src/Controller/SecurityController.php line 126

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the Symfony package.
  5. *
  6. * (c) Fabien Potencier <fabien@symfony.com>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace App\Controller;
  14. use App\Entity\LoginLog;
  15. use App\Repository\UserRepository;
  16. use App\Services\OktaApiService;
  17. use Doctrine\ORM\EntityManagerInterface;
  18. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  19. use Symfony\Component\HttpFoundation\Request;
  20. use Symfony\Component\HttpFoundation\Response;
  21. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  22. use Symfony\Component\Routing\Annotation\Route;
  23. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  24. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  26. /**
  27. * Controller used to manage the application security.
  28. * See https://symfony.com/doc/current/cookbook/security/form_login_setup.html.
  29. *
  30. * @author Ryan Weaver <weaverryan@gmail.com>
  31. * @author Javier Eguiluz <javier.eguiluz@gmail.com>
  32. */
  33. class SecurityController extends AbstractController
  34. {
  36. private SessionInterface $session;
  37. private OktaApiService $okta;
  38. private UserRepository $userRepository;
  39. private EntityManagerInterface $em;
  40. private TokenStorageInterface $tokenStorage;
  42. public function __construct(
  43. SessionInterface $session,
  44. OktaApiService $okta,
  45. UserRepository $UserRepository,
  46. EntityManagerInterface $em,
  47. TokenStorageInterface $tokenStorage
  48. ) {
  49. $this->session = $session;
  50. $this->okta = $okta;
  51. $this->userRepository = $UserRepository;
  52. $this->em = $em;
  53. $this->tokenStorage = $tokenStorage;
  54. }
  56. /**
  57. * @Route("/errorlogin", name="security_errorlogin")
  58. */
  59. public function errorlogin(AuthenticationUtils $helper): Response
  60. {
  61. return $this->render('security/login.html.twig', [
  62. // last username entered by the user (if any)
  63. 'last_username' => '',
  64. 'logoutMessage' => '',
  65. // last authentication error (if any)
  66. 'error' => $helper->getLastAuthenticationError(),
  67. 'errorMessage' => 'You do not have access to this application. Please request access to Baker Hughes team',
  68. 'legacy' => 'N', 'myidurl' => $this->okta->buildAuthorizeUrl(),
  70. ]);
  71. }
  73. private function LoginLog($user, $username, $action, $attuale, $request) {
  74. $ip = $request->getClientIp();
  75. $loginLog = new LoginLog();
  76. // $location = []; //unserialize(file_get_contents('http://www.geoplugin.net/php.gp?ip=' . $ip)); //$_SERVER['REMOTE_ADDR']);
  77. $_tmp = file_get_contents('https://ipinfo.io/' . $ip . '/json');
  78. if ((bool) $_tmp) {
  79. $location = json_decode($_tmp, true);
  80. if (json_last_error() !== JSON_ERROR_NONE || !is_array($location)) {
  81. $location = [];
  82. }
  83. } else {
  84. $location = [];
  85. }
  87. $loginLog->setUser($user);
  88. $loginLog->setUsername($username);
  89. $loginLog->setDataLogin(new \DateTime());
  90. $loginLog->setAttuale($attuale);
  91. $loginLog->setAAction($action);
  92. $loginLog->setAIp($ip);
  93. $loginLog->setAAgent($request->headers->get('User-Agent'));
  94. $loginLog->setGeoLoc($location);
  95. $this->em->persist($loginLog);
  96. $this->em->flush();
  97. }
  99. /**
  100. * @Route("/logoutpage", name="security_logoutpage")
  101. */
  102. public function logoutpage(Request $request, AuthenticationUtils $helper): Response
  103. {
  104. $user = $this->getUser();
  105. if ($user != null) {
  106. $this->LoginLog($user, $user->getUsername(), 9003, 0, $request);
  107. }
  108. $this->session->set('userislocked', 0);
  109. $this->tokenStorage->setToken(null);
  110. $this->session->set('_security_main', null);
  111. return $this->render('security/login.html.twig', [
  112. // last username entered by the user (if any)
  113. 'last_username' => '',
  114. // last authentication error (if any)
  115. 'error' => $helper->getLastAuthenticationError(),
  116. 'logoutMessage' => 'Logout successful',
  117. 'errorMessage' => '',
  118. 'legacy' => 'N', 'myidurl' => $this->okta->buildAuthorizeUrl(),
  120. ]);
  121. }
  123. /**
  124. * @Route("/login", name="security_login")
  125. */
  126. public function login(AuthenticationUtils $helper): Response
  127. {
  129. if ($this->getParameter('app.legacy_login') === 'Y') {
  130. return $this->render('security/login.html.twig', [
  131. // last username entered by the user (if any)
  132. 'last_username' => $helper->getLastUsername(),
  133. // last authentication error (if any)
  134. 'logoutMessage' => '',
  135. 'error' => $helper->getLastAuthenticationError(),
  136. 'errorMessage' => '',
  137. 'legacy' => 'Y', 'myidurl' => ''
  138. ]);
  139. }
  140. else {
  141. return $this->redirect($this->okta->buildAuthorizeUrl());
  142. }
  146. /* $token = $this->okta->authorizeUser();
  148. if (!$token) {
  149. // return $this->redirectToRoute('home');
  150. return $this->render('security/login.html.twig', [
  151. // last username entered by the user (if any)
  152. 'last_username' => $helper->getLastUsername(),
  153. // last authentication error (if any)
  154. 'error' => $helper->getLastAuthenticationError(),
  155. 'legacy' => 'N',
  156. 'myidurl' => $this->getParameter('app.okta_app_url')
  157. ]);
  158. }
  160. $email = $token->email;
  161. $username = $token->username;
  162. $user = $this->userRepository->loadUserByUsername($username);
  164. if (! $user) {
  166. return $this->render('security/login.html.twig', [
  167. // last username entered by the user (if any)
  168. 'last_username' => $helper->getLastUsername(),
  169. // last authentication error (if any)
  170. 'error' => 'Unable to login',
  171. 'legacy' => 'N', 'myidurl' => $this->getParameter('app.okta_app_url')]);
  172. }
  174. // Manually authenticate the user
  175. $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
  176. $this->get('security.token_storage')->setToken($token);
  177. $this->get('session')->set('_security_main', serialize($token));
  179. return $this->redirectToRoute('welcome_page');
  180. */
  181. /*
  182. return $this->render('security/login.html.twig', [
  183. // last username entered by the user (if any)
  184. 'last_username' => $helper->getLastUsername(),
  185. // last authentication error (if any)
  186. 'error' => $helper->getLastAuthenticationError(),
  187. ]);
  189. * */
  190. }
  193. /**
  194. * This is the route the user can use to logout.
  195. *
  196. * But, this will never be executed. Symfony will intercept this first
  197. * and handle the logout automatically. See logout in app/config/security.yml
  198. *
  199. * @Route("/logout", name="security_logout")
  200. */
  201. public function logout(): void
  202. {
  203. throw new \Exception('This should never be reached!');
  204. }
  205. }