CakePHP
  • Documentation
    • Book
    • API
    • Videos
    • Reporting Security Issues
    • Privacy Policy
    • Logos & Trademarks
  • Business Solutions
  • Swag
  • Road Trip
  • Team
  • Community
    • Community
    • Get Involved
    • Issues (Github)
    • Bakery
    • Featured Resources
    • Training
    • Meetups
    • My CakePHP
    • CakeFest
    • Newsletter
    • Linkedin
    • YouTube
    • Facebook
    • Twitter
    • Mastodon
    • Help & Support
    • Forum
    • Stack Overflow
    • IRC
    • Slack
    • Paid Support
CakePHP

C Authentication 3.x API

  • Project:
    • Authentication
      • CakePHP
      • Authentication
      • Authorization
      • Chronos
      • Elastic Search
      • Queue
  • Version:
    • 3.x
      • 3.x
      • 2.x

Namespaces

  • Authentication
    • Authenticator
    • Controller
      • Component
    • Identifier
    • Middleware
    • PasswordHasher
    • UrlChecker
    • View

Class AuthenticationComponent

Controller Component for interacting with Authentication.

Namespace: Authentication\Controller\Component

Property Summary

  • $_authentication protected
    Authentication\AuthenticationServiceInterface|null

    Authentication service instance.

  • $_config protected
    array<string, mixed>

    Runtime config

  • $_configInitialized protected
    bool

    Whether the config property has already been configured with defaults

  • $_defaultConfig protected
    array<string, mixed>

    Configuration options

  • $_eventClass protected
    string

    Default class name for new event objects.

  • $_eventManager protected
    Cake\Event\EventManagerInterface|null

    Instance of the Cake\Event\EventManager this object is using to dispatch inner events.

  • $_registry protected
    Cake\Controller\ComponentRegistry

    Component registry class used to lazy load components.

  • $componentInstances protected
    array<string,Cake\Controller\Component>

    Loaded component instances.

  • $components protected
    array

    Other Components this component uses.

  • $unauthenticatedActions protected
    array<string>

    List of actions that don't require authentication.

Method Summary

  • __construct() public

    Constructor

  • __debugInfo() public

    Returns an array that can be used to describe the internal state of this object.

  • __get() public

    Magic method for lazy loading $components.

  • _configDelete() protected

    Deletes a single config key.

  • _configRead() protected

    Reads a config key.

  • _configWrite() protected

    Writes a config key.

  • addUnauthenticatedActions() public

    Add to the list of actions that don't require an authentication identity to be present.

  • allowUnauthenticated() public

    Set the list of actions that don't require an authentication identity to be present.

  • beforeFilter() public

    Triggers the Authentication.afterIdentify event for non stateless adapters that are not persistent either

  • configShallow() public

    Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

  • dispatchEvent() public

    Wrapper for creating and dispatching events.

  • doIdentityCheck() protected

    Check if the identity presence is required.

  • getAuthenticationService() public

    Returns authentication service.

  • getConfig() public

    Returns the config.

  • getConfigOrFail() public

    Returns the config for this specific key.

  • getController() public

    Get the controller this component is bound to.

  • getEventManager() public

    Returns the Cake\Event\EventManager manager instance for this object.

  • getIdentifier() public

    Get the identifier (primary key) of the identity.

  • getIdentity() public

    Returns the identity used in the authentication attempt.

  • getIdentityData() public

    Returns the identity used in the authentication attempt.

  • getImpersonationAuthenticationService() protected

    Get impersonation authentication service

  • getLoginRedirect() public

    Get the URL visited before an unauthenticated redirect.

  • getResult() public

    Gets the result of the last authenticate() call.

  • getUnauthenticatedActions() public

    Get the current list of actions that don't require authentication.

  • impersonate() public

    Impersonates a user

  • implementedEvents() public

    Get the Controller callbacks this Component is interested in.

  • initialize() public

    Initialize component.

