merged branch Seldaek/simplesecurity (PR #6069)

This PR was merged into the master branch.

Discussion
----------

[Security] Add simpler customization options

The goal of this is to provide a simpler extension point for people that don't have the time to dive into the whole security factory + authentication provider + user provider + authentication listener + token mess. As it stands, it gives you a way to just create one class that is handling all the security stuff in one (by implementing SimpleFormAuthenticatorInterface and UserProviderInterface) + one or more token classes.

I would like feedback on whether people think this makes sense or not before continuing and doing a SimpleHttpAuthenticatorInterface for non-form based stuff.

Just FYI that's how it would look in security.yml:

```yaml
security:
    providers:
        simple:
            id: simple_authenticator
    firewalls:
        foo:
            pattern: ^/
            simple_form:
                provider: simple
                authenticator: simple_authenticator
```

/cc @atrauzzi (who posted a long rant on the ML about how hard this all is, and I can't agree more - I hope it's the right account on github?)

Commits
-------

74cfc84 marked some classes as being experimental in 2.3
471e5bc [Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user
01c913b moved the simple HTTP authenticator to a pre-auth one
887d9b8 fixed wrong Logger interface
65335ea [Security] Renamed simple_token to simple_http, added support for failure and success handler to both simple firewalls
f7a11a1 [Security] Add simple_token auth method
1fe2ed6 [Security] Add SimpleForm authentication

1 files changed, 107 insertions, 0 deletions

diff --git a/Http/Authentication/SimpleAuthenticationHandler.php b/Http/Authentication/SimpleAuthenticationHandler.php
new file mode 100644
index 0000000..88be8e4
--- /dev/null
+++ b/Http/Authentication/SimpleAuthenticationHandler.php
@@ -0,0 +1,107 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
+
+/**
+ * Class to proxy authentication success/failure handlers
+ *
+ * Events are sent to the SimpleAuthenticatorInterface if it implements
+ * the right interface, otherwise (or if it fails to return a Response)
+ * the default handlers are triggered.
+ *
+ * @author Jordi Boggiano <j.boggiano@seld.be>
+ *
+ * @experimental This feature is experimental in 2.3 and might change in future versions
+ */
+class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterface, AuthenticationSuccessHandlerInterface
+{
+    protected $successHandler;
+    protected $failureHandler;
+    protected $simpleAuthenticator;
+
+    /**
+     * Constructor.
+     *
+     * @param SimpleAuthenticatorInterface          $authenticator  SimpleAuthenticatorInterface instance
+     * @param AuthenticationSuccessHandlerInterface $successHandler Default success handler
+     * @param AuthenticationFailureHandlerInterface $failureHandler Default failure handler
+     * @param LoggerInterface                       $logger         Optional logger
+     */
+    public function __construct(SimpleAuthenticatorInterface $authenticator, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, LoggerInterface $logger = null)
+    {
+        $this->simpleAuthenticator = $authenticator;
+        $this->successHandler = $successHandler;
+        $this->failureHandler = $failureHandler;
+        $this->logger = $logger;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
+    {
+        if ($this->simpleAuthenticator instanceof AuthenticationSuccessHandlerInterface) {
+            if ($this->logger) {
+                $this->logger->debug(sprintf('Using the %s object as authentication success handler', get_class($this->simpleAuthenticator)));
+            }
+
+            $response = $this->simpleAuthenticator->onAuthenticationSuccess($request, $token);
+            if ($response instanceof Response) {
+                return $response;
+            }
+
+            if (null !== $response) {
+                throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationSuccess method must return null to use the default success handler, or a Response object', get_class($this->simpleAuthenticator)));
+            }
+        }
+
+        if ($this->logger) {
+            $this->logger->debug('Fallback to the default authentication success handler');
+        }
+
+        return $this->successHandler->onAuthenticationSuccess($request, $token);
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
+    {
+        if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) {
+            if ($this->logger) {
+                $this->logger->debug(sprintf('Using the %s object as authentication failure handler', get_class($this->simpleAuthenticator)));
+            }
+
+            $response = $this->simpleAuthenticator->onAuthenticationFailure($request, $exception);
+            if ($response instanceof Response) {
+                return $response;
+            }
+
+            if (null !== $response) {
+                throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationFailure method must return null to use the default failure handler, or a Response object', get_class($this->simpleAuthenticator)));
+            }
+        }
+
+        if ($this->logger) {
+            $this->logger->debug('Fallback to the default authentication failure handler');
+        }
+
+        return $this->failureHandler->onAuthenticationFailure($request, $exception);
+    }
+}