diff options
| author | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-07-02 08:18:34 +0200 |
|---|---|---|
| committer | Nicolas Grekas <nicolas.grekas@gmail.com> | 2015-07-02 08:18:34 +0200 |
| commit | bda622ef2c5226c3123df629167b0eeccb7127e7 (patch) | |
| tree | 1a1c7a4ed5f9c4acc1bd02382daf308157f94db0 /Core | |
| parent | 3b3cfe0bb49fc0e330dd731705bff6cd8d6f93f6 (diff) | |
| parent | 2a1a7a58fbecdb00d8a2546252e5e276f2a1d53c (diff) | |
| download | symfony-security-bda622ef2c5226c3123df629167b0eeccb7127e7.zip symfony-security-bda622ef2c5226c3123df629167b0eeccb7127e7.tar.gz symfony-security-bda622ef2c5226c3123df629167b0eeccb7127e7.tar.bz2 | |
Merge branch '2.8'
* 2.8:
[travis] start hhvm first
[DX] [Security] Renamed Token#getKey() to getSecret()
[Validator] always evaluate binary format when changed
Conflicts:
.travis.yml
src/Symfony/Component/Security/Http/composer.json
Diffstat (limited to 'Core')
8 files changed, 77 insertions, 51 deletions
diff --git a/Core/Authentication/Provider/AnonymousAuthenticationProvider.php b/Core/Authentication/Provider/AnonymousAuthenticationProvider.php index 7fbbf85..ff3d15f 100644 --- a/Core/Authentication/Provider/AnonymousAuthenticationProvider.php +++ b/Core/Authentication/Provider/AnonymousAuthenticationProvider.php @@ -22,16 +22,22 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; */ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface { - private $key; + /** + * Used to determine if the token is created by the application + * instead of a malicious client. + * + * @var string + */ + private $secret; /** * Constructor. * - * @param string $key The key shared with the authentication token + * @param string $secret The secret shared with the AnonymousToken */ - public function __construct($key) + public function __construct($secret) { - $this->key = $key; + $this->secret = $secret; } /** @@ -43,7 +49,7 @@ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface return; } - if ($this->key !== $token->getKey()) { + if ($this->secret !== $token->getSecret()) { throw new BadCredentialsException('The Token does not contain the expected key.'); } diff --git a/Core/Authentication/Provider/RememberMeAuthenticationProvider.php b/Core/Authentication/Provider/RememberMeAuthenticationProvider.php index 82be1d1..f0a74eb 100644 --- a/Core/Authentication/Provider/RememberMeAuthenticationProvider.php +++ b/Core/Authentication/Provider/RememberMeAuthenticationProvider.php @@ -19,20 +19,20 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException; class RememberMeAuthenticationProvider implements AuthenticationProviderInterface { private $userChecker; - private $key; + private $secret; private $providerKey; /** * Constructor. * * @param UserCheckerInterface $userChecker An UserCheckerInterface interface - * @param string $key A key - * @param string $providerKey A provider key + * @param string $secret A secret + * @param string $providerKey A provider secret */ - public function __construct(UserCheckerInterface $userChecker, $key, $providerKey) + public function __construct(UserCheckerInterface $userChecker, $secret, $providerKey) { $this->userChecker = $userChecker; - $this->key = $key; + $this->secret = $secret; $this->providerKey = $providerKey; } @@ -45,14 +45,14 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac return; } - if ($this->key !== $token->getKey()) { - throw new BadCredentialsException('The presented key does not match.'); + if ($this->secret !== $token->getSecret()) { + throw new BadCredentialsException('The presented secret does not match.'); } $user = $token->getUser(); $this->userChecker->checkPreAuth($user); - $authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->key); + $authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->secret); $authenticatedToken->setAttributes($token->getAttributes()); return $authenticatedToken; diff --git a/Core/Authentication/Token/AnonymousToken.php b/Core/Authentication/Token/AnonymousToken.php index 571816c..22fc611 100644 --- a/Core/Authentication/Token/AnonymousToken.php +++ b/Core/Authentication/Token/AnonymousToken.php @@ -20,20 +20,20 @@ use Symfony\Component\Security\Core\Role\RoleInterface; */ class AnonymousToken extends AbstractToken { - private $key; + private $secret; /** * Constructor. * - * @param string $key The key shared with the authentication provider - * @param string $user The user - * @param RoleInterface[] $roles An array of roles + * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client + * @param string $user The user + * @param RoleInterface[] $roles An array of roles */ - public function __construct($key, $user, array $roles = array()) + public function __construct($secret, $user, array $roles = array()) { parent::__construct($roles); - $this->key = $key; + $this->secret = $secret; $this->setUser($user); $this->setAuthenticated(true); } @@ -47,13 +47,23 @@ class AnonymousToken extends AbstractToken } /** - * Returns the key. - * - * @return string The Key + * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead. */ public function getKey() { - return $this->key; + @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED); + + return $this->getSecret(); + } + + /** + * Returns the secret. + * + * @return string + */ + public function getSecret() + { + return $this->secret; } /** @@ -61,7 +71,7 @@ class AnonymousToken extends AbstractToken */ public function serialize() { - return serialize(array($this->key, parent::serialize())); + return serialize(array($this->secret, parent::serialize())); } /** @@ -69,7 +79,7 @@ class AnonymousToken extends AbstractToken */ public function unserialize($serialized) { - list($this->key, $parentStr) = unserialize($serialized); + list($this->secret, $parentStr) = unserialize($serialized); parent::unserialize($parentStr); } } diff --git a/Core/Authentication/Token/RememberMeToken.php b/Core/Authentication/Token/RememberMeToken.php index 609fdad..60e36f2 100644 --- a/Core/Authentication/Token/RememberMeToken.php +++ b/Core/Authentication/Token/RememberMeToken.php @@ -20,7 +20,7 @@ use Symfony\Component\Security\Core\User\UserInterface; */ class RememberMeToken extends AbstractToken { - private $key; + private $secret; private $providerKey; /** @@ -28,16 +28,16 @@ class RememberMeToken extends AbstractToken * * @param UserInterface $user * @param string $providerKey - * @param string $key + * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client * * @throws \InvalidArgumentException */ - public function __construct(UserInterface $user, $providerKey, $key) + public function __construct(UserInterface $user, $providerKey, $secret) { parent::__construct($user->getRoles()); - if (empty($key)) { - throw new \InvalidArgumentException('$key must not be empty.'); + if (empty($secret)) { + throw new \InvalidArgumentException('$secret must not be empty.'); } if (empty($providerKey)) { @@ -45,7 +45,7 @@ class RememberMeToken extends AbstractToken } $this->providerKey = $providerKey; - $this->key = $key; + $this->secret = $secret; $this->setUser($user); parent::setAuthenticated(true); @@ -64,9 +64,9 @@ class RememberMeToken extends AbstractToken } /** - * Returns the provider key. + * Returns the provider secret. * - * @return string The provider key + * @return string The provider secret */ public function getProviderKey() { @@ -74,13 +74,23 @@ class RememberMeToken extends AbstractToken } /** - * Returns the key. - * - * @return string The Key + * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead. */ public function getKey() { - return $this->key; + @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED); + + return $this->getSecret(); + } + + /** + * Returns the secret. + * + * @return string + */ + public function getSecret() + { + return $this->secret; } /** @@ -97,7 +107,7 @@ class RememberMeToken extends AbstractToken public function serialize() { return serialize(array( - $this->key, + $this->secret, $this->providerKey, parent::serialize(), )); @@ -108,7 +118,7 @@ class RememberMeToken extends AbstractToken */ public function unserialize($serialized) { - list($this->key, $this->providerKey, $parentStr) = unserialize($serialized); + list($this->secret, $this->providerKey, $parentStr) = unserialize($serialized); parent::unserialize($parentStr); } } diff --git a/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php b/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php index 5a189b0..5b71747 100644 --- a/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php +++ b/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php @@ -37,7 +37,7 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase { $provider = $this->getProvider('foo'); - $this->assertNull($provider->authenticate($this->getSupportedToken('bar'))); + $provider->authenticate($this->getSupportedToken('bar')); } public function testAuthenticate() @@ -50,9 +50,9 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase protected function getSupportedToken($key) { - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getKey'), array(), '', false); + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getSecret'), array(), '', false); $token->expects($this->any()) - ->method('getKey') + ->method('getSecret') ->will($this->returnValue($key)) ; diff --git a/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php b/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php index a6fff4b..735d195 100644 --- a/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php +++ b/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php @@ -36,10 +36,10 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase /** * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ - public function testAuthenticateWhenKeysDoNotMatch() + public function testAuthenticateWhenSecretsDoNotMatch() { - $provider = $this->getProvider(null, 'key1'); - $token = $this->getSupportedToken(null, 'key2'); + $provider = $this->getProvider(null, 'secret1'); + $token = $this->getSupportedToken(null, 'secret2'); $provider->authenticate($token); } @@ -77,7 +77,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase $this->assertEquals('', $authToken->getCredentials()); } - protected function getSupportedToken($user = null, $key = 'test') + protected function getSupportedToken($user = null, $secret = 'test') { if (null === $user) { $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); @@ -87,7 +87,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue(array())); } - $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', array('getProviderKey'), array($user, 'foo', $key)); + $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', array('getProviderKey'), array($user, 'foo', $secret)); $token ->expects($this->once()) ->method('getProviderKey') diff --git a/Core/Tests/Authentication/Token/AnonymousTokenTest.php b/Core/Tests/Authentication/Token/AnonymousTokenTest.php index b5cf006..cac2039 100644 --- a/Core/Tests/Authentication/Token/AnonymousTokenTest.php +++ b/Core/Tests/Authentication/Token/AnonymousTokenTest.php @@ -28,7 +28,7 @@ class AnonymousTokenTest extends \PHPUnit_Framework_TestCase public function testGetKey() { $token = new AnonymousToken('foo', 'bar'); - $this->assertEquals('foo', $token->getKey()); + $this->assertEquals('foo', $token->getSecret()); } public function testGetCredentials() diff --git a/Core/Tests/Authentication/Token/RememberMeTokenTest.php b/Core/Tests/Authentication/Token/RememberMeTokenTest.php index 7449204..b83de4a 100644 --- a/Core/Tests/Authentication/Token/RememberMeTokenTest.php +++ b/Core/Tests/Authentication/Token/RememberMeTokenTest.php @@ -22,7 +22,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase $token = new RememberMeToken($user, 'fookey', 'foo'); $this->assertEquals('fookey', $token->getProviderKey()); - $this->assertEquals('foo', $token->getKey()); + $this->assertEquals('foo', $token->getSecret()); $this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles()); $this->assertSame($user, $token->getUser()); $this->assertTrue($token->isAuthenticated()); @@ -31,7 +31,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase /** * @expectedException \InvalidArgumentException */ - public function testConstructorKeyCannotBeNull() + public function testConstructorSecretCannotBeNull() { new RememberMeToken( $this->getUser(), @@ -43,7 +43,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase /** * @expectedException \InvalidArgumentException */ - public function testConstructorKeyCannotBeEmptyString() + public function testConstructorSecretCannotBeEmptyString() { new RememberMeToken( $this->getUser(), |