PHP Class AppserverIo\Appserver\ServletEngine\Security\Auth\Spi\UsernamePasswordLoginModule

See link: https://github.com/appserver-io/appserver
See link: http://www.appserver.io
Author: Tim Wagner ([email protected])
Inheritance: extends AbstractLoginModule
Show file Open project: appserver-io/appserver Class Usage Examples

Public Methods

Method Description
initialize ( AppserverIo\Psr\Security\Auth\Subject $subject, AppserverIo\Psr\Security\Auth\Callback\CallbackHandlerInterface $callbackHandler, AppserverIo\Collections\MapInterface $sharedState, AppserverIo\Collections\MapInterface $params ) : void Initialize the login module. This stores the subject, callbackHandler and sharedState and options for the login session. Subclasses should override if they need to process their own options. A call to parent::initialize() must be made in the case of an override.
login ( ) : boolean Perform the authentication of username and password.

Protected Methods

Method Description
createPasswordHash ( string $name, string $password ) : AppserverIo\Lang\String If hashing is enabled, this method is called from login() prior to password validation.
getCredentials ( ) : AppserverIo\Lang\String Return's the proof of login identity.
getIdentity ( ) : AppserverIo\Psr\Security\PrincipalInterface Return's the authenticated user identity.
getUsername ( ) : AppserverIo\Lang\String Return's the principal's username.
getUsersPassword ( ) : AppserverIo\Lang\String Returns the password for the user from the sharedMap data.
validatePassword ( string $inputPassword, string $expectedPassword ) : boolean A hook that allows subclasses to change the validation of the input password against the expected password. This version checks that neither inputPassword or expectedPassword are null that that inputPassword.equals(expectedPassword) is true;

Method Details

createPasswordHash() protected method

Subclasses may override it to provide customized password hashing, for example by adding user-specific information or salting. The default version calculates the hash based on the following options: hashAlgorithm: The digest algorithm to use. hashEncoding: The format used to store the hashes (base64 or hex) hashCharset: The encoding used to convert the password to bytes for hashing. digestCallback: The class name of the digest callback implementation that includes pre/post digest content like salts. It will return null if the hash fails for any reason, which will in turn cause validatePassword() to fail.
protected createPasswordHash ( string $name, string $password ) : AppserverIo\Lang\String
$name string Ignored in default version
$password string The password string to be hashed
return AppserverIo\Lang\String The hashed password

getCredentials() protected method

Return's the proof of login identity.
protected getCredentials ( ) : AppserverIo\Lang\String
return AppserverIo\Lang\String The proof of login identity

getIdentity() protected method

Return's the authenticated user identity.
protected getIdentity ( ) : AppserverIo\Psr\Security\PrincipalInterface
return AppserverIo\Psr\Security\PrincipalInterface The user identity

getUsername() protected method

Return's the principal's username.
protected getUsername ( ) : AppserverIo\Lang\String
return AppserverIo\Lang\String The username

getUsersPassword() abstract protected method

Returns the password for the user from the sharedMap data.
abstract protected getUsersPassword ( ) : AppserverIo\Lang\String
return AppserverIo\Lang\String The user's password

initialize() public method

The following parameters can by default be passed from the configuration. lookupName: The datasource name used to lookup in the naming directory rolesQuery: The database query used to load the user's roles principalsQuery: The database query used to load the user
public initialize ( AppserverIo\Psr\Security\Auth\Subject $subject, AppserverIo\Psr\Security\Auth\Callback\CallbackHandlerInterface $callbackHandler, AppserverIo\Collections\MapInterface $sharedState, AppserverIo\Collections\MapInterface $params ) : void
$subject AppserverIo\Psr\Security\Auth\Subject The Subject to update after a successful login
$callbackHandler AppserverIo\Psr\Security\Auth\Callback\CallbackHandlerInterface The callback handler that will be used to obtain the user identity and credentials
$sharedState AppserverIo\Collections\MapInterface A map shared between all configured login module instances
$params AppserverIo\Collections\MapInterface The parameters passed to the login module
return void

login() public method

Perform the authentication of username and password.
public login ( ) : boolean
return boolean TRUE when login has been successfull, else FALSE

validatePassword() protected method

A hook that allows subclasses to change the validation of the input password against the expected password. This version checks that neither inputPassword or expectedPassword are null that that inputPassword.equals(expectedPassword) is true;
protected validatePassword ( string $inputPassword, string $expectedPassword ) : boolean
$inputPassword string The specified password
$expectedPassword string The expected password
return boolean TRUE if the inputPassword is valid, FALSE otherwise