A bit of context
I’m using Neos.Form.Builder
to define my forms with Fusion, and I’ve defined a new form finisher with the intent of reading the form values and authenticate the user via a UsernamePassword
token. I’m also relying on a provider defined by Flowpack.Neos.FrontendLogin
which, to my understanding, should match any request coming from the frontend.
The code
File: AuthenticateFinisher.php
<?php
namespace Vendor\Package\Finishers;
use Neos\Form\Core\Model\AbstractFinisher;
use Neos\Flow\Annotations as Flow;
use Neos\Flow\Security\Authentication\AuthenticationManagerInterface;
use Neos\Flow\Security\Exception\AuthenticationRequiredException;
use Neos\Flow\Security\Context;
class AuthenticateFinisher extends AbstractFinisher
{
/**
* @var AuthenticationManagerInterface
* @Flow\Inject
*/
protected $authenticationManager;
/**
* @var Context
* @Flow\Inject
*/
protected $securityContext;
protected function executeInternal()
{
$formRuntime = $this->finisherContext->getFormRuntime();
$formState = $formRuntime->getFormState();
$usernameField = $this->options['usernameField'];
$passwordField = $this->options['passwordField'];
$username = $formState->getFormValue($usernameField);
$password = $formState->getFormValue($passwordField);
$request = $formRuntime->getRequest();
$request->setArgument('__authentication.Neos.Flow.Security.Authentication.Token.UsernamePassword.username', $username);
$request->setArgument('__authentication.Neos.Flow.Security.Authentication.Token.UsernamePassword.password', $password);
$this->securityContext->setRequest($request);
// try {
$this->authenticationManager->authenticate();
// } catch (AuthenticationRequiredException $exception) {
// // log ?
// }
if (!$this->authenticationManager->isAuthenticated()) {
$this->finisherContext->cancel();
}
}
}
The Error
Could not authenticate any token.
Might be missing or wrong credentials or no authentication provider matched.
Exception Code 1222204027
Exception Type Neos\Flow\Security\Exception\NoTokensAuthenticatedException
Log Reference 20200904080139a213ac
Thrown in File Data/Temporary/Development/SubContextDocker/Cache/Code/Flow_Object_Classes/Neos_Flow_Security_Authentication_AuthenticationProviderManager.php
Line 188
Original File Packages/Framework/Neos.Flow/Classes/Security/Authentication/AuthenticationProviderManager.php
The question
Apparently, I’m not fully grasping the concept of tokens and authentication.
I’ve tried to completely clear the security context and start anew with my fabricated ActionRequest
, but that doesn’t work either.
I can confirm there are 3 providers at the moment: Neos.Neos:Backend
, Neos.Setup:Login
, and Flowpack.Neos.FrontendLogin:Frontend
. On top of that, the Flowpack package defines a requestPattern
on the backend and frontend providers, making them match each side accordingly.
As far as I know, that’s enough to trigger a token validation, which then should read the request and extract the internal arguments. However, that’s not going as expected.
How can I authenticate a user from a form finisher?
Any help would be appreciated.