Class AuthenticationService
Authentication Service
Property Summary
-
$_authenticators protected
Authentication\Authenticator\AuthenticatorCollection|nullAuthenticator collection
-
$_config protected
array<string, mixed>Runtime config
-
$_configInitialized protected
boolWhether the config property has already been configured with defaults
-
$_defaultConfig protected
arrayDefault configuration
-
$_identifiers protected
Authentication\Identifier\IdentifierCollection|nullIdentifier collection
-
$_result protected
Authentication\Authenticator\ResultInterface|nullResult of the last authenticate() call.
-
$_successfulAuthenticator protected
Authentication\Authenticator\AuthenticatorInterface|nullAuthenticator that successfully authenticated the identity.
Method Summary
-
__construct() public
Constructor
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
authenticate() public
Authenticate the request against the configured authentication adapters.
-
authenticators() public
Access the authenticator collection
-
buildIdentity() public
Builds the identity object
-
clearIdentity() public
Clears the identity from authenticators that store them and the request
-
configShallow() public
Merge provided config with existing config. Unlike
config()which does a recursive merge for nested keys, this method does a simple merge. -
getAuthenticationProvider() public
Gets the successful authenticator instance if one was successful after calling authenticate.
-
getConfig() public
Returns the config.
-
getConfigOrFail() public
Returns the config for this specific key.
-
getIdentificationProvider() public
Convenient method to gets the successful identifier instance.
-
getIdentity() public
Gets an identity object
-
getIdentityAttribute() public
Return the name of the identity attribute.
-
getImpersonationProvider() protected
Get impersonation provider
-
getLoginRedirect() public
Return the URL that an authenticated user came from or null.
-
getResult() public
Gets the result of the last authenticate() call.
-
getUnauthenticatedRedirectUrl() public
Return the URL to redirect unauthenticated users to.
-
identifiers() public
Access the identifier collection
-
impersonate() public
Impersonates a user
-
isImpersonating() public
Returns true if impersonation is being done
-
loadAuthenticator() public
Loads an authenticator.
-
loadIdentifier() public
Loads an identifier.
-
persistIdentity() public
Sets identity data and persists it in the authenticators that support it.
-
setConfig() public
Sets the config.
-
stopImpersonating() public
Stops impersonation
Method Detail
__construct() ¶ public
__construct(array $config = [])Constructor
Parameters
-
array$config optional Configuration options.
_configDelete() ¶ protected
_configDelete(string $key): voidDeletes a single config key.
Parameters
-
string$key Key to delete.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixedReads a config key.
Parameters
-
string|null$key Key to read.
Returns
mixed_configWrite() ¶ protected
_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): voidWrites a config key.
Parameters
-
array<string, mixed>|string$key Key to write to.
-
mixed$value Value to write.
-
string|bool$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
voidThrows
Cake\Core\Exception\CakeExceptionif attempting to clobber existing config
authenticate() ¶ public
authenticate(Psr\Http\Message\ServerRequestInterface $request): Authentication\Authenticator\ResultInterfaceAuthenticate the request against the configured authentication adapters.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request.
Returns
Authentication\Authenticator\ResultInterfaceThrows
RuntimeExceptionThrows a runtime exception when no authenticators are loaded.
authenticators() ¶ public
authenticators(): Authentication\Authenticator\AuthenticatorCollectionAccess the authenticator collection
Returns
Authentication\Authenticator\AuthenticatorCollectionbuildIdentity() ¶ public
buildIdentity(ArrayAccess|array $identityData): Authentication\IdentityInterfaceBuilds the identity object
Parameters
-
ArrayAccess|array$identityData Identity data
Returns
Authentication\IdentityInterfaceclearIdentity() ¶ public
clearIdentity(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response): arrayClears the identity from authenticators that store them and the request
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request.
-
Psr\Http\Message\ResponseInterface$response The response.
Returns
arrayconfigShallow() ¶ public
configShallow(array<string, mixed>|string $key, mixed|null $value = null): $thisMerge provided config with existing config. Unlike config() which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);Setting a nested value:
$this->configShallow('some.nested.key', $value);Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
Returns
$thisgetAuthenticationProvider() ¶ public
getAuthenticationProvider(): Authentication\Authenticator\AuthenticatorInterface|nullGets the successful authenticator instance if one was successful after calling authenticate.
Returns
Authentication\Authenticator\AuthenticatorInterface|nullgetConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixedReturns the config.
Usage
Reading the whole config:
$this->getConfig();Reading a specific value:
$this->getConfig('key');Reading a nested value:
$this->getConfig('some.nested.key');Reading with default value:
$this->getConfig('some-key', 'default-value');Parameters
-
string|null$key optional The key to get or null for the whole config.
-
mixed$default optional The return value when the key does not exist.
Returns
mixedgetConfigOrFail() ¶ public
getConfigOrFail(string $key): mixedReturns the config for this specific key.
The config value for this key must exist, it can never be null.
Parameters
-
string$key The key to get.
Returns
mixedThrows
InvalidArgumentExceptiongetIdentificationProvider() ¶ public
getIdentificationProvider(): Authentication\Identifier\IdentifierInterface|nullConvenient method to gets the successful identifier instance.
