Authentication Validator #3420

Merged
merged 3 commits into from Jan 14, 2013

Projects

None yet

3 participants

@mwillbanks
Contributor

Overview

The Authentication Validator implements a common validator that can be leveraged on forms and the like to be able to ease authentication. It utilizes the AuthenticationService internally providing much of the functionality.

Usage

While the example below is explicit; you may specify the identity and credential as fields to be leveraged in the context. This allows for things like an InputFilter inside of a form to set the proper fields.

Explicit

use Zend\Authentication\Validator\Authentication as AuthenticationValidator;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Adapter\Ldap;

$validator = new AuthenticationValidator(
    'adapter' => new Ldap(),
    'service' => new AuthenticationService()
);
$validator->setIdentity('myidentity');
$validator->isValid('mycredential');

Changes

All Authentication Adapters must now extend AbstractAdapter which implements a (set|get)Identity and (set|get)Credential. The adapters do not always have to leverage them such as the case with the Http adapter (which you would not leverage in this context). However, when using the validator the validator requires these columns to be utilized.

@Ocramius Ocramius commented on the diff Jan 12, 2013
library/Zend/Authentication/Validator/Authentication.php
+ self::IDENTITY_NOT_FOUND => 'Invalid identity',
+ self::IDENTITY_AMBIGUOUS => 'Identity is ambiguous',
+ self::CREDENTIAL_INVALID => 'Invalid password',
+ self::UNCATEGORIZED => 'Authentication failed',
+ self::GENERAL => 'Authentication failed',
+ );
+
+ /**
+ * Authentication Adapter
+ * @var Zend\Authentication\Adapter\Adapter
+ */
+ protected $adapter;
+
+ /**
+ * Identity (or field)
+ * @var string
@Ocramius
Ocramius Jan 12, 2013 Member

As we discussed on IRC, you may want to describe why you localized the context.

@mwillbanks
mwillbanks Jan 13, 2013 Contributor

Actually the localization here is to follow the existing validator patterns. Since validators have error messages that are validates (based on the adapter errors) this is where the error messages come into play. This is why the localization is available.

@weierophinney
Member

@mwillbanks I suggest you add a new interface for ValidatableAdapter or similar that defines the accessors and mutators for identity and credential, and have AbstractAdapter implement those, and the validator test for that interface. That will allow adapters to retain BC, both in those shipped and those that end-users write for themselves. The validator can ignore any adapter that does not implement the interface, and/or raise an exception.

@mwillbanks
Contributor

sounds like a great idea; that way i can then remove the Http from the AbstractAdapter since it is not leveraged. Should have an update back to you shortly.

@mwillbanks mwillbanks Updated AbstractAdapter based on feedback to provide a validatable ad…
…apter interface, changed contract in the Authentication validator to ensure that the adapter must be a ValidatableAdapterInterface
34858eb
@mwillbanks
Contributor

@weierophinney I've updated based on feedback. In terms of the validator i simply changed the contract to require the adapter to be of type ValidatableAdapterInterface.

@weierophinney weierophinney merged commit 34858eb into zendframework:develop Jan 14, 2013
@weierophinney weierophinney added a commit to zendframework/zend-authentication that referenced this pull request May 14, 2015
@weierophinney weierophinney Merge branch 'feature/3420' into develop eef23f4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment