	* @param \Drupal\Core\Session\AccountProxyInterface $account_proxy
62	* Account proxy.
63	*/
64	public function __construct(AuthenticationProviderInterface $authentication_provider, AccountProxyInterface $account_proxy) {
65	$this->authenticationProvider = $authentication_provider;
66	$this->filter = ($authentication_provider instanceof AuthenticationProviderFilterInterface) ? $authentication_provider : NULL;
67	$this->challengeProvider = ($authentication_provider instanceof AuthenticationProviderChallengeInterface) ? $authentication_provider : NULL;
68	$this->accountProxy = $account_proxy;
69	}
70
71	/**
72	* Authenticates user on request.
73	*
74	* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
75	* The request event.
76	*
77	* @see \Drupal\Core\Authentication\AuthenticationProviderInterface::authenticate()
78	*/
79	public function onKernelRequestAuthenticate(GetResponseEvent $event) {
80	if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
81	$request = $event->getRequest();
82	if ($this->authenticationProvider->applies($request)) {
83	$account = $this->authenticationProvider->authenticate($request);
84	if ($account) {
85	$this->accountProxy->setAccount($account);
86	return;
87	}
88	}
89	// No account has been set explicitly, initialize the timezone here.
90	date_default_timezone_set(drupal_get_user_timezone());
91	}
92	}
93
94	/**
95	* Denies access if authentication provider is not allowed on this route.
96	*
97	* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
98	* The request event.
99	*/
100	public function onKernelRequestFilterProvider(GetResponseEvent $event) {
101	if (isset($this->filter) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
102	$request = $event->getRequest();
103	if ($this->authenticationProvider->applies($request) && !$this->filter->appliesToRoutedRequest($request, TRUE)) {
104	throw new AccessDeniedHttpException();
105	}
106	}
107	}
108
109	/**
110	* Respond with a challenge on access denied exceptions if appropriate.
111	*
112	* On a 403 (access denied), if there are no credentials on the request, some
113	* authentication methods (e.g. basic auth) require that a challenge is sent
114	* to the client.
115	*
116	* @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
117	* The exception event.
118	*/
119	public function onExceptionSendChallenge(GetResponseForExceptionEvent $event) {
120	if (isset($this->challengeProvider) && $event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
121	$request = $event->getRequest();
122	$exception = $event->getException();
123	if ($exception instanceof AccessDeniedHttpException && !$this->authenticationProvider->applies($request) && (!isset($this->filter) \|\| $this->filter->appliesToRoutedRequest($request, FALSE))) {
124	$challenge_exception = $this->challengeProvider->challengeException($request, $exception);
125	if ($challenge_exception) {
126	$event->setException($challenge_exception);
127	}
128	}
129	}
130	}
131
132	/**
133	* {@inheritdoc}
134	*/
135	public static function getSubscribedEvents() {
136	// The priority for authentication must be higher than the highest event
137	// subscriber accessing the current user. Especially it must be higher than
138	// LanguageRequestSubscriber as LanguageManager accesses the current user if
139	// the language module is enabled.
140	$events[KernelEvents::REQUEST][] = ['onKernelRequestAuthenticate', 300];
141
142	// Access check must be performed after routing.
143	$events[KernelEvents::REQUEST][] = ['onKernelRequestFilterProvider', 31];
144	$events[KernelEvents::EXCEPTION][] = ['onExceptionSendChallenge', 75];
145	return $events;
146	}
147
148	}