src/Security/GoogleAuthenticator.php line 23

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\Club;
  6. use App\Entity\ClubManager;
  7. use App\Entity\User;
  8. use Doctrine\ORM\EntityManagerInterface;
  9. use KnpU\OAuth2ClientBundle\Client\ClientRegistry;
  10. use KnpU\OAuth2ClientBundle\Security\Authenticator\OAuth2Authenticator;
  11. use League\OAuth2\Client\Provider\GoogleUser;
  12. use Symfony\Component\HttpFoundation\RedirectResponse;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\Routing\RouterInterface;
  16. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  17. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  18. use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
  19. use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
  20. use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
  21. use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
  23. class GoogleAuthenticator extends OAuth2Authenticator implements AuthenticationEntrypointInterface
  24. {
  25.     private $clientRegistry;
  26.     private $entityManager;
  27.     private $router;
  29.     public function __construct(ClientRegistry $clientRegistryEntityManagerInterface $entityManagerRouterInterface $router)
  30.     {
  31.         $this->clientRegistry $clientRegistry;
  32.         $this->entityManager $entityManager;
  33.         $this->router $router;
  34.     }
  36.     public function supports(Request $request): ?bool
  37.     {
  38.         // continue ONLY if the current ROUTE matches the check ROUTE
  39.         return $request->attributes->get('_route') === 'connect_google_check';
  40.     }
  42.     public function authenticate(Request $request): Passport
  43.     {
  44.         $client $this->clientRegistry->getClient('google');
  45.         $accessToken $this->fetchAccessToken($client);
  47.         return new SelfValidatingPassport(
  48.             new UserBadge($accessToken->getToken(), function() use ($accessToken$client) {
  50.                 /** @var GoogleUser $googleUser */
  51.                 $googleUser $client->fetchUserFromToken($accessToken);
  52.                 $email $googleUser->getEmail();
  53.                 $existingUser $this->entityManager->getRepository(User::class)->findOneBy(['googleId' => $googleUser->getId()]);
  55.                 if ($existingUser) {
  56.                     return $existingUser;
  57.                 }
  59.                 $user $this->entityManager->getRepository(User::class)->findOneBy(['email' => $email]);
  61.                 if ($user){
  62.                     $user->setGoogleId($googleUser->getId());
  63.                     $this->entityManager->persist($user);
  64.                     $this->entityManager->flush();
  65.                 }
  67.                 return $user;
  68.             })
  69.         );
  70.     }
  72.     public function onAuthenticationSuccess(Request $requestTokenInterface $tokenstring $firewallName): ?Response
  73.     {
  74.         $targetUrl $this->router->generate('home');
  75.         return new RedirectResponse($targetUrl);
  76.     }
  78.     public function onAuthenticationFailure(Request $requestAuthenticationException $exception): ?Response
  79.     {
  80.         $targetUrl $this->router->generate('home');
  81.         return new RedirectResponse($targetUrl);
  82.     }
  84.     /**
  85.      * Called when authentication is needed, but it's not sent.
  86.      * This redirects to the 'login'.
  87.      */
  88.     public function start(Request $requestAuthenticationException $authException null): Response
  89.     {
  90.         return new RedirectResponse(
  91.             '/login',
  92.             Response::HTTP_TEMPORARY_REDIRECT
  93.         );
  94.     }
  95. }