Merge branch '2.8' into 3.0

* 2.8: [travis] Fix deps=low/high builds fixed CS skip test with current phpunit bridge Fix for #19183 to add support for new PHP MongoDB extension in sessions. [Console] Fix for block() padding formatting after #19189 [Security][Guard] check if session exist before using it bumped Symfony version to 2.8.9 updated VERSION for 2.8.8 updated CHANGELOG for 2.8.8 bumped Symfony version to 2.7.16 updated VERSION for 2.7.15 update CONTRIBUTORS for 2.7.15 updated CHANGELOG for 2.7.15 Fix some lowest deps Fixed typos in the expectedException annotations Conflicts: CHANGELOG-2.7.md CHANGELOG-3.0.md src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/composer.json src/Symfony/Component/Yaml/Tests/ParserTest.php
author: Nicolas Grekas <nicolas.grekas@gmail.com> 2016-07-01 17:14:41 +0200
committer: Nicolas Grekas <nicolas.grekas@gmail.com> 2016-07-01 17:14:41 +0200
commit: 4e06cf1b8ced0204d2b569caac39ce92c6e11717 (patch)
tree: 1c7f6f14cba62554b050eee5cb4249b7621c1c8b
parent: a06fcc9cfb7b9d1b51b59952df65ad8fcfdf17ac (diff)
parent: 3d8dfdd9c145b9a1689edf287430b73896ac53ec (diff)
download: symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.zip
symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.tar.gz
symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.tar.bz2
2 files changed, 222 insertions, 2 deletions
diff --git a/Guard/Authenticator/AbstractFormLoginAuthenticator.php b/Guard/Authenticator/AbstractFormLoginAuthenticator.php
index b3c6bd7..6d6d14e 100644
--- a/Guard/Authenticator/AbstractFormLoginAuthenticator.php
+++ b/Guard/Authenticator/AbstractFormLoginAuthenticator.php
@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Guard\Authenticator;
 
+use Symfony\Component\HttpFoundation\Session\SessionInterface;
 use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
@@ -52,7 +53,10 @@ abstract class AbstractFormLoginAuthenticator extends AbstractGuardAuthenticator
      */
     public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
     {
-        $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
+        if ($request->getSession() instanceof SessionInterface) {
+            $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
+        }
+
         $url = $this->getLoginUrl();
 
         return new RedirectResponse($url);
@@ -69,9 +73,13 @@ abstract class AbstractFormLoginAuthenticator extends AbstractGuardAuthenticator
      */
     public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
     {
+        $targetPath = null;
+
         // if the user hit a secure page and start() was called, this was
         // the URL they were on, and probably where you want to redirect to
-        $targetPath = $request->getSession()->get('_security.'.$providerKey.'.target_path');
+        if ($request->getSession() instanceof SessionInterface) {
+            $targetPath = $request->getSession()->get('_security.'.$providerKey.'.target_path');
+        }
 
