Authentication component from Zend Framework

Overview
Comments
  • Added split documentation from main repo

    Added split documentation from main repo

    This is just a first stab, but I have a script that can do this now - @weierophinney does this look right to you? I haven't tried rendering with Bookdown yet.

    documentation 
    opened by GeeH 12
  • Installation with composer produced InvalidArgumentException

    Installation with composer produced InvalidArgumentException

    Attempted composer require zendframework/zend-authentication on the latest zf3 framework. Produced the following error:

    [InvalidArgumentException]
    Could not find package require at any version for your minimum-stability (d
    ev). Check the package spelling or your minimum-stability

    invalid 
    opened by Farsideman 7
  • Fixed typo in link syntax

    Fixed typo in link syntax

    • No bugfix
    • No new feature
    • Fixing documentation

    Typo []Account Name Canonicalization] was corrected to [Account Name Canonicalization] so it is a valid markdown link.

    opened by arueckauer 2
  • Support user-defined error codes

    Support user-defined error codes

    This allows the client code to supply his own domain-specific error codes. In my case these were expired account, disabled account, and password not set up.

    It is also necessary for the client to supplement $this->messageTemplates and extend the Result class but this is already possible.

    • [x] Are you creating a new feature?

      • [x] Why is the new feature needed? What purpose does it serve?
      • [x] How will users use the new feature?
      • [x] Base your feature on the develop branch, and submit against that branch.
      • [x] Add only one feature per pull request; split multiple features over multiple pull requests
      • [ ] Add tests for the new feature. => is this applicable?
      • [ ] Add documentation for the new feature. => is this applicable?
      • [x] Add a CHANGELOG.md entry for the new feature.
    • [x] Is this related to quality assurance? Yes. Because my users are often confused by the generic error message when they can't log in

    opened by Erikvv 2
  • ZF3 - Using Identity view helper requires that 'Zend\Authentication\AuthenticationService' be registered

    ZF3 - Using Identity view helper requires that 'Zend\Authentication\AuthenticationService' be registered

    When using zend-authentication with ZF3, it seems that identity view helper requires that you register Zend\Authentication\AuthenticationService (literally) in your config file:

    'service_manager' => [
            'factories' => [
                'Zend\Authentication\AuthenticationService' => Service\Factory\AuthenticationServiceFactory::class,
            ],
        ],
    

    But, I expect that I should register this service with the ::class keyword, as follows:

    'service_manager' => [
            'factories' => [
                Zend\Authentication\AuthenticationService::class => Service\Factory\AuthenticationServiceFactory::class,
            ],
        ],
    

    However, this doesn't work. Is this a bug?

    question awaiting author updates 
    opened by olegkrivtsov 2
  • Allow to configure validator with custom authentication result codes and validation messages

    Allow to configure validator with custom authentication result codes and validation messages

    This PR adds feature to configure Authentication validator with user defined authentication result codes and their corresponding validation messages. Solves #41

    • [x] Are you creating a new feature?
      • [x] Why is the new feature needed? What purpose does it serve? Authentication Result allows custom result codes to be specified but Authentication validator does not provide a way to map those codes to meaningful validation error messages. This feature fixes that by introducing new configuration option for Authentication validator.
      • [x] How will users use the new feature? New constructor configuration option code_map added. It is an array of [int $resultCode => string $validatorMessageKey]. Custom validator message key can be specified which is then registered as a new template that can be modified using common ways provided by Zend\Validator\AbstractValidator: setMessage() method or messages option.
      • [x] Base your feature on the develop branch, and submit against that branch.
      • [x] Add only one feature per pull request; split multiple features over multiple pull requests
      • [x] Add tests for the new feature.
      • [x] Add documentation for the new feature.
      • [x] Add a CHANGELOG.md entry for the new feature.
    enhancement 
    opened by Xerkus 1
  • Remove insecure md5 example

    Remove insecure md5 example

    Fixes #13

    • [x] Is this related to documentation? Old documentation for CredentialTreatmentAdapter provides md5() in its usage example which might prompt users to utilize insecure practices. This PR removes md5() usage from the documentation and adds further guidance towards CallbackCheckAdapter and PHP functions password_hash() and password_verify()
    documentation 
    opened by Xerkus 1
  • Current implementation does not support db schemas

    Current implementation does not support db schemas

    Zend\Authentication\Adapter\DbTable\AbstractAdapter allows only table name but not schema. Maybe it would be better to allow TableIdentifier instead of string?

