diff options
| author | Ryan Weaver <ryan@thatsquality.com> | 2015-05-17 17:27:01 -0400 |
|---|---|---|
| committer | Ryan Weaver <ryan@thatsquality.com> | 2015-09-20 19:24:20 -0400 |
| commit | 87752f2f460528718bbb691b1739a32368141c28 (patch) | |
| tree | d89d2fb55661bfb7685e932a1cdee515f4ece2ee /Guard/AbstractGuardAuthenticator.php | |
| parent | c4e11448bfba32d64ed4534b52e1a3958e9c2625 (diff) | |
| download | symfony-security-87752f2f460528718bbb691b1739a32368141c28.zip symfony-security-87752f2f460528718bbb691b1739a32368141c28.tar.gz symfony-security-87752f2f460528718bbb691b1739a32368141c28.tar.bz2 | |
Renaming the tokens to be clear they are "post" and "pre" auth - also adding an interface
The reason is that the GuardAuthenticationProvider *must* respond to *all* tokens
created by the system - both "pre auth" and "post auth" tokens. The reason is that
if a "post auth" token becomes not authenticated (e.g. because the user changes between
requests), then it may be passed to the provider system. If no providers respond (which
was the case before this commit), then AuthenticationProviderManager throws an exception.
The next commit will properly handle these "post auth" + "no-longer-authenticated" tokens,
which should cause a log out.
Diffstat (limited to 'Guard/AbstractGuardAuthenticator.php')
| -rw-r--r-- | Guard/AbstractGuardAuthenticator.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/Guard/AbstractGuardAuthenticator.php b/Guard/AbstractGuardAuthenticator.php index ebd09bb..647cb02 100644 --- a/Guard/AbstractGuardAuthenticator.php +++ b/Guard/AbstractGuardAuthenticator.php @@ -3,26 +3,26 @@ namespace Symfony\Component\Security\Guard; use Symfony\Component\Security\Core\User\UserInterface; -use Symfony\Component\Security\Guard\Token\GenericGuardToken; +use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken; /** - * An optional base class that creates a GenericGuardToken for you + * An optional base class that creates a PostAuthenticationGuardToken for you * * @author Ryan Weaver <weaverryan@gmail.com> */ abstract class AbstractGuardAuthenticator implements GuardAuthenticatorInterface { /** - * Shortcut to create a GenericGuardToken for you, if you don't really + * Shortcut to create a PostAuthenticationGuardToken for you, if you don't really * care about which authenticated token you're using * * @param UserInterface $user * @param string $providerKey - * @return GenericGuardToken + * @return PostAuthenticationGuardToken */ public function createAuthenticatedToken(UserInterface $user, $providerKey) { - return new GenericGuardToken( + return new PostAuthenticationGuardToken( $user, $providerKey, $user->getRoles() |