Merge pull request #2 from activecollab/feature-passwordless-auth

Add support for passwordless authentification

Author: ilijastuden

src/Adapter/Adapter.php

@@ -40,17 +40,18 @@ protected function getAuthenticationCredentialsFromRequest(ServerRequestInterfac
     /**
      * @param  UserRepositoryInterface    $repository
      * @param  array                      $credentials
+     * @param  bool                       $check_password
      * @return AuthenticatedUserInterface
      */
-    protected function getUserFromCredentials(UserRepositoryInterface $repository, array $credentials)
+    protected function getUserFromCredentials(UserRepositoryInterface $repository, array $credentials, $check_password = true)
     {
         $user = $repository->findByUsername($credentials['username']);
 
         if (!$user) {
             throw new UserNotFound();
         }
 
-        if (!$user->isValidPassword($credentials['password'])) {
+        if ($check_password && !$user->isValidPassword($credentials['password'])) {
             throw new InvalidPassword();
         }
 

src/Adapter/AdapterInterface.php

@@ -30,9 +30,10 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
      * Authenticate with given credential agains authentication source.
      *
      * @param  ServerRequestInterface        $request
+     * @param  bool                          $check_password
      * @return AuthenticationResultInterface
      */
-    public function authenticate(ServerRequestInterface $request);
+    public function authenticate(ServerRequestInterface $request, $check_password = true);
 
     /**
      * Terminate an instance that was used to authenticate a user.

src/Adapter/BrowserSession.php

@@ -86,9 +86,15 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
     /**
      * {@inheritdoc}
      */
-    public function authenticate(ServerRequestInterface $request)
+    public function authenticate(ServerRequestInterface $request, $check_password = true)
     {
-        return $this->sessions_repository->createSession($this->getUserFromCredentials($this->users_repository, $this->getAuthenticationCredentialsFromRequest($request)));
+        return $this->sessions_repository->createSession(
+            $this->getUserFromCredentials(
+                $this->users_repository,
+                $this->getAuthenticationCredentialsFromRequest($request),
+                $check_password
+            )
+        );
     }
 
     /**

src/Adapter/TokenBearer.php

@@ -74,11 +74,12 @@ public function initialize(ServerRequestInterface $request, &$authenticated_with
      * Authenticate with given credential agains authentication source.
      *
      * @param  ServerRequestInterface        $request
+     * @param  bool                          $check_password
      * @return AuthenticationResultInterface
      */
-    public function authenticate(ServerRequestInterface $request)
+    public function authenticate(ServerRequestInterface $request, $check_password = true)
     {
-        return $this->tokens_repository->issueToken($this->getUserFromCredentials($this->users_repository, $this->getAuthenticationCredentialsFromRequest($request)));
+        return $this->tokens_repository->issueToken($this->getUserFromCredentials($this->users_repository, $this->getAuthenticationCredentialsFromRequest($request), $check_password));
     }
 
     /**

test/src/BrowserSessionAuthenticateTest.php

@@ -80,6 +80,21 @@ public function testGoodCredentialsAuthenticateUser()
         $this->assertInstanceOf(SessionInterface::class, $result);
     }
 
+    /**
+     * Test if good credentials without provided password authenticate the user.
+     */
+    public function testGoodCredentialsAuthenticateUserWithoutPassword()
+    {
+        $user_repository = new UserRepository([
+            '[email protected]' => new AuthenticatedUser(1, '[email protected]', 'Ilija Studen', '123'),
+        ]);
+
+        $result = (new BrowserSession($user_repository, $this->empty_sessions_repository, $this->cookies))->authenticate($this->prepareAuthorizationRequest('[email protected]', '123'), false);
+
+        $this->assertInstanceOf(AuthenticationResultInterface::class, $result);
+        $this->assertInstanceOf(SessionInterface::class, $result);
+    }
+
     /**
      * Test if authentication result can be converted to a valid JSON response.
      */