3 * Zend Framework (http://framework.zend.com/)
5 * @link http://github.com/zendframework/zf2 for the canonical source repository
6 * @copyright Copyright (c) 2005-2013 Zend Technologies USA Inc. (http://www.zend.com)
7 * @license http://framework.zend.com/license/new-bsd New BSD License
10 namespace Zend\Authentication\Adapter\DbTable
;
12 use Zend\Authentication\Result
as AuthenticationResult
;
13 use Zend\Db\Adapter\Adapter
as DbAdapter
;
15 use Zend\Db\Sql\Expression
as SqlExpr
;
16 use Zend\Db\Sql\Predicate\Operator
as SqlOp
;
18 class CredentialTreatmentAdapter
extends AbstractAdapter
21 * $credentialTreatment - Treatment applied to the credential, such as MD5() or PASSWORD()
25 protected $credentialTreatment = null;
28 * __construct() - Sets configuration options
30 * @param DbAdapter $zendDb
31 * @param string $tableName Optional
32 * @param string $identityColumn Optional
33 * @param string $credentialColumn Optional
34 * @param string $credentialTreatment Optional
36 public function __construct(
39 $identityColumn = null,
40 $credentialColumn = null,
41 $credentialTreatment = null
43 parent
::__construct($zendDb, $tableName, $identityColumn, $credentialColumn);
45 if (null !== $credentialTreatment) {
46 $this->setCredentialTreatment($credentialTreatment);
51 * setCredentialTreatment() - allows the developer to pass a parametrized string that is
52 * used to transform or treat the input credential data.
54 * In many cases, passwords and other sensitive data are encrypted, hashed, encoded,
55 * obscured, or otherwise treated through some function or algorithm. By specifying a
56 * parametrized treatment string with this method, a developer may apply arbitrary SQL
57 * upon input credential data.
64 * @param string $treatment
65 * @return DbTable Provides a fluent interface
67 public function setCredentialTreatment($treatment)
69 $this->credentialTreatment
= $treatment;
74 * _authenticateCreateSelect() - This method creates a Zend\Db\Sql\Select object that
75 * is completely configured to be queried against the database.
79 protected function authenticateCreateSelect()
81 // build credential expression
82 if (empty($this->credentialTreatment
) ||
(strpos($this->credentialTreatment
, '?') === false)) {
83 $this->credentialTreatment
= '?';
86 $credentialExpression = new SqlExpr(
87 '(CASE WHEN ?' . ' = ' . $this->credentialTreatment
. ' THEN 1 ELSE 0 END) AS ?',
88 array($this->credentialColumn
, $this->credential
, 'zend_auth_credential_match'),
89 array(SqlExpr
::TYPE_IDENTIFIER
, SqlExpr
::TYPE_VALUE
, SqlExpr
::TYPE_IDENTIFIER
)
93 $dbSelect = clone $this->getDbSelect();
94 $dbSelect->from($this->tableName
)
95 ->columns(array('*', $credentialExpression))
96 ->where(new SqlOp($this->identityColumn
, '=', $this->identity
));
102 * _authenticateValidateResult() - This method attempts to validate that
103 * the record in the resultset is indeed a record that matched the
104 * identity provided to this adapter.
106 * @param array $resultIdentity
107 * @return AuthenticationResult
109 protected function authenticateValidateResult($resultIdentity)
111 if ($resultIdentity['zend_auth_credential_match'] != '1') {
112 $this->authenticateResultInfo
['code'] = AuthenticationResult
::FAILURE_CREDENTIAL_INVALID
;
113 $this->authenticateResultInfo
['messages'][] = 'Supplied credential is invalid.';
114 return $this->authenticateCreateAuthResult();
117 unset($resultIdentity['zend_auth_credential_match']);
118 $this->resultRow
= $resultIdentity;
120 $this->authenticateResultInfo
['code'] = AuthenticationResult
::SUCCESS
;
121 $this->authenticateResultInfo
['messages'][] = 'Authentication successful.';
122 return $this->authenticateCreateAuthResult();