Résolution définitive du bug lié aux données de login résiduelles en mémoire après déconnexion.

Utilisation de la config pour la recherche LDAP en cas d'usurpation d'identité. Mise en place d'un EventManager unique et dédié à UnicaenAuth

Résolution définitive du bug lié aux données de login résiduelles en mémoire après déconnexion.
Utilisation de la config pour la recherche LDAP en cas d'usurpation d'identité. Mise en place d'un EventManager unique et dédié à UnicaenAuth
090ecaa5 · Laurent Lécluse · 9077cae7 · 090ecaa5 · 090ecaa5 · 090ecaa5
Commit 090ecaa5 authored Dec 05, 2019 by Laurent Lécluse
--- a/config/module.config.php
+++ b/config/module.config.php
@@ -494,6 +494,7 @@ return [

            'UnicaenApp\HistoriqueListener' => HistoriqueListenerFactory::class,
            'UnicaenAuth\HistoriqueListener' => HistoriqueListenerFactory::class,
+            \UnicaenAuth\Event\EventManager::class => \UnicaenAuth\Event\EventManagerFactory::class,
        ],
        'lazy_services' => [
            // Mapping services to their class names is required since the ServiceManager is not a declarative DIC.

--- a/src/UnicaenAuth/Authentication/Adapter/AbstractFactory.php
+++ b/src/UnicaenAuth/Authentication/Adapter/AbstractFactory.php
@@ -6,7 +6,7 @@ use Interop\Container\ContainerInterface;
 use UnicaenApp\Exception\LogicException;
 use UnicaenAuth\Options\ModuleOptions;
 use UnicaenAuth\Service\User;
-use Zend\EventManager\EventManager;
+use UnicaenAuth\Event\EventManager;
 use Zend\EventManager\EventManagerAwareInterface;
 use Zend\Router\Http\TreeRouteStack;
 use Zend\ServiceManager\AbstractFactoryInterface;
@@ -62,10 +62,13 @@ class AbstractFactory implements AbstractFactoryInterface

        if ($adapter instanceof EventManagerAwareInterface) {
            /** @var EventManager $eventManager */
-            $eventManager = $container->get('EventManager');
+            $eventManager = $container->get(EventManager::class);
            $adapter->setEventManager($eventManager);
            $userService = $container->get('unicaen-auth_user_service'); /* @var $userService \UnicaenAuth\Service\User */
            $eventManager->attach('userAuthenticated', [$userService, 'userAuthenticated'], 100);
+            $eventManager->attach('clear', function() use ($adapter){
+                $adapter->getStorage()->clear();
+            });
        }

        return $adapter;

--- a/src/UnicaenAuth/Authentication/Adapter/Cas.php
+++ b/src/UnicaenAuth/Authentication/Adapter/Cas.php
@@ -78,15 +78,6 @@ class Cas extends AbstractAdapter implements EventManagerAwareInterface
        $this->router = $router;
    }

-    public function getStorage()
-    {
-        if (null === $this->storage) {
-            $this->setStorage(new Session());
-        }
-
-        return $this->storage;
-    }
-    
    /**
     * Réalise l'authentification.
     *

--- a/src/UnicaenAuth/Authentication/Adapter/Db.php
+++ b/src/UnicaenAuth/Authentication/Adapter/Db.php
@@ -37,15 +37,6 @@ class Db extends \ZfcUser\Authentication\Adapter\Db implements ServiceLocatorAwa
        return $this;
    }

-    public function getStorage()
-    {
-        if (null === $this->storage) {
-            $this->setStorage(new Session());
-        }
-
-        return $this->storage;
-    }
-
    /**
     * Authentification.
     *

--- a/src/UnicaenAuth/Authentication/Adapter/Ldap.php
+++ b/src/UnicaenAuth/Authentication/Adapter/Ldap.php
@@ -78,15 +78,6 @@ class Ldap extends AbstractAdapter implements EventManagerAwareInterface
        $this->appModuleOptions = $appModuleOptions;
    }

