activecollab
diff --git a/‎composer.json
+2-1 b/‎composer.json
+2-1
diff --git a/‎composer.lock
+157-67 b/‎composer.lock
+157-67
diff --git a/‎src/Adapter/Adapter.php
-65 b/‎src/Adapter/Adapter.php
-65
diff --git a/‎src/Adapter/AdapterInterface.php
+6-8 b/‎src/Adapter/AdapterInterface.php
+6-8
diff --git a/‎src/Adapter/BrowserSession.php
+6-12 b/‎src/Adapter/BrowserSession.php
+6-12
diff --git a/‎src/Adapter/TokenBearer.php
+20-30 b/‎src/Adapter/TokenBearer.php
+20-30
diff --git a/‎src/Authentication.php
+85 b/‎src/Authentication.php
+85
diff --git a/‎src/AuthenticationInterface.php
+9-5 b/‎src/AuthenticationInterface.php
+9-5
@@ -19,7 +19,8 @@
         "php": ">=5.6.0",
         "activecollab/user": "~1.0",
         "activecollab/cookies": "~0.1",
-        "guzzlehttp/psr7": "~1.2"
+        "guzzlehttp/psr7": "~1.2",
+        "google/apiclient": "^1.1"
     },
     "require-dev": {
         "fabpot/php-cs-fixer": "^1.0",
 
@@ -20,20 +20,18 @@ interface AdapterInterface
     /**
      * Initialize authentication layer and see if we have a user who's already logged in.
      *
-     * @param  ServerRequestInterface          $request
-     * @param  null                            $authenticated_with
-     * @return AuthenticatedUserInterface|null
+     * @param  ServerRequestInterface $request
+     * @return array|null             Example:['authenticated_user' => AuthenticatedUserInterface, 'authenticated_with' => AuthenticationResultInterface];
      */
-    public function initialize(ServerRequestInterface $request, &$authenticated_with = null);
+    public function initialize(ServerRequestInterface $request);
 
     /**
-     * Authenticate with given credential against authentication source.
+     * Authenticate user against authentication source.
      *
-     * @param  ServerRequestInterface        $request
-     * @param  bool                          $check_password
+     * @param  AuthenticatedUserInterface    $authenticated_user
      * @return AuthenticationResultInterface
      */
-    public function authenticate(ServerRequestInterface $request, $check_password = true);
+    public function authenticate(AuthenticatedUserInterface $authenticated_user);
 
     /**
      * Terminate an instance that was used to authenticate a user.
 
@@ -8,6 +8,7 @@
 
 namespace ActiveCollab\Authentication\Adapter;
 
+use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
 use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
 use ActiveCollab\Authentication\AuthenticationResult\AuthenticationResultInterface;
 use ActiveCollab\Authentication\Exception\InvalidSessionException;
@@ -20,7 +21,7 @@
 /**
  * @package ActiveCollab\Authentication\Adapter
  */
-class BrowserSession extends Adapter
+class BrowserSession implements AdapterInterface
 {
     /**
      * @var UserRepositoryInterface
@@ -63,7 +64,7 @@ public function __construct(UserRepositoryInterface $user_repository, SessionRep
     /**
      * {@inheritdoc}
      */
-    public function initialize(ServerRequestInterface $request, &$authenticated_with = null)
+    public function initialize(ServerRequestInterface $request)
     {
         $session_id = $this->cookies->get($request, $this->session_cookie_name);
 
@@ -76,9 +77,8 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
         if ($session instanceof SessionInterface) {
             if ($user = $session->getAuthenticatedUser($this->user_repository)) {
                 $this->session_repository->recordUsageBySession($session);
-                $authenticated_with = $session;
 
-                return $user;
+                return ['authenticated_user' => $user, 'authenticated_with' => $session];
             }
         }
 
@@ -88,15 +88,9 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
     /**
      * {@inheritdoc}
      */
-    public function authenticate(ServerRequestInterface $request, $check_password = true)
+    public function authenticate(AuthenticatedUserInterface $authenticated_user)
     {
-        return $this->session_repository->createSession(
-            $this->getUserFromCredentials(
-                $this->user_repository,
-                $this->getAuthenticationCredentialsFromRequest($request, $check_password),
-                $check_password
-            )
-        );
+        return $this->session_repository->createSession($authenticated_user);
     }
 
     /**
 
@@ -8,6 +8,7 @@
 
 namespace ActiveCollab\Authentication\Adapter;
 
+use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
 use ActiveCollab\Authentication\AuthenticatedUser\RepositoryInterface as UserRepositoryInterface;
 use ActiveCollab\Authentication\AuthenticationResult\AuthenticationResultInterface;
 use ActiveCollab\Authentication\Exception\InvalidTokenException;
@@ -19,7 +20,7 @@
 /**
  * @package ActiveCollab\Authentication\Adapter
  */
-class TokenBearer extends Adapter
+class TokenBearer implements AdapterInterface
 {
     /**
      * @var UserRepositoryInterface
@@ -44,52 +45,41 @@ public function __construct(UserRepositoryInterface $user_repository, TokenRepos
     /**
      * {@inheritdoc}
      */
-    public function initialize(ServerRequestInterface $request, &$authenticated_with = null)
+    public function initialize(ServerRequestInterface $request)
     {
         $authorization = $request->getHeaderLine('Authorization');
 
-        if (!empty($authorization) && substr($authorization, 0, 7) === 'Bearer ') {
-            $token_id = trim(substr($authorization, 7));
+        if (empty($authorization) || substr($authorization, 0, 7) !== 'Bearer ') {
+            return null;
+        }
 
