AbstractAuthenticationController
abstract class AbstractAuthenticationController extends ActionController (View source)
An action controller for generic authentication in Flow
Properties
protected UriBuilder | $uriBuilder | from AbstractController | |
protected ValidatorResolver | $validatorResolver | from AbstractController | |
protected ActionRequest | $request | The current action request directed to this controller |
from AbstractController |
protected ActionResponse deprecated | $response | The legacy response which will is provide by this action controller |
from AbstractController |
protected Arguments | $arguments | Arguments passed to the controller |
from AbstractController |
protected ControllerContext | $controllerContext | from AbstractController | |
protected PersistenceManagerInterface | $persistenceManager | from AbstractController | |
protected array | $supportedMediaTypes | A list of IANA media types which are supported by this controller |
from AbstractController |
protected string | $negotiatedMediaType | The media type that was negotiated by this controller |
from AbstractController |
protected ObjectManagerInterface | $objectManager | from ActionController | |
protected ReflectionService | $reflectionService | from ActionController | |
protected MvcPropertyMappingConfigurationService | $mvcPropertyMappingConfigurationService | from ActionController | |
protected ViewConfigurationManager | $viewConfigurationManager | from ActionController | |
protected ViewInterface | $view | The current view, as resolved by resolveView() |
from ActionController |
protected string | $viewObjectNamePattern | Pattern after which the view object name is built if no format-specific view could be resolved. |
from ActionController |
protected array | $viewFormatToObjectNameMap | A list of formats and object names of the views which should render them. |
from ActionController |
protected string | $defaultViewObjectName | The default view object to use if none of the resolved views can render a response for the current request. |
from ActionController |
protected string | $defaultViewImplementation | from ActionController | |
protected string | $actionMethodName | Name of the action method |
from ActionController |
protected string | $errorMethodName | Name of the special error action method which is called in case of errors |
from ActionController |
protected array | $settings | from ActionController | |
protected LoggerInterface | $logger | from ActionController | |
protected bool | $enableDynamicTypeValidation | Feature flag to enable the potentially breaking support of validation for dynamic types specified with |
from ActionController |
protected AuthenticationManagerInterface | $authenticationManager | ||
protected Context | $securityContext |
Methods
Creates a Message object and adds it to the FlashMessageContainer.
Forwards the request to another action and / or controller.
Forwards the request to another action and / or controller.
Redirects the request to another action and / or controller.
Redirects the request to another action and / or controller.
Redirects to another URI
Sends the specified HTTP status immediately.
Maps arguments delivered by the request object to the local controller arguments.
Injects the (system) logger based on PSR-3.
Handles a request. The result output is returned by altering the given response.
Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action
Returns a map of action method names and their parameters.
This is a helper method purely used to make initializeActionMethodValidators() testable without mocking static methods.
Returns a map of action method names and their validation groups.
Returns a map of action method names and their validation parameters.
Initializes the controller before invoking an action method.
Calls the specified action method and passes the arguments.
Prepares a view for the current action and stores it in $this->view.
Emit that the view is resolved. The passed ViewInterface reference, gives the possibility to add variables to the view, before passing it on to further rendering
A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.
Checks if the arguments validation result contain errors of type TargetNotFoundError and throws a TargetNotFoundException if that's the case for a top-level object.
If an error occurred during this request, this adds a flash message describing the error to the flash message container.
If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!
Returns a string containing all validation errors separated by PHP_EOL.
A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.
Renders the view and returns the psr response.
This action is used to show the login form. To make this work in your package simply create a template for this action, which could look like this in the simplest case:
Calls the authentication manager to authenticate all active tokens and redirects to the original intercepted request on success if there is one stored in the security context. If no intercepted request is found, the function simply returns.
Logs all active tokens out. Override this, if you want to have some custom action here. You can always call the parent method to do the actual logout.
Is called if authentication failed.
Is called if authentication was successful. If there has been an intercepted request due to security restrictions, you might want to use something like the following code to restart the originally intercepted request:
Details
protected
initializeController(ActionRequest $request, ActionResponse $response)
Initializes the controller
This method should be called by the concrete processRequest() method.
ControllerContext
getControllerContext()
Returns this controller's context.
Note that the context is only available after processRequest() has been called.
void
addFlashMessage(string $messageBody, string $messageTitle = '', string $severity = Error\Message::SEVERITY_OK, array $messageArguments = [], int $messageCode = null)
Creates a Message object and adds it to the FlashMessageContainer.
This method should be used to add FlashMessages rather than interacting with the container directly.
protected never
forward(string $actionName, string $controllerName = null, string $packageKey = null, array $arguments = [])
Forwards the request to another action and / or controller.
Request is directly transferred to the other action / controller
protected never
forwardToRequest(ActionRequest $request)
Forwards the request to another action and / or controller.
Request is directly transfered to the other action / controller
protected never
redirect(string $actionName, string|null $controllerName = null, string|null $packageKey = null, array $arguments = [], int $delay = 0, int $statusCode = 303, string $format = null)
Redirects the request to another action and / or controller.
Redirect will be sent to the client which then performs another request to the new URI.
NOTE: This method only supports web requests and will throw an exception if used with other request types.
protected never
redirectToRequest(ActionRequest $request, int $delay = 0, int $statusCode = 303)
Redirects the request to another action and / or controller.
Redirect will be sent to the client which then performs another request to the new URI.
protected never
redirectToUri(UriInterface $uri, int $delay = 0, int $statusCode = 303)
Redirects to another URI
protected never
throwStatus(int $statusCode, string $statusMessage = null, string $content = null)
Sends the specified HTTP status immediately.