-    public function getStorage()
-    {
-        if (null === $this->storage) {
-            $this->setStorage(new Session());
-        }
-
-        return $this->storage;
-    }
-    
    /**
     *
     * @param EventInterface $e
@@ -224,7 +215,7 @@ class Ldap extends AbstractAdapter implements EventManagerAwareInterface
        // verif existence du login usurpé
        if ($this->usernameUsurpe) {
            // s'il nexiste pas, échec de l'authentification
-            if (!$this->getLdapAuthAdapter()->getLdap()->searchEntries("(supannAliasLogin=$this->usernameUsurpe)")) {
+            if (!@$this->getLdapAuthAdapter()->getLdap()->searchEntries("(".$this->getOptions()->getLdapUsername()."=$this->usernameUsurpe)")) {
                $this->usernameUsurpe = null;
                $success              = false;
            }

--- a/src/UnicaenAuth/Authentication/Storage/Chain.php
+++ b/src/UnicaenAuth/Authentication/Storage/Chain.php
@@ -163,9 +163,6 @@ class Chain implements StorageInterface, EventManagerAwareInterface
     */
    public function getEventManager()
    {
-        if (null === $this->eventManager) {
-            $this->eventManager = new EventManager();
-        }
        return $this->eventManager;
    }


--- a/src/UnicaenAuth/Authentication/Storage/ChainServiceFactory.php
+++ b/src/UnicaenAuth/Authentication/Storage/ChainServiceFactory.php
@@ -4,7 +4,7 @@ namespace UnicaenAuth\Authentication\Storage;

 use Interop\Container\ContainerInterface;
 use UnicaenAuth\Options\ModuleOptions;
-use Zend\EventManager\EventManager;
+use UnicaenAuth\Event\EventManager;
 use Zend\ServiceManager\FactoryInterface;
 use Zend\ServiceManager\ServiceLocatorInterface;

@@ -33,7 +33,7 @@ class ChainServiceFactory implements FactoryInterface
        $chain = new Chain();

        /** @var EventManager $eventManager */
-        $eventManager = $container->get('EventManager');
+        $eventManager = $container->get(EventManager::class);

        $chain->setEventManager($eventManager);


--- a/src/UnicaenAuth/Event/EventManager.php
+++ b/src/UnicaenAuth/Event/EventManager.php
+<?php
+
+namespace UnicaenAuth\Event;
+
+class EventManager extends \Zend\EventManager\EventManager
+{
+    
+}
\ No newline at end of file
--- a/src/UnicaenAuth/Event/EventManagerFactory.php
+++ b/src/UnicaenAuth/Event/EventManagerFactory.php
+<?php
+
+namespace UnicaenAuth\Event;
+
+use Interop\Container\ContainerInterface;
+
+/**
+ * Description of EventManagerFactory
+ *
+ * @author LECLUSE Laurent <laurent.lecluse at unicaen.fr>
+ */
+class EventManagerFactory
+{
+
+    /**
+     * @param ContainerInterface $container
+     * @param string             $requestedName
+     * @param array|null         $options
+     *
+     * @return EventManager
+     */
+    public function __invoke(ContainerInterface $container, $requestedName, $options = null)
+    {
+        $shared = $container->has('SharedEventManager') ? $container->get('SharedEventManager') : null;
+        $eventManager = new EventManager($shared);
+
+        return $eventManager;
+    }
+}
\ No newline at end of file
--- a/src/UnicaenAuth/Provider/Identity/ChainServiceFactory.php
+++ b/src/UnicaenAuth/Provider/Identity/ChainServiceFactory.php
@@ -4,8 +4,8 @@ namespace UnicaenAuth\Provider\Identity;

 use BjyAuthorize\Service\Authorize;
 use Interop\Container\ContainerInterface;
+use UnicaenAuth\Event\EventManager;
 use UnicaenAuth\Service\UserContext;
-use Zend\EventManager\EventManager;
 use Zend\ServiceManager\FactoryInterface;
 use Zend\ServiceManager\ServiceLocatorInterface;

@@ -32,7 +32,7 @@ class ChainServiceFactory implements FactoryInterface
        $authorizeService = $container->get('BjyAuthorize\Service\Authorize');

        /** @var EventManager $eventManager */
-        $eventManager = $container->get('EventManager');
+        $eventManager = $container->get(EventManager::class);

        $chain->setUserContextService($userContextService);
        $chain->setAuthorizeService($authorizeService);