AuthenticationProviderFilterInterface.php 1.14 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
<?php

/**
 * @file
 * Contains \Drupal\Core\Authentication\AuthenticationProviderFilterInterface
 */

namespace Drupal\Core\Authentication;

use Symfony\Component\HttpFoundation\Request;

/**
 * Restrict authentication methods to a subset of the site.
 *
 * Some authentication methods should not be available throughout a whole site.
 * E.g., there are good reasons to restrict insecure methods like HTTP basic
 * auth or an URL token authentication method to API-only routes.
 */
interface AuthenticationProviderFilterInterface {

  /**
   * Checks whether the authentication method is allowed on a given route.
   *
   * While authentication itself is run before routing, this method is called
   * after routing, hence RouteMatch is available and can be used to inspect
   * route options.
   *
   * @param \Symfony\Component\HttpFoundation\Request $request
   *   The request.
   * @param bool $authenticated
   *   Whether or not the request is authenticated.
   *
   * @return bool
   *   TRUE if an authentication method is allowed on the request, otherwise
   *   FALSE.
   */
  public function appliesToRoutedRequest(Request $request, $authenticated);

}