  • isImpersonating() public

    Returns true if impersonation is being done

  • log() public

    Convenience method to write a message to Log. See Log::write() for more information on writing to logs.

  • logout() public

    Log a user out.

  • setConfig() public

    Sets the config.

  • setEventManager() public

    Returns the Cake\Event\EventManagerInterface instance for this object.

  • setIdentity() public

    Replace the current identity

  • startup() public

    Start up event handler

  • stopImpersonating() public

    Stops impersonation

Method Detail

__construct() ¶ public 

__construct(Cake\Controller\ComponentRegistry $registry, array<string, mixed> $config = [])

Constructor

Parameters
Cake\Controller\ComponentRegistry $registry

A component registry this component can use to lazy load its components.

array<string, mixed> $config optional

Array of configuration settings.

__debugInfo() ¶ public 

__debugInfo(): array<string, mixed>

Returns an array that can be used to describe the internal state of this object.

Returns
array<string, mixed>

__get() ¶ public 

__get(string $name): Cake\Controller\Component|null

Magic method for lazy loading $components.

Parameters
string $name

Name of component to get.

Returns
Cake\Controller\Component|null

_configDelete() ¶ protected 

_configDelete(string $key): void

Deletes a single config key.

Parameters
string $key

Key to delete.

Returns
void
Throws
Cake\Core\Exception\CakeException
if attempting to clobber existing config

_configRead() ¶ protected 

_configRead(string|null $key): mixed

Reads a config key.

Parameters
string|null $key

Key to read.

Returns
mixed

_configWrite() ¶ protected 

_configWrite(array<string, mixed>|string $key, mixed $value, string|bool $merge = false): void

Writes a config key.

Parameters
array<string, mixed>|string $key

Key to write to.

mixed $value

Value to write.

string|bool $merge optional

True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.

Returns
void
Throws
Cake\Core\Exception\CakeException
if attempting to clobber existing config

addUnauthenticatedActions() ¶ public 

addUnauthenticatedActions(array<string> $actions): $this

Add to the list of actions that don't require an authentication identity to be present.

Parameters
array<string> $actions

The action or actions to append.

Returns
$this

allowUnauthenticated() ¶ public 

allowUnauthenticated(array<string> $actions): $this

Set the list of actions that don't require an authentication identity to be present.

Actions not in this list will require an identity to be present. Any valid identity will pass this constraint.

Parameters
array<string> $actions

The action list.

Returns
$this

beforeFilter() ¶ public 

beforeFilter(): void

Triggers the Authentication.afterIdentify event for non stateless adapters that are not persistent either

Returns
void

configShallow() ¶ public 

configShallow(array<string, mixed>|string $key, mixed|null $value = null): $this

Merge provided config with existing config. Unlike config() which does a recursive merge for nested keys, this method does a simple merge.

Setting a specific value:

$this->configShallow('key', $value);

Setting a nested value:

$this->configShallow('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
array<string, mixed>|string $key

The key to set, or a complete array of configs.

mixed|null $value optional

The value to set.

Returns
$this

dispatchEvent() ¶ public 

dispatchEvent(string $name, array $data = [], TSubject|null $subject = null): Cake\Event\EventInterface<TSubject>

Wrapper for creating and dispatching events.

Returns a dispatched event.

Parameters
string $name

Name of the event.

array $data optional

Any value you wish to be transported with this event to it can be read by listeners.

TSubject|null $subject optional

The object that this event applies to ($this by default).

Returns
Cake\Event\EventInterface<TSubject>

doIdentityCheck() ¶ protected 

doIdentityCheck(): void

Check if the identity presence is required.

Also checks if the current action is accessible without authentication.

Returns
void
Throws
Exception
when request is missing or has an invalid AuthenticationService
Authentication\Authenticator\UnauthenticatedException
when requireIdentity is true and request is missing an identity

getAuthenticationService() ¶ public 

getAuthenticationService(): Authentication\AuthenticationServiceInterface

Returns authentication service.

