Separate Authenticate function and subAuthentication depending of use…

…r type
BorisMorel · Dec 17, 2013 · 7153b68 · 7153b68
1 parent f55a991
commit 7153b68
Showing 1 changed file with 42 additions and 29 deletions.
diff --git a/Provider/LdapAuthenticationProvider.php b/Provider/LdapAuthenticationProvider.php
@@ -79,55 +79,68 @@ public function authenticate(TokenInterface $token)
         }
 
         if ($user instanceof LdapUserInterface) {
-            if (null !== $this->dispatcher) {
-                $userEvent = new LdapUserEvent($user);
-                try {
-                    $this->dispatcher->dispatch(LdapEvents::PRE_BIND, $userEvent);
-                } catch (AuthenticationException $expt) {
-                    if ($this->hideUserNotFoundExceptions) {
-                        throw new BadCredentialsException('Bad credentials', 0, $expt);
-                    }
+            return $this->ldapAuthenticate($user);
+        }
 
-                    throw $expt;
+        if ($user instanceof UserInterface) {
+            return $this->daoAuthenticationProvider->authenticate($token);
+        }
+    }
+
+    /**
+     * Authentication logic to allow Ldap user
+     *
+     * @param \IMAG\LdapBundle\User\LdapUserInterface  $user
+     *
+     * @return \IMAG\LdapBundle\Authentication\Token\LdapToken $ldapToken
+     */
+    private function ldapAuthenticate(LdapUserInterface $user)
+    {
+        if (null !== $this->dispatcher) {
+            $userEvent = new LdapUserEvent($user);
+            try {
+                $this->dispatcher->dispatch(LdapEvents::PRE_BIND, $userEvent);
+            } catch (AuthenticationException $expt) {
+                if ($this->hideUserNotFoundExceptions) {
+                    throw new BadCredentialsException('Bad credentials', 0, $expt);
                 }
+
+                throw $expt;
             }
+        }
 
-            if ($this->bind($user, $token)) {
-                if (false === $user->getDn()) {
-                    $user = $this->reloadUser($user);
-                }
+        if ($this->bind($user, $token)) {
+            if (false === $user->getDn()) {
+                $user = $this->reloadUser($user);
+            }
 
-                $ldapToken = new LdapToken($user, $this->providerKey, $user->getRoles());
-                $ldapToken->setAuthenticated(true);
-                $ldapToken->setAttributes($token->getAttributes());
+            $ldapToken = new LdapToken($user, $this->providerKey, $user->getRoles());
+            $ldapToken->setAuthenticated(true);
+            $ldapToken->setAttributes($token->getAttributes());
 
+            if (null !== $this->dispatcher) {
                 $ldapTokenEvent = new LdapTokenEvent($ldapToken);
-
                 try {
                     $this->dispatcher->dispatch(LdapEvents::POST_BIND, $ldapTokenEvent);
                 } catch (AuthenticationException $authenticationException) {
                     if ($this->hideUserNotFoundExceptions) {
                         throw new BadCredentialsException('Bad credentials', 0, $authenticationException);
                     }
-
+                    
                     throw $authenticationException;
                 }
-
-                return $ldapToken;
             }
 
-            if ($this->hideUserNotFoundExceptions) {
-                throw new BadCredentialsException('Bad credentials');
-            } else {
-                throw new AuthenticationException('The LDAP authentication failed.');
-            }
+            return $ldapToken;
         }
-
-        if ($user instanceof UserInterface) {
-            return $this->daoAuthenticationProvider->authenticate($token);
+
+        if ($this->hideUserNotFoundExceptions) {
+            throw new BadCredentialsException('Bad credentials');
+        } else {
+            throw new AuthenticationException('The LDAP authentication failed.');
         }
     }
-
+        
     /**
      * Authenticate the user with LDAP bind.
      *