NOTE: This method only supports web requests and will throw an exception if used with other request types.
protected void
mapRequestArgumentsToControllerArguments(ActionRequest $request, Arguments $arguments)
Maps arguments delivered by the request object to the local controller arguments.
void
injectSettings(array $settings)
No description
void
injectLogger(LoggerInterface $logger)
Injects the (system) logger based on PSR-3.
void
injectThrowableStorage(ThrowableStorageInterface $throwableStorage)
Injects the throwable storage.
ResponseInterface
processRequest(ActionRequest $request)
Handles a request. The result output is returned by altering the given response.
protected string
resolveActionMethodName(ActionRequest $request)
Resolves and checks the current action method name
protected void
initializeActionMethodArguments(Arguments $arguments)
Implementation of the arguments initialization in the action controller: Automatically registers arguments of the current action
Don't override this method - use initializeAction() instead.
static array
getActionMethodParameters(ObjectManagerInterface $objectManager)
Returns a map of action method names and their parameters.
protected array
getInformationNeededForInitializeActionMethodValidators()
This is a helper method purely used to make initializeActionMethodValidators() testable without mocking static methods.
protected void
initializeActionMethodValidators(Arguments $arguments)
Adds the needed validators to the Arguments:
- Validators checking the data type from the "@param" annotation
- Custom validators specified with validate annotations.
- Model-based validators (validate annotations in the model)
- Custom model validator classes
static array
getActionValidationGroups(ObjectManagerInterface $objectManager)
Returns a map of action method names and their validation groups.
static array
getActionValidateAnnotationData(ObjectManagerInterface $objectManager)
Returns a map of action method names and their validation parameters.
protected void
initializeAction()
Initializes the controller before invoking an action method.
Override this method to solve tasks which all actions have in common.
protected ResponseInterface
callActionMethod(ActionRequest $request, Arguments $arguments, ResponseInterface $httpResponse)
Calls the specified action method and passes the arguments.
If the action returns a string, it is appended to the content in the response object. If the action doesn't return anything and a valid view exists, the view is rendered automatically.
static array
getActionIgnoredValidationArguments(ObjectManagerInterface $objectManager)
No description
static array
getPublicActionMethods(ObjectManagerInterface $objectManager)
No description
protected ViewInterface
resolveView(ActionRequest $request)
Prepares a view for the current action and stores it in $this->view.
By default, this method tries to locate a view with a name matching the current action.
protected
emitViewResolved(ViewInterface $view)
Emit that the view is resolved. The passed ViewInterface reference, gives the possibility to add variables to the view, before passing it on to further rendering
protected mixed
resolveViewObjectName(ActionRequest $request)
Determines the fully qualified view object name.
protected void
initializeView(ViewInterface $view)
Initializes the view before invoking an action method.
Override this method to solve assign variables common for all actions or prepare the view in another way before the action is called.
protected string
errorAction()
A special action which is called if the originally intended action could not be called, for example if the arguments were not valid.
The default implementation checks for TargetNotFoundErrors, sets a flash message, request errors and forwards back to the originating action. This is suitable for most actions dealing with form input.
protected void
handleTargetNotFoundError()
Checks if the arguments validation result contain errors of type TargetNotFoundError and throws a TargetNotFoundException if that's the case for a top-level object.
You can override this method (or the errorAction()) if you need a different behavior
protected void
addErrorFlashMessage()
If an error occurred during this request, this adds a flash message describing the error to the flash message container.
protected void
forwardToReferringRequest()
If information on the request before the current request was sent, this method forwards back to the originating request. This effectively ends processing of the current request, so do not call this method before you have finished the necessary business logic!
protected string
getFlattenedValidationErrorMessage()
Returns a string containing all validation errors separated by PHP_EOL.
protected Error|false
getErrorFlashMessage()
A template method for displaying custom error flash messages, or to display no flash message at all on errors. Override this to customize the flash message in your action controller.
Note: If you implement a nice redirect in the onAuthenticationFailure() method of you login controller, this message should never be displayed.
protected ResponseInterface
renderView(ResponseInterface $httpResponse)
Renders the view and returns the psr response.
If a stream is returned it will be applied (to the most likely empty response) which was previously available as $this->response.
void
loginAction()
This action is used to show the login form. To make this work in your package simply create a template for this action, which could look like this in the simplest case:
string|null
authenticateAction()
Calls the authentication manager to authenticate all active tokens and redirects to the original intercepted request on success if there is one stored in the security context. If no intercepted request is found, the function simply returns.
If authentication fails, the result of calling the defined $errorMethodName is returned.
Note: Usually there is no need to override this action. You should use the according callback methods instead (onAuthenticationSuccess() and onAuthenticationFailure()).
void
logoutAction()
Logs all active tokens out. Override this, if you want to have some custom action here. You can always call the parent method to do the actual logout.
protected void
onAuthenticationFailure(AuthenticationRequiredException $exception = null)
Is called if authentication failed.
Override this method in your login controller to take any custom action for this event. Most likely you would want to redirect to some action showing the login form again.
abstract protected string|null
onAuthenticationSuccess(ActionRequest $originalRequest = null)
Is called if authentication was successful. If there has been an intercepted request due to security restrictions, you might want to use something like the following code to restart the originally intercepted request:
if ($originalRequest !== NULL) { $this->redirectToRequest($originalRequest); } $this->redirect('someDefaultActionAfterLogin');