SpBundle/src/LightSaml/SpBundle/DependencyInjection/Security/Factory/LightSamlSpFactory.php at dece108521434147f9e14b2c3ed081be3e6d47de · lightSAML/SpBundle · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php

/*
 * This file is part of the LightSAML SP-Bundle package.
 *
 * (c) Milos Tomic <tmilos@lightsaml.com>
 *
 * This source file is subject to the MIT license that is bundled
 * with this source code in the file LICENSE.
 */

namespace LightSaml\SpBundle\DependencyInjection\Security\Factory;

use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory;
use Symfony\Component\Config\Definition\Builder\NodeDefinition;
use Symfony\Component\DependencyInjection\ChildDefinition;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\DefinitionDecorator;
use Symfony\Component\DependencyInjection\Reference;

class LightSamlSpFactory extends AbstractFactory
{
    public function addConfiguration(NodeDefinition $node)
    {
        parent::addConfiguration($node);
        $node
            ->children()
                ->booleanNode('force')->defaultTrue()->end()
                ->scalarNode('username_mapper')->defaultValue('lightsaml_sp.username_mapper.simple')->end()
                ->scalarNode('user_creator')->defaultNull()->end()
                ->scalarNode('attribute_mapper')->defaultValue('lightsaml_sp.attribute_mapper.simple')->end()
                ->scalarNode('token_factory')->defaultValue('lightsaml_sp.token_factory')->end()
            ->end()
        ->end();
    }

    /**
     * Subclasses must return the id of a service which implements the
     * AuthenticationProviderInterface.
     *
     * @param ContainerBuilder $container
     * @param string           $id             The unique id of the firewall
     * @param array            $config         The options array for this listener
     * @param string           $userProviderId The id of the user provider
     *
     * @return string never null, the id of the authentication provider
     */
    public function createAuthenticator(ContainerBuilder $container, string $firewallName, array $config, string $userProviderId): string|array
    {
        $definition = new ChildDefinition('security.authentication.provider.lightsaml_sp');
        $providerId = 'security.authentication.provider.lightsaml_sp.'.$firewallName;
        $provider = $container
            ->setDefinition($providerId, $definition)
            ->replaceArgument(0, $firewallName)
            ->replaceArgument(2, $config['force'])
        ;
        if (isset($config['provider'])) {
            $provider->replaceArgument(1, new Reference($userProviderId));
        }
        if (isset($config['username_mapper'])) {
            $provider->replaceArgument(4, new Reference($config['username_mapper']));
        }
        if (isset($config['user_creator'])) {
            $provider->replaceArgument(5, new Reference($config['user_creator']));
        }
        if (isset($config['attribute_mapper'])) {
            $provider->replaceArgument(6, new Reference($config['attribute_mapper']));
        }
        if (isset($config['token_factory'])) {
            $provider->replaceArgument(7, new Reference($config['token_factory']));
        }

        return $providerId;
    }

    /**
     * Subclasses must return the id of the listener template.
     *
     * Listener definitions should inherit from the AbstractAuthenticationListener
     * like this:
     *
     *    <service id="my.listener.id"
     *             class="My\Concrete\Classname"
     *             parent="security.authentication.listener.abstract"
     *             abstract="true" />
     *
     * In the above case, this method would return "my.listener.id".
     *
     * @return string
     */
    protected function getListenerId()
    {
        return 'security.authentication.listener.lightsaml_sp';
    }

    /**
     * Defines the position at which the provider is called.
     * Possible values: pre_auth, form, http, and remember_me.
     *
     * @return string
     */
    public function getPosition()
    {
        return 'form';
    }

    public function getPriority(): int
    {
        return 0;
    }

    public function getKey(): string
    {
        return 'light_saml_sp';
    }

    protected function createEntryPoint($container, $id, $config, $defaultEntryPointId)
    {
        $entryPointId = 'security.authentication.form_entry_point.'.$id;

        if (class_exists('Symfony\Component\DependencyInjection\ChildDefinition')) {
            // Symfony >= 3.3
            $definition = new ChildDefinition('security.authentication.form_entry_point');
        } else {
            // Symfony < 3.3
            $definition = new DefinitionDecorator('security.authentication.form_entry_point');
        }

        $container
            ->setDefinition($entryPointId, $definition)
            ->addArgument(new Reference('security.http_utils'))
            ->addArgument($config['login_path'])
            ->addArgument($config['use_forward'])
        ;

        return $entryPointId;
    }
}