    opened by xorock 1
  • Update Authentication validator

    Update Authentication validator

    Authentication validator is able to use adapter from the given AuthenticationService:

    use My\Authentication\Adapter;
    use My\Authentication\Storage;
    use Zend\Authentication\AuthenticationService;
    use Zend\Authentication\Validator\Authentication as AuthenticationValidator;
    
    $adapter = new Adapter();
    $storage = new Storage();
    $service = new AuthenticationService($storage, $adapter);
    
    $validator = new AuthenticationValidator([
        'service' => $service,
    ]);
    
    $validator->setIdentity('username');
    $validator->isValid('password');
    
    opened by 27cm 1
  • Remove insecure MD5 from documentation

    Remove insecure MD5 from documentation

    It tears my soul that documentation about authentication mentions md5 so much. There is even an example how to use Autheticatin with md5. MD5 is insecure and todays RDBS support newer and secure methods.... (There is also md5 note in code comments)

    https://docs.zendframework.com/zend-authentication/adapter/dbtable/credential-treatment/

    help wanted documentation 
    opened by PremyslFiala 1
  • Complete #14

    Complete #14

    This patch incorporates feedback provided on #14; I was unable to push to the author's repository, so I am instead opening a new pull request.

    The patch incorporates all changes in #14, plus some changes recommended and/or required on review.

    What the patch accomplishes is the ability for a Zend\Authentication\Validator\Authentication to use the authentication adapter in the composed AuthenticationService instance when:

    • no adapter is present in the validator
    • the adapter in the authentication service is a ValidatableAdapterInterface instance

    This simplifies usage, as the consumer of the validator no longer needs direct access to the authentication adapter.

    opened by weierophinney 0
  • Check if (LDAP) user exists before authenticate

    Check if (LDAP) user exists before authenticate

    I'm looking for a way to check if my user really exists before I authenticate it.

    Is this library capable of doing so or do I need to use \Zend\Ldap for this ?

    It would be a pity if you need to use \Zend\Ldap as the serveroptions differ.

    opened by Yamakasi 1
  • [Proposal] Refactor to work in the same way as the proposed revision of Zend\Validator

    [Proposal] Refactor to work in the same way as the proposed revision of Zend\Validator

    Authentication adapter and validator are the same. The authentication service provides input to adapter, which validates the identity and returns a result. With the proposed revision of Zend\Validator, we also have the ability to chain adapters and aggregate results which can be useful in Zend\Authentication. We could add these missing features to the Zend\Authentication component.

    As adapters validate identity, they could be renamed to Validator or moved to Zend\Validator, which would make Zend\Authentication dependent on Zend\Validator ?

    Currently, the content of Zend\Authentication\Result::identity is not clear if the result is not valid. Most of time, it returns null, but sometimes it returns an empty array, or the provided identity. The documentation says two different things about this:

    getIdentity() returns the identity of the authentication attempt.

    $identity is the value representing the authenticated identity. This may be any PHP type; typically you will see a string username or token, or an object type specific to the application or login module you utilize. When the result represents a failure to authenticate, this will often be null; some systems will provide a default identity in such cases.

    So, on authentication failure, should the getIdentity() method always return the identity of the authentication attempt, or can it return whatever it wants? I think it should not return identity if the authentication fails, as this method is intended to provide identity to the storage on successful authentication.

    To sum up, I would like the Zend\Authentication component to :

    • Defines a Result interface modeling the results of authentication; it would compose the identity validated which will be use in authentication storage (only if authentication succeeded, otherwise it throws an error or returns null), authentication status, and, if present, any authentication error messages.
    • Defines validators (adapters) which define a single validate() (authenticate()) method, accepting both a value and optional context, and return a Result instance.
    • Defines a ResultAggregate interface for aggregating several results, as is necessary in a ValidatorChain (AdapterChain); Result instances would be pushed upon an aggregate.

    What do you think of this proposal ?

    opened by ghost 1
  • Login with Mail Address and LDAP fallback

    Login with Mail Address and LDAP fallback

    Hello, for internal user authentication we will use LDAP Adapter and for external users the Zend DB Adapter. All external users uses the mail address as username. Also with the LDAP Adapter we will use the email address as username. We have more external than internal users.