Returns
Authentication\AuthenticationServiceInterface
Throws
Exception

getConfig() ¶ public 

getConfig(string|null $key = null, mixed $default = null): mixed

Returns the config.

Usage

Reading the whole config:

$this->getConfig();

Reading a specific value:

$this->getConfig('key');

Reading a nested value:

$this->getConfig('some.nested.key');

Reading with default value:

$this->getConfig('some-key', 'default-value');
Parameters
string|null $key optional

The key to get or null for the whole config.

mixed $default optional

The return value when the key does not exist.

Returns
mixed

getConfigOrFail() ¶ public 

getConfigOrFail(string $key): mixed

Returns the config for this specific key.

The config value for this key must exist, it can never be null.

Parameters
string $key

The key to get.

Returns
mixed
Throws
InvalidArgumentException

getController() ¶ public 

getController(): Cake\Controller\Controller

Get the controller this component is bound to.

Returns
Cake\Controller\Controller

getEventManager() ¶ public 

getEventManager(): Cake\Event\EventManagerInterface

Returns the Cake\Event\EventManager manager instance for this object.

You can use this instance to register any new listeners or callbacks to the object events, or create your own events and trigger them at will.

Returns
Cake\Event\EventManagerInterface

getIdentifier() ¶ public 

getIdentifier(): array|string|int|null

Get the identifier (primary key) of the identity.

Returns
array|string|int|null

getIdentity() ¶ public 

getIdentity(): Authentication\IdentityInterface|null

Returns the identity used in the authentication attempt.

Returns
Authentication\IdentityInterface|null

getIdentityData() ¶ public 

getIdentityData(string $path): mixed

Returns the identity used in the authentication attempt.

Parameters
string $path

Path to return from the data.

Returns
mixed
Throws
RuntimeException
If the identity has not been found.

getImpersonationAuthenticationService() ¶ protected 

getImpersonationAuthenticationService(): Authentication\Authenticator\ImpersonationInterface

Get impersonation authentication service

Returns
Authentication\Authenticator\ImpersonationInterface
Throws
Exception

getLoginRedirect() ¶ public 

getLoginRedirect(): string|null

Get the URL visited before an unauthenticated redirect.

Reads from the current request's query string if available.

Leverages the unauthenticatedRedirect and queryParam options in the AuthenticationService.

Returns
string|null

getResult() ¶ public 

getResult(): Authentication\Authenticator\ResultInterface|null

Gets the result of the last authenticate() call.

Returns
Authentication\Authenticator\ResultInterface|null

getUnauthenticatedActions() ¶ public 

getUnauthenticatedActions(): array<string>

Get the current list of actions that don't require authentication.

Returns
array<string>

impersonate() ¶ public 

impersonate(ArrayAccess $impersonated): $this

Impersonates a user

Parameters
ArrayAccess $impersonated

User impersonated

Returns
$this
Throws
Exception

implementedEvents() ¶ public 

implementedEvents(): array<string, mixed>

Get the Controller callbacks this Component is interested in.

Uses Conventions to map controller events to standard component callback method names. By defining one of the callback methods a component is assumed to be interested in the related event.

Override this method if you need to add non-conventional event listeners. Or if you want components to listen to non-standard events.

Returns
array<string, mixed>

initialize() ¶ public 

initialize(array<string, mixed> $config): void

Initialize component.

Implement this method to avoid having to overwrite the constructor and call parent.

Parameters
array<string, mixed> $config

The config data.

Returns
void

isImpersonating() ¶ public 

isImpersonating(): bool

Returns true if impersonation is being done

Returns
bool
Throws
Exception

log() ¶ public 

log(Stringable|string $message, string|int $level = LogLevel::ERROR, array|string $context = []): bool

Convenience method to write a message to Log. See Log::write() for more information on writing to logs.

