diff options
| author | Bernhard Schussek <bernhard.schussek@symfony-project.com> | 2011-03-13 18:10:39 +0100 |
|---|---|---|
| committer | Bernhard Schussek <bernhard.schussek@symfony-project.com> | 2011-03-13 19:15:25 +0100 |
| commit | 263ba4d42870ef5f991540c8b039c2472ba8b204 (patch) | |
| tree | 90a84bb2a178be744ef3815c6a2bb7268baa9f34 /Http/RememberMe/RememberMeServicesInterface.php | |
| parent | 4a5d6729bc8c7f4adc89c153606617390bb24ca4 (diff) | |
| parent | 5a06947e48c33dc57e21e4316c8b7c6e8f5827b0 (diff) | |
| download | symfony-security-263ba4d42870ef5f991540c8b039c2472ba8b204.zip symfony-security-263ba4d42870ef5f991540c8b039c2472ba8b204.tar.gz symfony-security-263ba4d42870ef5f991540c8b039c2472ba8b204.tar.bz2 | |
Merge remote branch 'symfony/master' into event-manager
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Debug/TraceableEventManager.php
src/Symfony/Bundle/WebProfilerBundle/WebDebugToolbarListener.php
src/Symfony/Component/Security/Http/Firewall.php
src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php
src/Symfony/Component/Security/Http/Firewall/AccessListener.php
src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/ChannelListener.php
src/Symfony/Component/Security/Http/Firewall/ContextListener.php
src/Symfony/Component/Security/Http/Firewall/DigestAuthenticationListener.php
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
src/Symfony/Component/Security/Http/Firewall/ListenerInterface.php
src/Symfony/Component/Security/Http/Firewall/LogoutListener.php
src/Symfony/Component/Security/Http/Firewall/RememberMeListener.php
src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
tests/Symfony/Tests/Component/Security/Http/Firewall/RememberMeListenerTest.php
Diffstat (limited to 'Http/RememberMe/RememberMeServicesInterface.php')
| -rw-r--r-- | Http/RememberMe/RememberMeServicesInterface.php | 59 |
1 files changed, 38 insertions, 21 deletions
diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php index b038a0d..c740d28 100644 --- a/Http/RememberMe/RememberMeServicesInterface.php +++ b/Http/RememberMe/RememberMeServicesInterface.php @@ -17,50 +17,67 @@ use Symfony\Component\HttpFoundation\Request; /** * Interface that needs to be implemented by classes which provide remember-me * capabilities. - * + * * We provide two implementations out-of-the-box: * - TokenBasedRememberMeServices (does not require a TokenProvider) * - PersistentTokenBasedRememberMeServices (requires a TokenProvider) - * + * * @author Johannes M. Schmitt <schmittjoh@gmail.com> */ interface RememberMeServicesInterface { /** - * This method will be called whenever the SecurityContext does not contain - * an TokenInterface object and the framework wishes to provide an implementation - * with an opportunity to authenticate the request using remember-me capabilities. - * + * This attribute name can be used by the implementation if it needs to set + * a cookie on the Request when there is no actual Response, yet. + * + * @var string + */ + const COOKIE_ATTR_NAME = '_security_remember_me_cookie'; + + /** + * This method will be called whenever the SecurityContext does not contain + * an TokenInterface object and the framework wishes to provide an implementation + * with an opportunity to authenticate the request using remember-me capabilities. + * * No attempt whatsoever is made to determine whether the browser has requested * remember-me services or presented a valid cookie. Any and all such determinations - * are left to the implementation of this method. - * + * are left to the implementation of this method. + * * If a browser has presented an unauthorised cookie for whatever reason, - * make sure to throw an AuthenticationException as this will consequentially + * make sure to throw an AuthenticationException as this will consequentially * result in a call to loginFail() and therefore an invalidation of the cookie. - * + * * @param Request $request * @return TokenInterface */ function autoLogin(Request $request); - + /** - * Called whenever an authentication attempt was made, but the credentials - * supplied by the user were missing or otherwise invalid. - * + * Called whenever an interactive authentication attempt was made, but the + * credentials supplied by the user were missing or otherwise invalid. + * * This method needs to take care of invalidating the cookie. + * + * @param Request $request + * @return void */ - function loginFail(Request $request, Response $response); + function loginFail(Request $request); /** - * Called whenever authentication attempt is successful (e.g. a form login). - * - * An implementation may always set a remember-me cookie in the Response, - * although this is not recommended. - * - * Instead, implementations should typically look for a request parameter + * Called whenever an interactive authentication attempt is successful + * (e.g. a form login). + * + * An implementation may always set a remember-me cookie in the Response, + * although this is not recommended. + * + * Instead, implementations should typically look for a request parameter * (such as a HTTP POST parameter) that indicates the browser has explicitly * requested for the authentication to be remembered. + * + * @param Request $request + * @param Response $response + * @param TokenInterface $token + * @return void */ function loginSuccess(Request $request, Response $response, TokenInterface $token); }
\ No newline at end of file |