2022-03-19 00:14:20 +01:00
|
|
|
<?php
|
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
// Largely inspired by Firefly III remote user implementation (https://github.com/firefly-iii)
|
2022-03-19 00:14:20 +01:00
|
|
|
// see https://github.com/firefly-iii/firefly-iii/blob/main/app/Support/Authentication/RemoteUserProvider.php
|
|
|
|
|
|
|
|
namespace App\Extensions;
|
|
|
|
|
|
|
|
use App\Models\User;
|
|
|
|
use Illuminate\Contracts\Auth\Authenticatable;
|
|
|
|
use Illuminate\Contracts\Auth\UserProvider;
|
2022-03-24 14:58:30 +01:00
|
|
|
use Illuminate\Support\Arr;
|
2022-03-19 00:14:20 +01:00
|
|
|
use Exception;
|
|
|
|
|
|
|
|
class RemoteUserProvider implements UserProvider
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* @inheritDoc
|
|
|
|
*/
|
2022-03-24 14:58:30 +01:00
|
|
|
public function retrieveById($identifier)
|
2022-03-19 00:14:20 +01:00
|
|
|
{
|
2022-03-24 14:58:30 +01:00
|
|
|
// 2FAuth is single user by design and domain data are not coupled to the user model.
|
|
|
|
// So we provide a non-persisted user, dynamically instanciated using data
|
|
|
|
// from the auth proxy.
|
|
|
|
// This way no matter the user account used at proxy level, 2FAuth will always
|
|
|
|
// authenticate a request from the proxy and will return domain data without restriction.
|
|
|
|
//
|
|
|
|
// The downside of this approach is that we have to be sure that no change that needs
|
|
|
|
// to be persisted will be made to the user instance afterward (i.e through middlewares).
|
2022-03-19 00:14:20 +01:00
|
|
|
|
2022-03-24 14:58:30 +01:00
|
|
|
$user = new User;
|
|
|
|
$user->name = $identifier['user'];
|
2022-05-18 16:09:41 +02:00
|
|
|
$user->email = Arr::has($identifier, 'email') ? : 'user@auth.proxy';
|
2022-03-19 00:14:20 +01:00
|
|
|
|
|
|
|
return $user;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritDoc
|
2022-03-31 08:38:35 +02:00
|
|
|
*
|
|
|
|
* @codeCoverageIgnore
|
2022-03-19 00:14:20 +01:00
|
|
|
*/
|
|
|
|
public function retrieveByToken($identifier, $token)
|
|
|
|
{
|
|
|
|
throw new Exception(sprintf('No implementation for %s', __METHOD__));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritDoc
|
2022-03-31 08:38:35 +02:00
|
|
|
*
|
|
|
|
* @codeCoverageIgnore
|
2022-03-19 00:14:20 +01:00
|
|
|
*/
|
|
|
|
public function updateRememberToken(Authenticatable $user, $token)
|
|
|
|
{
|
|
|
|
throw new Exception(sprintf('No implementation for %s', __METHOD__));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritDoc
|
2022-03-31 08:38:35 +02:00
|
|
|
*
|
|
|
|
* @codeCoverageIgnore
|
2022-03-19 00:14:20 +01:00
|
|
|
*/
|
|
|
|
public function retrieveByCredentials(array $credentials)
|
|
|
|
{
|
|
|
|
throw new Exception(sprintf('No implementation for %s', __METHOD__));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @inheritDoc
|
2022-03-31 08:38:35 +02:00
|
|
|
*
|
|
|
|
* @codeCoverageIgnore
|
2022-03-19 00:14:20 +01:00
|
|
|
*/
|
|
|
|
public function validateCredentials(Authenticatable $user, array $credentials)
|
|
|
|
{
|
|
|
|
throw new Exception(sprintf('No implementation for %s', __METHOD__));
|
|
|
|
}
|
|
|
|
}
|