PHP Symfony2 custom authentication without database (SOAP)

Question

I have a soap to authenticate users

<?php
$client = new SoapClient('http://mysite/code/soap.wsdl');
$user   = $client->login('username','password');

if( isset($user['IdAccount']) && ($user['IdAccount'] > 0) )
   echo 'Logon OK';
else
   echo 'Logon Fail!';

I would like to use in Symfony2 without database, only in memory...

I tried to implement a Custom UserProvider, but I do not have all the data needed to make it work...

class WebserviceUserProvider implements UserProviderInterface
{
    public function loadUserByUsername($username)
    {
        $client = new SoapClient('http://mysite/code/soap.wsdl');

        $user   = $client->login($username, PASSWORD???? );

        if ( isset($user['IdAccount']) && ($user['IdAccount'] > 0) ) 
            return new WebserviceUser($username, PASSWORD????, SALT???, ROLES????);

        throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)
    );
}

I can not change the soap

sorry for my bad english! :(

Answer 1

As I understand, you want to use form authentication and check password using SOAP service.

If you use Symfony 2.4 or above, you can use SimpleFormAuthenticatorInterface

Example implementation:

// ... namespace and uses

class Authenticator implements SimpleFormAuthenticatorInterface
{
    private $soapClient;

    public function __construct(\SoapClient $soapClient)
    {
        $this->soapClient = $soapClient;
    }

    public function authenticateToken(TokenInterface $token, UserProviderInterface $userProvider, $providerKey)
    {
        $user = $this->soapClient->login($token->getUsername(), $token->getCredentials());
        if (isset($user['IdAccount']) && ($user['IdAccount'] > 0)) {
            $user = $userProvider->loadUserByUsername($token->getUsername());
            return new UsernamePasswordToken(
                $user,
                null,
                $providerKey,
                $user->getRoles()
            );
        }

        throw new AuthenticationException('Invalid username or password');
    }

    public function supportsToken(TokenInterface $token, $providerKey)
    {
        return $token instanceof UsernamePasswordToken
            && $token->getProviderKey() === $providerKey;
    }

    public function createToken(Request $request, $username, $password, $providerKey)
    {
        return new UsernamePasswordToken($username, $password, $providerKey);
    }
}