Returns
Authentication\Identifier\IdentifierInterface|nullgetIdentity() ¶ public
getIdentity(): Authentication\IdentityInterface|nullGets an identity object
Returns
Authentication\IdentityInterface|nullgetIdentityAttribute() ¶ public
getIdentityAttribute(): stringReturn the name of the identity attribute.
Returns
stringgetImpersonationProvider() ¶ protected
getImpersonationProvider(): Authentication\Authenticator\ImpersonationInterfaceGet impersonation provider
Returns
Authentication\Authenticator\ImpersonationInterfaceThrows
InvalidArgumentExceptiongetLoginRedirect() ¶ public
getLoginRedirect(Psr\Http\Message\ServerRequestInterface $request): string|nullReturn the URL that an authenticated user came from or null.
This reads from the URL parameter defined in the queryParam option.
Will return null if this parameter doesn't exist or is invalid.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request
Returns
string|nullgetResult() ¶ public
getResult(): Authentication\Authenticator\ResultInterface|nullGets the result of the last authenticate() call.
Returns
Authentication\Authenticator\ResultInterface|nullgetUnauthenticatedRedirectUrl() ¶ public
getUnauthenticatedRedirectUrl(Psr\Http\Message\ServerRequestInterface $request): string|nullReturn the URL to redirect unauthenticated users to.
If the unauthenticatedRedirect option is not set,
this method will return null.
If the queryParam option is set a query parameter
will be appended with the denied URL path.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request
Returns
string|nullidentifiers() ¶ public
identifiers(): Authentication\Identifier\IdentifierCollectionAccess the identifier collection
Returns
Authentication\Identifier\IdentifierCollectionimpersonate() ¶ public
impersonate(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response, ArrayAccess $impersonator, ArrayAccess $impersonated): arrayImpersonates a user
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request
-
Psr\Http\Message\ResponseInterface$response The response
-
ArrayAccess$impersonator User who impersonates
-
ArrayAccess$impersonated User impersonated
Returns
arrayisImpersonating() ¶ public
isImpersonating(Psr\Http\Message\ServerRequestInterface $request): boolReturns true if impersonation is being done
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request
Returns
boolloadAuthenticator() ¶ public
loadAuthenticator(string $name, array $config = []): Authentication\Authenticator\AuthenticatorInterfaceLoads an authenticator.
Parameters
-
string$name Name or class name.
-
array$config optional Authenticator configuration.
Returns
Authentication\Authenticator\AuthenticatorInterfaceloadIdentifier() ¶ public
loadIdentifier(string $name, array $config = []): Authentication\Identifier\IdentifierInterfaceLoads an identifier.
Parameters
-
string$name Name or class name.
-
array$config optional Identifier configuration.
Returns
Authentication\Identifier\IdentifierInterfacepersistIdentity() ¶ public
persistIdentity(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response, ArrayAccess|array $identity): arraySets identity data and persists it in the authenticators that support it.
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request.
-
Psr\Http\Message\ResponseInterface$response The response.
-
ArrayAccess|array$identity Identity data.
Returns
arraysetConfig() ¶ public
setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $thisSets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);Setting a nested value:
$this->setConfig('some.nested.key', $value);Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);Parameters
-
array<string, mixed>|string$key The key to set, or a complete array of configs.
-
mixed|null$value optional The value to set.
-
bool$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$thisThrows
Cake\Core\Exception\CakeExceptionWhen trying to set a key that is invalid.
stopImpersonating() ¶ public
stopImpersonating(Psr\Http\Message\ServerRequestInterface $request, Psr\Http\Message\ResponseInterface $response): arrayStops impersonation
Parameters
-
Psr\Http\Message\ServerRequestInterface$request The request
-
Psr\Http\Message\ResponseInterface$response The response
Returns
arrayProperty Detail
$_authenticators ¶ protected
Authenticator collection
Type
Authentication\Authenticator\AuthenticatorCollection|null$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool$_defaultConfig ¶ protected
Default configuration
authenticators- An array of authentication objects to use for authenticating users. You can configure multiple adapters and they will be checked sequentially when users are identified.identifiers- An array of identifiers. The identifiers are constructed by the service and then passed to the authenticators that will pass the credentials to them and get the user data.identityClass- The class name of identity or a callable identity builder.identityAttribute- The request attribute used to store the identity. Default toidentity.unauthenticatedRedirect- The URL to redirect unauthenticated errors to. See AuthenticationComponent::allowUnauthenticated()queryParam- The name of the query string parameter containing the previously blocked URL in case of unauthenticated redirect, or null to disable appending the denied URL.
Example:
$service = new AuthenticationService([
'authenticators' => [
'Authentication.Form
],
'identifiers' => [
'Authentication.Password'
]
]);Type
array$_identifiers ¶ protected
Identifier collection
Type
Authentication\Identifier\IdentifierCollection|null$_result ¶ protected
Result of the last authenticate() call.
Type
Authentication\Authenticator\ResultInterface|null$_successfulAuthenticator ¶ protected
Authenticator that successfully authenticated the identity.
Type
Authentication\Authenticator\AuthenticatorInterface|null