    1. How could the login login scheme look like?
    2. LDAP as Fallback Adapter?
    3. But how can we make sense that the LDAP also uses the mail address for the login? (first LDAP search and then bind with dn?)
    class AuthenticationService extends ZendAuthenticationService implements AuthenticationServiceInterface
    {
        /**
         * Authentication fallback adapter
         *
         * @var AdapterInterface
         */
        private $fallbackAdapter = null;
    
        /**
         * @param AdapterInterface $adapter
         * @return $this
         */
        public function setFallbackAdapter(AdapterInterface $adapter)
        {
            $this->fallbackAdapter = $adapter;
            return $this;
        }
    
        /**
         * @return AdapterInterface
         */
        public function getFallbackAdapter()
        {
            return $this->fallbackAdapter;
        }
    
        /**
         * @param AdapterInterface|null $fallbackAdapter
         * @return Result
         */
        public function fallbackAuthenticate(AdapterInterface $fallbackAdapter = null)
        {
            if (!$fallbackAdapter) {
                $fallbackAdapter = $this->getFallbackAdapter();
            }
    
            return $fallbackAdapter->authenticate();
        }
    
        /**
         * @return mixed
         */
        public function getIdentity()
        {
            if ($this->hasIdentity()) {
                $user = parent::getIdentity();
            } else {
                $user = new UserEntity();
                $user->setId(0);
                $user->setUsername('Gast');
                $user->setRole('guest');
            }
    
            return $user;
        }
    
    }
    

    @heiglandreas

    opened by mano87 4
  • Verify group membership

    Verify group membership

    i'm trying to implement multi servers ldap authentication mentioned in docs, the thing is auth process is flawless but with adding group to options parameters i get this: [0] => Account is not a member of the specified group [1] => Failed to verify group membership with (&(&(cn=grpTest)(grpTest=CN=Hamed Okhovvat,OU=IT,DC=Domain,DC=local))(objectClass=groupOfUniqueNames))

    Is there any recommendation to verify group membership? Thanks a lot in advance

    opened by iHamex 1
  • {Question] Why authenticate writes identity?

    {Question] Why authenticate writes identity?

    Hello. I wanted to ask, if there is a specific reason why authenticate() method also writes data to a storage? In ZF1 adapter only returned a result, which I think was the best possible solution. I think AuthService should only check data and prepare subclasses for further actions. In most cases, user won't need default identity but custom data. And now, if data is saved, it might cause bug ZF-7546 to re-appear. To prevent it, one should once again call clearIdentity() and write again after checking isValid().

    As an example, possible bug code scenario - time window logins. User can only login during 8 -16. Because of some extra blocking inside !isValid(), we treat it as valid authentication and made some extra redirects if time didn't match. Now if we forget to clear identity before redirecting, MVC identity plugin will return true. Which may then lead to another bugs if we expected array and identity is a string.

    opened by xorock 1
Releases(release-2.7.0)
  • release-2.7.0(May 14, 2019)

    Added

    • #44 adds support for PHP 7.3.
    • #47 adds configuration option to Zend\Authentication\Validator\Authentication for mapping custom authentication result codes to existing and new validation message types.

    Changed

    • #42 Changes authentication using Basic scheme to re-challenge the client when credentials in Authorization header can not be base64 decoded.

    Deprecated

    • Nothing.

    Removed

    • #44 removes support for zend-stdlib v2 releases.

    Fixed

    • Nothing.
    Source code(tar.gz)
    Source code(zip)
  • release-2.6.0(Apr 12, 2018)

    Added

    • #34 adds support for PHP 7.2.

    Changed

    • #14 modifies the Zend\Authentication\Validator\Authentication class such that it now will pull an adapter from the composed AuthenticationService instance if no authentication adapter is registered directly with the validator. This will only work if the adapter is a ValidatableAdapterInterface implementation (all AbstractAdapter instances are already implementations).

    Deprecated

    • Nothing.

    Removed

    • #30 removes support for HHVM.

    • #30 removes support for PHP 5.5.

    Fixed

    • Nothing.
    Source code(tar.gz)
    Source code(zip)
  • release-2.5.4(Apr 12, 2018)

    Added

    • #9 adds and publishes documentation to https://docs.zendframework.com/zend-authentication/

    Changed

    • Nothing.

    Deprecated

    • Nothing.

    Removed

    • Nothing.

    Fixed

    • #29 fixes how the HTTP Auth adapter treats credentials, ensuring it splits only on the first : character, and thus allows : characters as part of the password segment of the credential.
    Source code(tar.gz)
    Source code(zip)
  • release-2.5.3(Feb 29, 2016)

    Added

    • Nothing.

    Deprecated

    • Nothing.

    Removed

    • Nothing.

    Fixed

    • #8 updates dependencies to allow usage of zend-stdlib 3.0, and to require tests to pass against PHP 7.
    Source code(tar.gz)
    Source code(zip)
  • release-2.5.2(Jun 15, 2015)

    Added

    • #4 adds documentation, which can be compiled using bookdown: bookdown doc/bookdown.json; docs can then be viewed by starting a web server via php -S 0.0.0.0:8000 -t doc/html/ and browsing to http://localhost:8000/.