-            if ($token_id === null || $token_id === '') {
-                throw new InvalidTokenException();
-            }
+        $token_id = trim(substr($authorization, 7));
 
-            if ($token = $this->token_repository->getById($token_id)) {
-                if ($user = $token->getAuthenticatedUser($this->user_repository)) {
-                    $this->token_repository->recordUsageByToken($token);
-                    $authenticated_with = $token;
+        if ($token_id === null || $token_id === '') {
+            throw new InvalidTokenException();
+        }
 
-                    return $user;
-                }
-            }
+        if ($token = $this->token_repository->getById($token_id)) {
+            if ($user = $token->getAuthenticatedUser($this->user_repository)) {
+                $this->token_repository->recordUsageByToken($token);
 
-            throw new InvalidTokenException();
+                return ['authenticated_user' => $user, 'authenticated_with' => $token];
+            }
         }
 
-        return null;
+        throw new InvalidTokenException();
     }
 
     /**
-     * Authenticate with given credential agains authentication source.
-     *
-     * @param  ServerRequestInterface        $request
-     * @param  bool                          $check_password
-     * @return AuthenticationResultInterface
+     * {@inheritdoc}
      */
-    public function authenticate(ServerRequestInterface $request, $check_password = true)
+    public function authenticate(AuthenticatedUserInterface $authenticated_user)
     {
-        return $this->token_repository->issueToken($this->getUserFromCredentials(
-            $this->user_repository,
-            $this->getAuthenticationCredentialsFromRequest($request),
-            $check_password
-        ));
+        return $this->token_repository->issueToken($authenticated_user);
     }
 
     /**
-     * Terminate an instance that was used to authenticate a user.
-     *
-     * @param AuthenticationResultInterface $authenticated_with
+     * {@inheritdoc}
      */
     public function terminate(AuthenticationResultInterface $authenticated_with)
     {
 
@@ -0,0 +1,85 @@
+<?php
+
+/*
+ * This file is part of the Active Collab Authentication project.
+ *
+ * (c) A51 doo <[email protected]>. All rights reserved.
+ */
+
+namespace ActiveCollab\Authentication;
+
+use ActiveCollab\Authentication\Adapter\AdapterInterface;
+use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
+use ActiveCollab\Authentication\Exception\InvalidAuthenticationRequestException;
+use Exception;
+use Psr\Http\Message\RequestInterface;
+use RuntimeException;
+
+class Authentication implements AuthenticationInterface
+{
+    /**
+     * @var array
+     */
+    private $adapters;
+
+    /**
+     * @param array $adapters
+     */
+    public function __construct(array $adapters)
+    {
+        foreach ($adapters as $adapter) {
+            if (!($adapter instanceof AdapterInterface)) {
+                throw new RuntimeException('Invalid object type provided');
+            }
+        }
+
+        $this->adapters = $adapters;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function initialize(RequestInterface $request)
+    {
+        $exception = null;
+        $results = ['authenticated_user' => [], 'authenticated_with' => []];
+
+        foreach ($this->adapters as $adapter) {
+            try {
+                $result = $adapter->initialize($request);
+                if ($result) {
+                    $results['authenticated_user'][] = $result['authenticated_user'];
+                    $results['authenticated_with'][] = $result['authenticated_with'];
+                }
+            } catch (Exception $e) {
+                $exception = $e;
+            }
+        }
+
+        if (empty($results['authenticated_user'])) {
+            if ($exception) {
+                throw $exception;
+            }
+
+            return $request;
+        }
+
+        if (count($results['authenticated_user']) > 1) {
+            throw new InvalidAuthenticationRequestException('You can not be authenticated with more than one authentication method');
+        }
+
+        return $request
+            ->withAttribute('authenticated_user', $results['authenticated_user'][0])
+            ->withAttribute('authenticated_with', $results['authenticated_with'][0]);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function authorize(AuthorizerInterface $authorizer, AdapterInterface $adapter, array $credentials)
+    {
+        $user = $authorizer->verifyCredentials($credentials);
+
+        return $adapter->authenticate($user);
+    }
+}
@@ -8,7 +8,9 @@
 
 namespace ActiveCollab\Authentication;
 
+use ActiveCollab\Authentication\Adapter\AdapterInterface;
 use ActiveCollab\Authentication\AuthenticatedUser\AuthenticatedUserInterface;
+use ActiveCollab\Authentication\Authorizer\AuthorizerInterface;
 use Psr\Http\Message\RequestInterface;
 
 /**
@@ -19,16 +21,18 @@ interface AuthenticationInterface
     /**
      * Initialize authentication layer and see if we have a user who's already logged in.
      *
-     * @param  RequestInterface                $request
-     * @return AuthenticatedUserInterface|null
+     * @param  RequestInterface $request
+     * @return RequestInterface
      */
     public function initialize(RequestInterface $request);
 
     /**
-     * Authenticate with given credential agains authentication source.
+     * Authorize and authenticate with given credentials against authorization/authentication source.
      *
-     * @param  RequestInterface           $request
+     * @param  AuthorizerInterface        $authorizer
+     * @param  AdapterInterface           $adapter
+     * @param  array                      $credentials
      * @return AuthenticatedUserInterface
      */
-    public function authenticate(RequestInterface $request);
+    public function authorize(AuthorizerInterface $authorizer, AdapterInterface $adapter, array $credentials);
 }