         if (!$targetPath) {
             $targetPath = $this->getDefaultSuccessRedirectUrl();
diff --git a/Guard/Tests/Authenticator/FormLoginAuthenticatorTest.php b/Guard/Tests/Authenticator/FormLoginAuthenticatorTest.php
new file mode 100644
index 0000000..3dbbf84
--- /dev/null
+++ b/Guard/Tests/Authenticator/FormLoginAuthenticatorTest.php
@@ -0,0 +1,212 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Guard\Tests\Authenticator;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
+use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
+
+/**
+ * @author Jean Pasdeloup <jpasdeloup@sedona.fr>
+ */
+class FormLoginAuthenticatorTest extends \PHPUnit_Framework_TestCase
+{
+    private $requestWithoutSession;
+    private $requestWithSession;
+    private $authenticator;
+
+    const LOGIN_URL = 'http://login';
+    const DEFAULT_SUCCESS_URL = 'http://defaultsuccess';
+    const CUSTOM_SUCCESS_URL = 'http://customsuccess';
+
+    public function testAuthenticationFailureWithoutSession()
+    {
+        $failureResponse = $this->authenticator->onAuthenticationFailure($this->requestWithoutSession, new AuthenticationException());
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $failureResponse);
+        $this->assertEquals(self::LOGIN_URL, $failureResponse->getTargetUrl());
+    }
+
+    public function testAuthenticationFailureWithSession()
+    {
+        $this->requestWithSession->getSession()
+            ->expects($this->once())
+            ->method('set');
+
+        $failureResponse = $this->authenticator->onAuthenticationFailure($this->requestWithSession, new AuthenticationException());
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $failureResponse);
+        $this->assertEquals(self::LOGIN_URL, $failureResponse->getTargetUrl());
+    }
+
+    public function testAuthenticationSuccessWithoutSession()
+    {
+        $token = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')
+            ->disableOriginalConstructor()
+            ->getMock();
+
+        $redirectResponse = $this->authenticator->onAuthenticationSuccess($this->requestWithoutSession, $token, 'providerkey');
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $redirectResponse);
+        $this->assertEquals(self::DEFAULT_SUCCESS_URL, $redirectResponse->getTargetUrl());
+    }
+
+    public function testAuthenticationSuccessWithSessionButEmpty()
+    {
+        $token = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->requestWithSession->getSession()
+            ->expects($this->once())
+            ->method('get')
+            ->will($this->returnValue(null));
+
+        $redirectResponse = $this->authenticator->onAuthenticationSuccess($this->requestWithSession, $token, 'providerkey');
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $redirectResponse);
+        $this->assertEquals(self::DEFAULT_SUCCESS_URL, $redirectResponse->getTargetUrl());
+    }
+
+    public function testAuthenticationSuccessWithSessionAndTarget()
+    {
+        $token = $this->getMockBuilder('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->requestWithSession->getSession()
+            ->expects($this->once())
+            ->method('get')
+            ->will($this->returnValue(self::CUSTOM_SUCCESS_URL));
+
+        $redirectResponse = $this->authenticator->onAuthenticationSuccess($this->requestWithSession, $token, 'providerkey');
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $redirectResponse);
+        $this->assertEquals(self::CUSTOM_SUCCESS_URL, $redirectResponse->getTargetUrl());
+    }
+
+    public function testRememberMe()
+    {
+        $doSupport = $this->authenticator->supportsRememberMe();
+
+        $this->assertTrue($doSupport);
+    }
+
+    public function testStartWithoutSession()
+    {
+        $failureResponse = $this->authenticator->start($this->requestWithoutSession, new AuthenticationException());
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $failureResponse);
+        $this->assertEquals(self::LOGIN_URL, $failureResponse->getTargetUrl());
+    }
+
+    public function testStartWithSession()
+    {
+        $failureResponse = $this->authenticator->start($this->requestWithSession, new AuthenticationException());
+
+        $this->assertInstanceOf('Symfony\\Component\\HttpFoundation\\RedirectResponse', $failureResponse);
+        $this->assertEquals(self::LOGIN_URL, $failureResponse->getTargetUrl());
+    }
+
+    protected function setUp()
+    {
+        $this->requestWithoutSession = new Request(array(), array(), array(), array(), array(), array());
+        $this->requestWithSession = new Request(array(), array(), array(), array(), array(), array());
+
+        $session = $this->getMockBuilder('Symfony\\Component\\HttpFoundation\\Session\\SessionInterface')
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->requestWithSession->setSession($session);
+
+        $this->authenticator = new TestFormLoginAuthenticator();
+        $this->authenticator
+            ->setLoginUrl(self::LOGIN_URL)
+            ->setDefaultSuccessRedirectUrl(self::DEFAULT_SUCCESS_URL)
+        ;
+    }
+
+    protected function tearDown()
+    {
+        $this->request = null;
+        $this->requestWithSession = null;
+    }
+}
+
+class TestFormLoginAuthenticator extends AbstractFormLoginAuthenticator
+{
+    private $loginUrl;
+    private $defaultSuccessRedirectUrl;
+
+    /**
+     * @param mixed $defaultSuccessRedirectUrl
+     *
+     * @return TestFormLoginAuthenticator
+     */
+    public function setDefaultSuccessRedirectUrl($defaultSuccessRedirectUrl)
+    {
+        $this->defaultSuccessRedirectUrl = $defaultSuccessRedirectUrl;
+
+        return $this;
+    }
+
+    /**
+     * @param mixed $loginUrl
+     *
+     * @return TestFormLoginAuthenticator
+     */
+    public function setLoginUrl($loginUrl)
+    {
+        $this->loginUrl = $loginUrl;
+
+        return $this;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getLoginUrl()
+    {
+        return $this->loginUrl;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function getDefaultSuccessRedirectUrl()
+    {
+        return $this->defaultSuccessRedirectUrl;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getCredentials(Request $request)
+    {
+        return 'credentials';
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getUser($credentials, UserProviderInterface $userProvider)
+    {
+        return $userProvider->loadUserByUsername($credentials);
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function checkCredentials($credentials, UserInterface $user)
+    {
+        return true;
+    }
+}
author	Nicolas Grekas <nicolas.grekas@gmail.com>	2016-07-01 17:14:41 +0200
committer	Nicolas Grekas <nicolas.grekas@gmail.com>	2016-07-01 17:14:41 +0200
commit	4e06cf1b8ced0204d2b569caac39ce92c6e11717 (patch)
tree	1c7f6f14cba62554b050eee5cb4249b7621c1c8b
parent	a06fcc9cfb7b9d1b51b59952df65ad8fcfdf17ac (diff)
parent	3d8dfdd9c145b9a1689edf287430b73896ac53ec (diff)
download	symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.zip symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.tar.gz symfony-security-4e06cf1b8ced0204d2b569caac39ce92c6e11717.tar.bz2