      (Add bookdown globally using composer global require bookdown/bookdown.)

    Deprecated

    • Nothing.

    Removed

    • Nothing.

    Fixed

    • Nothing.
    Source code(tar.gz)
    Source code(zip)
Owner
Zend Framework
Zend Framework
Authentication component from Zend Framework

zend-authentication Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-authentication. The Zend\Authentication component pro

Zend Framework 43 Jun 13, 2021
Serializer component from Zend Framework

zend-serializer Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-serializer. zend-serializer provides an adapter-based int

Zend Framework 45 Jan 13, 2022
ServiceManager component from Zend Framework

zend-servicemanager Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-servicemanager. Master: Develop: The Service Locator

Zend Framework 192 Nov 21, 2022
Console component from Zend Framework

zend-console Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-console. Zend\Console is a component to design and implement

Zend Framework 47 Mar 16, 2021
Cryptographic component from Zend Framework

zend-crypt Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-crypt. Zend\Crypt provides support of some cryptographic tools

Zend Framework 89 Dec 4, 2021
Db component from Zend Framework

zend-db Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-db. Zend\Db is a component that abstract the access to a Database

Zend Framework 98 Sep 5, 2022
Debug component from Zend Framework

zend-debug Zend\Debug is a component that help the debugging of PHP applications. In particular it offers a static method Zend\Debug\Debug::dump() tha

Zend Framework 12 Jan 29, 2020
Navigation component from Zend Framework

zend-navigation Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-navigation. Zend\Navigation is a component for managing t

Zend Framework 19 Jun 30, 2021
Json component from Zend Framework

zend-json Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-json. Zend\Json provides convenience methods for serializing na

Zend Framework 102 Nov 17, 2022
A panel created based on the Zend Framework MVC framework

?? Painel MyZap2.0 Com ZendFramework 3 Descrição Esse é um painel criado como estudo pessoal do framework (Zend Framework MVC) não foi criado para fin

Jonathan Henrique 9 Jun 10, 2022
Official Zend Framework repository

Welcome to the Zend Framework 3.0 Release! RELEASE INFORMATION Zend Framework 3.0.1dev This is the first maintenance release for the Zend Framework 3

Zend Framework 5.6k Dec 29, 2022
Converts a string to a slug. Includes integrations for Symfony, Silex, Laravel, Zend Framework 2, Twig, Nette and Latte.

cocur/slugify Converts a string into a slug. Developed by Florian Eckerstorfer in Vienna, Europe with the help of many great contributors. Features Re

Cocur 2.8k Dec 22, 2022
Zend Framework cache backend for MongoDB

Zend_Cache_Backend_Mongo Author: Anton Stöckl About Zend_Cache_Backend_Mongo is a Zend Framework Cache Backend for MongoDB. It supports tags and autoc

Anton Stöckl 12 Feb 19, 2020
A skeleton application using the Zend Framework MVC

This is a skeleton application using the Zend Framework MVC layer and module systems. This application is meant to be used as a starting place for those looking to get their feet wet with Zend Framework.

Zend Framework 1.5k Dec 15, 2022
💗 C++ wrapper for Zend API

PHP-X C++ wrapper for Zend API Requirements PHP 7.2 or later Linux/MacOS/Windows GCC 4.8 or later Composer Build phpx (bin) ./build.sh sudo cp bin/php

韩天峰-Rango 815 Dec 6, 2022
zend-config is designed to simplify access to configuration data within applications

zend-config is designed to simplify access to configuration data within applications

Zend Framework 89 Jan 13, 2022
zend-memory manages data in an environment with limited memory

Memory objects (memory containers) are generated by the memory manager, and transparently swapped/loaded when required.

Zend Framework 16 Aug 29, 2020
A clean and responsive interface for Zend OPcache information,

A clean and responsive interface for Zend OPcache information, showing statistics, settings and cached files, and providing a real-time update for the information.

Andrew Collington 1.1k Dec 27, 2022
Rinvex Authy is a simple wrapper for @Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise.

Rinvex Authy Rinvex Authy is a simple wrapper for Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest AP

Rinvex 34 Feb 14, 2022
Laravel Authentication Log is a package Log user authentication details and send new device notifications.

Laravel Authentication Log is a package which tracks your user's authentication information such as login/logout time, IP, Browser, Location, etc. as well as sends out notifications via mail, slack, or sms for new devices and failed logins.

Anthony Rappa 540 Jan 5, 2023