diff options
| author | Johannes M. Schmitt <schmittjoh@gmail.com> | 2011-02-14 20:40:18 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2011-02-14 20:55:07 +0100 |
| commit | ea1f579363177d2145b828592044a1464eeee549 (patch) | |
| tree | 41f06a0e69838172aba6a6050a5abb3afbfd3d66 | |
| parent | 8935fffb1d647f46f071c7f1b4b20264240820c9 (diff) | |
| download | symfony-security-ea1f579363177d2145b828592044a1464eeee549.zip symfony-security-ea1f579363177d2145b828592044a1464eeee549.tar.gz symfony-security-ea1f579363177d2145b828592044a1464eeee549.tar.bz2 | |
[Security] fixes a bug in DigestAuthenticationListener
| -rw-r--r-- | Http/Firewall/DigestAuthenticationListener.php | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index 76517a4..490e409 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -82,13 +82,14 @@ class DigestAuthenticationListener implements ListenerInterface return; } + $digestAuth = new DigestData($header); + if (null !== $token = $this->securityContext->getToken()) { if ($token->isImmutable()) { return; } - // FIXME - if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $username) { + if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && (string) $token === $digestAuth->getUsername()) { return; } } @@ -97,8 +98,6 @@ class DigestAuthenticationListener implements ListenerInterface $this->logger->debug(sprintf('Digest Authorization header received from user agent: %s', $header)); } - $digestAuth = new DigestData($header); - try { $digestAuth->validateAndDecode($this->authenticationEntryPoint->getKey(), $this->authenticationEntryPoint->getRealmName()); } catch (BadCredentialsException $e) { |