1<?php 2 3/* 4 * This file is part of the Symfony package. 5 * 6 * (c) Fabien Potencier <fabien@symfony.com> 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12namespace Symfony\Component\Security\Http\Firewall; 13 14use Psr\Log\LoggerInterface; 15use Symfony\Component\EventDispatcher\EventDispatcherInterface; 16use Symfony\Component\HttpFoundation\Request; 17use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; 18use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; 19use Symfony\Component\Security\Core\Exception\BadCredentialsException; 20 21/** 22 * X509 authentication listener. 23 * 24 * @author Fabien Potencier <fabien@symfony.com> 25 */ 26class X509AuthenticationListener extends AbstractPreAuthenticatedListener 27{ 28 private $userKey; 29 private $credentialKey; 30 31 public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) 32 { 33 parent::__construct($tokenStorage, $authenticationManager, $providerKey, $logger, $dispatcher); 34 35 $this->userKey = $userKey; 36 $this->credentialKey = $credentialKey; 37 } 38 39 /** 40 * {@inheritdoc} 41 */ 42 protected function getPreAuthenticatedData(Request $request) 43 { 44 $user = null; 45 if ($request->server->has($this->userKey)) { 46 $user = $request->server->get($this->userKey); 47 } elseif ( 48 $request->server->has($this->credentialKey) 49 && preg_match('#emailAddress=([^,/@]++@[^,/]++)#', $request->server->get($this->credentialKey), $matches) 50 ) { 51 $user = $matches[1]; 52 } 53 54 if (null === $user) { 55 throw new BadCredentialsException(sprintf('SSL credentials not found: "%s", "%s".', $this->userKey, $this->credentialKey)); 56 } 57 58 return [$user, $request->server->get($this->credentialKey, '')]; 59 } 60} 61