vendor/scheb/2fa-bundle/Security/Http/Firewall/ExceptionListener.php line 58

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Scheb\TwoFactorBundle\Security\Http\Firewall;
  7. use Scheb\TwoFactorBundle\Security\Authentication\Token\TwoFactorTokenInterface;
  8. use Scheb\TwoFactorBundle\Security\Http\Authentication\AuthenticationRequiredHandlerInterface;
  9. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvent;
  10. use Scheb\TwoFactorBundle\Security\TwoFactor\Event\TwoFactorAuthenticationEvents;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  13. use Symfony\Component\HttpKernel\KernelEvents;
  14. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  15. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  16. use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
  18. /**
  19.  * @final
  20.  */
  21. class ExceptionListener implements EventSubscriberInterface
  22. {
  23.     // Just before the firewall's Symfony\Component\Security\Http\Firewall\ExceptionListener
  24.     private const LISTENER_PRIORITY 2;
  26.     /**
  27.      * @var string
  28.      */
  29.     private $firewallName;
  31.     /**
  32.      * @var TokenStorageInterface
  33.      */
  34.     private $tokenStorage;
  36.     /**
  37.      * @var AuthenticationRequiredHandlerInterface
  38.      */
  39.     private $authenticationRequiredHandler;
  41.     /**
  42.      * @var EventDispatcherInterface
  43.      */
  44.     private $eventDispatcher;
  46.     public function __construct(
  47.         string $firewallName,
  48.         TokenStorageInterface $tokenStorage,
  49.         AuthenticationRequiredHandlerInterface $authenticationRequiredHandler,
  50.         EventDispatcherInterface $eventDispatcher
  51.     ) {
  52.         $this->firewallName $firewallName;
  53.         $this->tokenStorage $tokenStorage;
  54.         $this->authenticationRequiredHandler $authenticationRequiredHandler;
  55.         $this->eventDispatcher $eventDispatcher;
  56.     }
  58.     public function onKernelException(ExceptionEvent $event): void
  59.     {
  60.         $exception $event->getThrowable();
  61.         do {
  62.             if ($exception instanceof AccessDeniedException) {
  63.                 $this->handleAccessDeniedException($event);
  65.                 return;
  66.             }
  67.         } while (null !== $exception $exception->getPrevious());
  68.     }
  70.     private function handleAccessDeniedException(ExceptionEvent $exceptionEvent): void
  71.     {
  72.         $token $this->tokenStorage->getToken();
  73.         if (!($token instanceof TwoFactorTokenInterface && $token->getProviderKey(true) === $this->firewallName)) {
  74.             return;
  75.         }
  77.         /** @var TwoFactorTokenInterface $token */
  78.         $request $exceptionEvent->getRequest();
  80.         $event = new TwoFactorAuthenticationEvent($request$token);
  81.         $this->eventDispatcher->dispatch($eventTwoFactorAuthenticationEvents::REQUIRE);
  83.         $response $this->authenticationRequiredHandler->onAuthenticationRequired($request$token);
  84.         $exceptionEvent->allowCustomResponseCode();
  85.         $exceptionEvent->setResponse($response);
  86.     }
  88.     public static function getSubscribedEvents(): array
  89.     {
  90.         return [
  91.             KernelEvents::EXCEPTION => ['onKernelException'self::LISTENER_PRIORITY],
  92.         ];
  93.     }
  94. }