Parameters
Stringable|string $message

Log message.

string|int $level optional

Error level.

array|string $context optional

Additional log data relevant to this message.

Returns
bool

logout() ¶ public 

logout(): string|null

Log a user out.

Triggers the Authentication.logout event.

Returns
string|null

setConfig() ¶ public 

setConfig(array<string, mixed>|string $key, mixed|null $value = null, bool $merge = true): $this

Sets the config.

Usage

Setting a specific value:

$this->setConfig('key', $value);

Setting a nested value:

$this->setConfig('some.nested.key', $value);

Updating multiple config settings at the same time:

$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
array<string, mixed>|string $key

The key to set, or a complete array of configs.

mixed|null $value optional

The value to set.

bool $merge optional

Whether to recursively merge or overwrite existing config, defaults to true.

Returns
$this
Throws
Cake\Core\Exception\CakeException
When trying to set a key that is invalid.

setEventManager() ¶ public 

setEventManager(Cake\Event\EventManagerInterface $eventManager): $this

Returns the Cake\Event\EventManagerInterface instance for this object.

You can use this instance to register any new listeners or callbacks to the object events, or create your own events and trigger them at will.

Parameters
Cake\Event\EventManagerInterface $eventManager

the eventManager to set

Returns
$this

setIdentity() ¶ public 

setIdentity(ArrayAccess $identity): $this

Replace the current identity

Clear and replace identity data in all authenticators that are loaded and support persistence. The identity is cleared and then set to ensure that privilege escalation and de-escalation include side effects like session rotation.

Parameters
ArrayAccess $identity

Identity data to persist.

Returns
$this

startup() ¶ public 

startup(): void

Start up event handler

Returns
void
Throws
Exception
when request is missing or has an invalid AuthenticationService
Authentication\Authenticator\UnauthenticatedException
when requireIdentity is true and request is missing an identity

stopImpersonating() ¶ public 

stopImpersonating(): $this

Stops impersonation

Returns
$this
Throws
Exception

Property Detail

$_authentication ¶ protected

Authentication service instance.

Type
Authentication\AuthenticationServiceInterface|null

$_config ¶ protected

Runtime config

Type
array<string, mixed>

$_configInitialized ¶ protected

Whether the config property has already been configured with defaults

Type
bool

$_defaultConfig ¶ protected

Configuration options

  • logoutRedirect - The route/URL to direct users to after logout()
  • requireIdentity - By default AuthenticationComponent will require an identity to be present whenever it is active. You can set the option to false to disable that behavior. See allowUnauthenticated() as well.
  • unauthenticatedMessage - Error message to use when UnauthenticatedException is thrown.
Type
array<string, mixed>

$_eventClass ¶ protected

Default class name for new event objects.

Type
string

$_eventManager ¶ protected

Instance of the Cake\Event\EventManager this object is using to dispatch inner events.

Type
Cake\Event\EventManagerInterface|null

$_registry ¶ protected

Component registry class used to lazy load components.

Type
Cake\Controller\ComponentRegistry

$componentInstances ¶ protected

Loaded component instances.

Type
array<string,Cake\Controller\Component>

$components ¶ protected

Other Components this component uses.

Type
array

$unauthenticatedActions ¶ protected

List of actions that don't require authentication.

Type
array<string>
OpenHub
Pingping
Linode
  • Business Solutions
  • Showcase
  • Documentation
  • Book
  • API
  • Videos
  • Reporting Security Issues
  • Privacy Policy
  • Logos & Trademarks
  • Community
  • Get Involved
  • Issues (Github)
  • Bakery
  • Featured Resources
  • Training
  • Meetups
  • My CakePHP
  • CakeFest
  • Newsletter
  • Linkedin
  • YouTube
  • Facebook
  • Twitter
  • Mastodon
  • Help & Support
  • Forum
  • Stack Overflow
  • IRC
  • Slack
  • Paid Support

Generated using CakePHP API Docs