diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2015-11-23 11:22:15 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2015-11-23 11:22:15 +0100 |
| commit | 1500a2ceb20b1bcf908f07ee2104225b3e35ee65 (patch) | |
| tree | 5e737b12076ed9c14f39193b7b2c0132468c9050 | |
| parent | f0ebcd061a1a7875de332d36de9c50a416885caa (diff) | |
| parent | cc98e8c84c84b9ffda2544762c41bfee8e192b72 (diff) | |
| download | symfony-security-1500a2ceb20b1bcf908f07ee2104225b3e35ee65.zip symfony-security-1500a2ceb20b1bcf908f07ee2104225b3e35ee65.tar.gz symfony-security-1500a2ceb20b1bcf908f07ee2104225b3e35ee65.tar.bz2 | |
security #16631 n/a (xabbuh)v2.3.35
This PR was merged into the 2.3 branch.
Discussion
----------
n/a
n/a
Commits
-------
f88e600 migrate session after remember me authentication
| -rw-r--r-- | Http/Firewall/RememberMeListener.php | 8 | ||||
| -rw-r--r-- | Tests/Http/Firewall/RememberMeListenerTest.php | 63 |
2 files changed, 71 insertions, 0 deletions
diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 942e537..52a231c 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -20,6 +20,7 @@ use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\EventDispatcher\EventDispatcherInterface; +use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategy; /** * RememberMeListener implements authentication capabilities via a cookie. @@ -33,6 +34,7 @@ class RememberMeListener implements ListenerInterface private $authenticationManager; private $logger; private $dispatcher; + private $sessionStrategy; /** * Constructor. @@ -50,6 +52,7 @@ class RememberMeListener implements ListenerInterface $this->authenticationManager = $authenticationManager; $this->logger = $logger; $this->dispatcher = $dispatcher; + $this->sessionStrategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE); } /** @@ -70,6 +73,11 @@ class RememberMeListener implements ListenerInterface try { $token = $this->authenticationManager->authenticate($token); + + if ($request->hasSession() && $request->getSession()->isStarted()) { + $this->sessionStrategy->onAuthentication($request, $token); + } + $this->securityContext->setToken($token); if (null !== $this->dispatcher) { diff --git a/Tests/Http/Firewall/RememberMeListenerTest.php b/Tests/Http/Firewall/RememberMeListenerTest.php index 067cacb..ad96243 100644 --- a/Tests/Http/Firewall/RememberMeListenerTest.php +++ b/Tests/Http/Firewall/RememberMeListenerTest.php @@ -138,6 +138,69 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($event); } + public function testSessionStrategy() + { + list($listener, $tokenStorage, $service, $manager) = $this->getListener(false, true, true); + + $tokenStorage + ->expects($this->once()) + ->method('getToken') + ->will($this->returnValue(null)) + ; + + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + $service + ->expects($this->once()) + ->method('autoLogin') + ->will($this->returnValue($token)) + ; + + $tokenStorage + ->expects($this->once()) + ->method('setToken') + ->with($this->equalTo($token)) + ; + + $manager + ->expects($this->once()) + ->method('authenticate') + ->will($this->returnValue($token)) + ; + + $session = $this->getMock('\Symfony\Component\HttpFoundation\Session\SessionInterface'); + $session + ->expects($this->once()) + ->method('isStarted') + ->will($this->returnValue(true)) + ; + $session + ->expects($this->once()) + ->method('migrate') + ; + + $request = $this->getMock('\Symfony\Component\HttpFoundation\Request'); + $request + ->expects($this->any()) + ->method('hasSession') + ->will($this->returnValue(true)) + ; + + $request + ->expects($this->any()) + ->method('getSession') + ->will($this->returnValue($session)) + ; + + $event = $this->getGetResponseEvent(); + $event + ->expects($this->once()) + ->method('getRequest') + ->will($this->returnValue($request)) + ; + + $listener->handle($event); + } + protected function getGetResponseEvent() { return $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); |