tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add AuthenticationHook 

Created AuthenticationHook class with two main methods: onLogin and
onLogout that are called after login and before logout.
This commit is contained in:
Davide Bizzarri 2018-03-28 14:42:48 +02:00
parent c0e8b33b33
commit 8b5fe61996
3 changed files with 85 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
application/controllers/AuthenticationController.php
View File

@ -3,6 +3,7 @@
namespace Icinga\Controllers;
use Icinga\Application\Hook\AuthenticationHook;
use Icinga\Application\Icinga;
use Icinga\Forms\Authentication\LoginForm;
use Icinga\Web\Controller;
@ -35,6 +36,9 @@ class AuthenticationController extends Controller
}
$form = new LoginForm();
if ($this->Auth()->isAuthenticated()) {
// Call provided AuthenticationHook(s) when login action is called
// but icinga web user is already authenticated
AuthenticationHook::triggerLogin($this->Auth()->getUser());
$this->redirectNow($form->getRedirectUrl());
}
if (! $requiresSetup) {
@ -66,6 +70,8 @@ class AuthenticationController extends Controller
// Get info whether the user is externally authenticated before removing authorization which destroys the
// session and the user object
$isExternalUser = $auth->getUser()->isExternalUser();
// Call provided AuthenticationHook(s) when logout action is called
AuthenticationHook::triggerLogout($auth->getUser());
$auth->removeAuthorization();
if ($isExternalUser) {
$this->getResponse()->setHttpResponseCode(401);

3
application/forms/Authentication/LoginForm.php
View File

@ -4,6 +4,7 @@
namespace Icinga\Forms\Authentication;
use Icinga\Application\Config;
use Icinga\Application\Hook\AuthenticationHook;
use Icinga\Authentication\Auth;
use Icinga\Authentication\User\ExternalBackend;
use Icinga\User;
@ -95,6 +96,8 @@ class LoginForm extends Form
$authenticated = $authChain->authenticate($user, $password);
if ($authenticated) {
$auth->setAuthenticated($user);
// Call provided AuthenticationHook(s) after successful login
AuthenticationHook::triggerLogin($user);
$this->getResponse()->setRerenderLayout(true);
return true;
}

76
library/Icinga/Application/Hook/AuthenticationHook.php Normal file
View File

@ -0,0 +1,76 @@
<?php
namespace Icinga\Application\Hook;
use Icinga\User;
use Icinga\Web\Hook;
use Icinga\Application\Logger;
/**
* Icinga Web Authentication Hook base class
*
* This hook can be used to authenticate the user in a third party application.
* Extend this class if you want to perform arbitrary actions during the login and logout.
*/
abstract class AuthenticationHook
{
/**
* Name of the hook
*/
const NAME = 'authentication';
/**
* Triggered after login in Icinga Web and when calling login action even if already authenticated in Icinga Web
*
* @param User $user
*/
public function onLogin(User $user)
{
}
/**
* Triggered before logout from Icinga Web
*
* @param User $user
*/
public function onLogout(User $user)
{
}
/**
* Call the onLogin() method of all registered AuthHook(s)
*
* @param User $user
*/
public static function triggerLogin(User $user)
{
/** @var AuthenticationHook $hook */
foreach (Hook::all(self::NAME) as $hook) {
try {
$hook->onLogin($user);
} catch (\Exception $e) {
// Avoid error propagation if login failed in third party application
Logger::error($e);
}
}
}
/**
* Call the onLogout() method of all registered AuthHook(s)
*
* @param User $user
*/
public static function triggerLogout(User $user)
{
/** @var AuthenticationHook $hook */
foreach (Hook::all(self::NAME) as $hook) {
try {
$hook->onLogout($user);
} catch (\Exception $e) {
// Avoid error propagation if login failed in third party application
Logger::error($e);
}
}
}
}