Repository abandoned 2019-12-31
This repository has moved to laminas/laminas-authentication.
The Zend\Authentication component provides an API for authentication and includes concrete authentication adapters for common use case scenarios.
This is just a first stab, but I have a script that can do this now - @weierophinney does this look right to you? I haven't tried rendering with Bookdown yet.
documentationAttempted composer require zendframework/zend-authentication on the latest zf3 framework. Produced the following error:
[InvalidArgumentException]
Could not find package require at any version for your minimum-stability (d
ev). Check the package spelling or your minimum-stability
Typo []Account Name Canonicalization] was corrected to [Account Name Canonicalization] so it is a valid markdown link.
This allows the client code to supply his own domain-specific error codes. In my case these were expired account, disabled account, and password not set up.
It is also necessary for the client to supplement $this->messageTemplates and extend the Result class but this is already possible.
[x] Are you creating a new feature?
develop branch, and submit against that branch.CHANGELOG.md entry for the new feature.[x] Is this related to quality assurance? Yes. Because my users are often confused by the generic error message when they can't log in
When using zend-authentication with ZF3, it seems that identity view helper requires that you register Zend\Authentication\AuthenticationService (literally) in your config file:
'service_manager' => [
'factories' => [
'Zend\Authentication\AuthenticationService' => Service\Factory\AuthenticationServiceFactory::class,
],
],
But, I expect that I should register this service with the ::class keyword, as follows:
'service_manager' => [
'factories' => [
Zend\Authentication\AuthenticationService::class => Service\Factory\AuthenticationServiceFactory::class,
],
],
However, this doesn't work. Is this a bug?
question awaiting author updatesThis PR adds feature to configure Authentication validator with user defined authentication result codes and their corresponding validation messages. Solves #41
code_map added. It is an array of [int $resultCode => string $validatorMessageKey].
Custom validator message key can be specified which is then registered as a new template that can be modified using common ways provided by Zend\Validator\AbstractValidator: setMessage() method or messages option.develop branch, and submit against that branch.CHANGELOG.md entry for the new feature.Fixes #13
CredentialTreatmentAdapter provides md5() in its usage example which might prompt users to utilize insecure practices. This PR removes md5() usage from the documentation and adds further guidance towards CallbackCheckAdapter and PHP functions password_hash() and password_verify()Zend\Authentication\Adapter\DbTable\AbstractAdapter allows only table name but not schema. Maybe it would be better to allow TableIdentifier instead of string?
Authentication validator is able to use adapter from the given AuthenticationService:
use My\Authentication\Adapter;
use My\Authentication\Storage;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Validator\Authentication as AuthenticationValidator;
$adapter = new Adapter();
$storage = new Storage();
$service = new AuthenticationService($storage, $adapter);
$validator = new AuthenticationValidator([
'service' => $service,
]);
$validator->setIdentity('username');
$validator->isValid('password');
It tears my soul that documentation about authentication mentions md5 so much. There is even an example how to use Autheticatin with md5. MD5 is insecure and todays RDBS support newer and secure methods.... (There is also md5 note in code comments)
https://docs.zendframework.com/zend-authentication/adapter/dbtable/credential-treatment/
help wanted documentationThis patch incorporates feedback provided on #14; I was unable to push to the author's repository, so I am instead opening a new pull request.
The patch incorporates all changes in #14, plus some changes recommended and/or required on review.
What the patch accomplishes is the ability for a Zend\Authentication\Validator\Authentication to use the authentication adapter in the composed AuthenticationService instance when:
ValidatableAdapterInterface instanceThis simplifies usage, as the consumer of the validator no longer needs direct access to the authentication adapter.
I'm looking for a way to check if my user really exists before I authenticate it.
Is this library capable of doing so or do I need to use \Zend\Ldap for this ?
It would be a pity if you need to use \Zend\Ldap as the serveroptions differ.
Authentication adapter and validator are the same. The authentication service provides input to adapter, which validates the identity and returns a result. With the proposed revision of Zend\Validator, we also have the ability to chain adapters and aggregate results which can be useful in Zend\Authentication. We could add these missing features to the Zend\Authentication component.
As adapters validate identity, they could be renamed to Validator or moved to Zend\Validator, which would make Zend\Authentication dependent on Zend\Validator ?
Currently, the content of Zend\Authentication\Result::identity is not clear if the result is not valid. Most of time, it returns null, but sometimes it returns an empty array, or the provided identity.
The documentation says two different things about this:
getIdentity() returns the identity of the authentication attempt.
$identity is the value representing the authenticated identity. This may be any PHP type; typically you will see a string username or token, or an object type specific to the application or login module you utilize. When the result represents a failure to authenticate, this will often be null; some systems will provide a default identity in such cases.
So, on authentication failure, should the getIdentity() method always return the identity of the authentication attempt, or can it return whatever it wants?
I think it should not return identity if the authentication fails, as this method is intended to provide identity to the storage on successful authentication.
To sum up, I would like the Zend\Authentication component to :
![[Proposal] Refactor to work in the same way as the proposed revision of Zend\Validator](https://avatars.githubusercontent.com/u/10137?v=4)
Result interface modeling the results of authentication; it would compose the identity validated which will be use in authentication storage (only if authentication succeeded, otherwise it throws an error or returns null), authentication status, and, if present, any authentication error messages.validate() (authenticate()) method, accepting both a value and optional context, and return a Result instance.ResultAggregate interface for aggregating several results, as is necessary in a ValidatorChain (AdapterChain); Result instances would be pushed upon an aggregate.What do you think of this proposal ?
