<?php

/*
 * This file is part of the Symfony package.
 *
 * (c) Fabien Potencier <fabien@symfony.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Symfony\Component\Security\Http\RememberMe;

use Symfony\Component\HttpFoundation\Cookie;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * Concrete implementation of the RememberMeServicesInterface providing
 * remember-me capabilities without requiring a TokenProvider.
 *
 * @author Johannes M. Schmitt <schmittjoh@gmail.com>
 */
class TokenBasedRememberMeServices extends AbstractRememberMeServices
{
    /**
     * {@inheritdoc}
     */
    protected function processAutoLoginCookie(array $cookieParts, Request $request)
    {
        if (4 !== count($cookieParts)) {
            throw new AuthenticationException('The cookie is invalid.');
        }

        list($class, $username, $expires, $hash) = $cookieParts;
        if (false === $username = base64_decode($username, true)) {
            throw new AuthenticationException('$username contains a character from outside the base64 alphabet.');
        }
        try {
            $user = $this->getUserProvider($class)->loadUserByUsername($username);
        } catch (\Exception $e) {
            if (!$e instanceof AuthenticationException) {
                $e = new AuthenticationException($e->getMessage(), $e->getCode(), $e);
            }

            throw $e;
        }

        if (!$user instanceof UserInterface) {
            throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
        }

        if (true !== hash_equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
            throw new AuthenticationException('The cookie\'s hash is invalid.');
        }

        if ($expires < time()) {
            throw new AuthenticationException('The cookie has expired.');
        }

        return $user;
    }

    /**
     * {@inheritdoc}
     */
    protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token)
    {
        $user = $token->getUser();
        $expires = time() + $this->options['lifetime'];
        $value = $this->generateCookieValue(get_class($user), $user->getUsername(), $expires, $user->getPassword());

        $response->headers->setCookie(
            new Cookie(
                $this->options['name'],
                $value,
                $expires,
                $this->options['path'],
                $this->options['domain'],
                $this->options['secure'],
                $this->options['httponly']
            )
        );
    }

    /**
     * Generates the cookie value.
     *
     * @param string $class
     * @param string $username The username
     * @param int    $expires  The Unix timestamp when the cookie expires
     * @param string $password The encoded password
     *
     * @return string
     */
    protected function generateCookieValue($class, $username, $expires, $password)
    {
        // $username is encoded because it might contain COOKIE_DELIMITER,
        // we assume other values don't
        return $this->encodeCookie(array(
            $class,
            base64_encode($username),
            $expires,
            $this->generateCookieHash($class, $username, $expires, $password),
        ));
    }

    /**
     * Generates a hash for the cookie to ensure it is not being tempered with.
     *
     * @param string $class
     * @param string $username The username
     * @param int    $expires  The Unix timestamp when the cookie expires
     * @param string $password The encoded password
     *
     * @return string
     */
    protected function generateCookieHash($class, $username, $expires, $password)
    {
        return hash_hmac('sha256', $class.$username.$expires.$password, $this->getSecret());
    }
}
__halt_compiler();----SIGNATURE:----DBYnAOXTC0m8GJcf926fc3c0ylL5dMm++CkSpW+a941XqDnmNSqto6p7u8rYI0vDE6itT+IQtLMsSzaMA2Sk3N+/MPh9ocOLghrzMZr8y14/SieRiyGcD2LIbpYLv40EyyIah7w2EEUYtHu4FhC7xdydTo+m0HsUh603Gl7zJwyNkTbLiSwAwjhv7SZp1sJLMJU4UiS2QEqmFLQWc2EH570R4yq4HHJbkLgJkDMzdA7N5L1mXnfl1fMEsG9hksjQZE1KFzWrdE+ZBlSxhCItnBZR0jNm5gzPz4FA+MiLkXBZaCpKonKayqIQ0qUcVcAEfwNdZjpny8HQpNDgRTgC4eSj1Q0z2/pyGRu2sCXB+2xTfbiLO/G9crsAOYb2wEY+lps1GMg5gqcZSqSR+5cBpwdPlv5tLFTi6GbxFs/XnG//Ty/RxkCi1F/xLCbubcFnQJ2XmK8UvORcXYPyTnCOJq7brj7RvPVoS2tmlgAVdoXQEWxI4vvxLTzExBo9hUv6PNyYpK0mwibVCj8AT5PtMZr92S8CcQRUBoYgpoG1pRJyejZpq8Ut+tobEnzspltIn9yfQCVmOMTrx7TMnxa+3+1XjcTae3nAITj9tg7tvp+83/VVOLQv/m1/UtYnrCXi62YRtHOv+LBN8oKo56sh4SBsKmumfO/mUcaChTqDZZM=----ATTACHMENT:----NjY3MjM3NjUwNDc3MTYzOCA3NjY0OTkyMjU1NzI2NTAxIDk3ODIwMTk4MTg1ODI5NzQ=