Hello, for internal user authentication we will use LDAP Adapter and for external users the Zend DB Adapter. All external users uses the mail address as username. Also with the LDAP Adapter we will use the email address as username. We have more external than internal users.
class AuthenticationService extends ZendAuthenticationService implements AuthenticationServiceInterface
{
/**
* Authentication fallback adapter
*
* @var AdapterInterface
*/
private $fallbackAdapter = null;
/**
* @param AdapterInterface $adapter
* @return $this
*/
public function setFallbackAdapter(AdapterInterface $adapter)
{
$this->fallbackAdapter = $adapter;
return $this;
}
/**
* @return AdapterInterface
*/
public function getFallbackAdapter()
{
return $this->fallbackAdapter;
}
/**
* @param AdapterInterface|null $fallbackAdapter
* @return Result
*/
public function fallbackAuthenticate(AdapterInterface $fallbackAdapter = null)
{
if (!$fallbackAdapter) {
$fallbackAdapter = $this->getFallbackAdapter();
}
return $fallbackAdapter->authenticate();
}
/**
* @return mixed
*/
public function getIdentity()
{
if ($this->hasIdentity()) {
$user = parent::getIdentity();
} else {
$user = new UserEntity();
$user->setId(0);
$user->setUsername('Gast');
$user->setRole('guest');
}
return $user;
}
}
@heiglandreas
i'm trying to implement multi servers ldap authentication mentioned in docs, the thing is auth process is flawless but with adding group to options parameters i get this:
[0] => Account is not a member of the specified group [1] => Failed to verify group membership with (&(&(cn=grpTest)(grpTest=CN=Hamed Okhovvat,OU=IT,DC=Domain,DC=local))(objectClass=groupOfUniqueNames))
Is there any recommendation to verify group membership? Thanks a lot in advance
Hello. I wanted to ask, if there is a specific reason why authenticate() method also writes data to a storage? In ZF1 adapter only returned a result, which I think was the best possible solution. I think AuthService should only check data and prepare subclasses for further actions. In most cases, user won't need default identity but custom data. And now, if data is saved, it might cause bug ZF-7546 to re-appear. To prevent it, one should once again call clearIdentity() and write again after checking isValid().
As an example, possible bug code scenario - time window logins. User can only login during 8 -16. Because of some extra blocking inside !isValid(), we treat it as valid authentication and made some extra redirects if time didn't match. Now if we forget to clear identity before redirecting, MVC identity plugin will return true. Which may then lead to another bugs if we expected array and identity is a string.
Zend\Authentication\Validator\Authentication for mapping custom authentication result codes to existing and new validation message types.Zend\Authentication\Validator\Authentication class such that
it now will pull an adapter from the composed AuthenticationService instance if no
authentication adapter is registered directly with the validator. This will only work
if the adapter is a ValidatableAdapterInterface implementation (all AbstractAdapter
instances are already implementations).: character, and thus allows : characters
as part of the password segment of the credential.#4 adds documentation, which can be compiled using bookdown: bookdown doc/bookdown.json; docs can then be viewed by starting a web server via php -S 0.0.0.0:8000 -t doc/html/ and browsing to http://localhost:8000/.
(Add bookdown globally using composer global require bookdown/bookdown.)
zend-authentication Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-authentication. The Zend\Authentication component pro
zend-serializer Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-serializer. zend-serializer provides an adapter-based int
zend-servicemanager Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-servicemanager. Master: Develop: The Service Locator
zend-console Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-console. Zend\Console is a component to design and implement
zend-crypt Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-crypt. Zend\Crypt provides support of some cryptographic tools
zend-db Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-db. Zend\Db is a component that abstract the access to a Database
zend-debug Zend\Debug is a component that help the debugging of PHP applications. In particular it offers a static method Zend\Debug\Debug::dump() tha
zend-navigation Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-navigation. Zend\Navigation is a component for managing t
zend-json Repository abandoned 2019-12-31 This repository has moved to laminas/laminas-json. Zend\Json provides convenience methods for serializing na
?? Painel MyZap2.0 Com ZendFramework 3 Descrição Esse é um painel criado como estudo pessoal do framework (Zend Framework MVC) não foi criado para fin
Welcome to the Zend Framework 3.0 Release! RELEASE INFORMATION Zend Framework 3.0.1dev This is the first maintenance release for the Zend Framework 3
cocur/slugify Converts a string into a slug. Developed by Florian Eckerstorfer in Vienna, Europe with the help of many great contributors. Features Re
Zend_Cache_Backend_Mongo Author: Anton Stöckl About Zend_Cache_Backend_Mongo is a Zend Framework Cache Backend for MongoDB. It supports tags and autoc
This is a skeleton application using the Zend Framework MVC layer and module systems. This application is meant to be used as a starting place for those looking to get their feet wet with Zend Framework.
PHP-X C++ wrapper for Zend API Requirements PHP 7.2 or later Linux/MacOS/Windows GCC 4.8 or later Composer Build phpx (bin) ./build.sh sudo cp bin/php
zend-config is designed to simplify access to configuration data within applications
Memory objects (memory containers) are generated by the memory manager, and transparently swapped/loaded when required.
A clean and responsive interface for Zend OPcache information, showing statistics, settings and cached files, and providing a real-time update for the information.
Rinvex Authy Rinvex Authy is a simple wrapper for Authy TOTP API, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest AP
Laravel Authentication Log is a package which tracks your user's authentication information such as login/logout time, IP, Browser, Location, etc. as well as sends out notifications via mail, slack, or sms for new devices and failed logins.
43 Jun 13, 2021
9 Jun 10, 2022
2.8k Dec 22, 2022
12 Feb 19, 2020
815 Dec 6, 2022
1.1k Dec 27, 2022
34 Feb 14, 2022
540 Jan 5, 2023