[Security] Add note to CHANGELOG about refactored authentication failure/success handling [Security] Various CS + doc fixes [Security] Exception when authentication failure/success handlers do not return a response [Security] Add authors + fix docblock

author: Alexander <iam.asm89@gmail.com> 2012-06-21 09:49:20 +0200
committer: Alexander <iam.asm89@gmail.com> 2012-07-08 19:59:10 +0200
commit: b13c20333403768a1905a43acad7fa2dc1772a25 (patch)
tree: ad0352d9e6e81f095ef4eb0c669ab7c4fd208dda /Http
parent: 15dea5261261c3700c97787df9b6888b978dbac3 (diff)
download: symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.zip
symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.tar.gz
symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.tar.bz2
3 files changed, 28 insertions, 36 deletions
diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php
index 71a0057..61d77a8 100644
--- a/Http/Authentication/DefaultAuthenticationFailureHandler.php
+++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php
@@ -24,36 +24,23 @@ use Symfony\Component\Security\Http\HttpUtils;
  * Can be optionally be extended from by the developer to alter the behaviour
  * while keeping the default behaviour.
  *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  * @author Alexander <iam.asm89@gmail.com>
  */
 class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
 {
-    /**
-     * @var HttpKernel
-     */
-    private $httpKernel;
-
-    /**
-     * @var HttpUtils
-     */
+    protected $httpKernel;
     protected $httpUtils;
-
-    /**
-     * @var LoggerInterface
-     */
-    private $logger;
-
-    /**
-     * @var array
-     */
+    protected $logger;
     protected $options;
 
     /**
      * Constructor.
      *
-     * @param HttpKernelInterface $httpKernel Kernel
-     * @param HttpUtils           $httpUtils  HttpUtils
-     * @param array               $options    Options for processing a successful authentication attempt.
+     * @param HttpKernelInterface $httpKernel
+     * @param HttpUtils           $httpUtils
+     * @param array               $options    Options for processing a failed authentication attempt.
      * @param LoggerInterface     $logger     Optional logger
      */
     public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options, LoggerInterface $logger = null)
@@ -63,9 +50,9 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle
         $this->logger     = $logger;
 
         $this->options = array_merge(array(
-            'failure_path'                   => null,
-            'failure_forward'                => false,
-            'login_path'                     => '/login',
+            'failure_path'    => null,
+            'failure_forward' => false,
+            'login_path'      => '/login',
         ), $options);
     }
 
diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php
index 8139786..88dcf68 100644
--- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php
+++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php
@@ -21,24 +21,19 @@ use Symfony\Component\Security\Http\HttpUtils;
  * Can be optionally be extended from by the developer to alter the behaviour
  * while keeping the default behaviour.
  *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  * @author Alexander <iam.asm89@gmail.com>
  */
 class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
 {
-    /**
-     * @var HttpUtils
-     */
     protected $httpUtils;
-
-    /**
-     * @var array
-     */
     protected $options;
 
     /**
      * Constructor.
      *
-     * @param HttpUtils $httpUtils HttpUtils
+     * @param HttpUtils $httpUtils
      * @param array     $options   Options for processing a successful authentication attempt.
      */
     public function __construct(HttpUtils $httpUtils, array $options)
diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php
index 377639c..3324ba9 100644
--- a/Http/Firewall/AbstractAuthenticationListener.php
+++ b/Http/Firewall/AbstractAuthenticationListener.php
@@ -70,12 +70,12 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
      * @param SessionAuthenticationStrategyInterface $sessionStrategy
      * @param HttpUtils                              $httpUtils             An HttpUtilsInterface instance
      * @param string                                 $providerKey
+     * @param AuthenticationSuccessHandlerInterface  $successHandler
+     * @param AuthenticationFailureHandlerInterface  $failureHandler
      * @param array                                  $options               An array of options for the processing of a
      *                                                                      successful, or failed authentication attempt
-     * @param AuthenticationSuccessHandlerInterface $successHandler
-     * @param AuthenticationFailureHandlerInterface $failureHandler
-     * @param LoggerInterface                       $logger         A LoggerInterface instance
-     * @param EventDispatcherInterface              $dispatcher     An EventDispatcherInterface instance
+     * @param LoggerInterface                        $logger                A LoggerInterface instance
+     * @param EventDispatcherInterface               $dispatcher            An EventDispatcherInterface instance
      */
     public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
     {
@@ -184,7 +184,13 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
 
         $this->securityContext->setToken(null);
 
-        return $this->failureHandler->onAuthenticationFailure($request, $failed);
+        $response = $this->failureHandler->onAuthenticationFailure($request, $failed);
+
+        if (!$response instanceof Response) {
+            throw new \RuntimeException('Authentication Failure Handler did not return a Response.');
+        }
+
+        return $response;
     }
 
     private function onSuccess(GetResponseEvent $event, Request $request, TokenInterface $token)
@@ -206,6 +212,10 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
 
         $response = $this->successHandler->onAuthenticationSuccess($request, $token);
 
+        if (!$response instanceof Response) {
+            throw new \RuntimeException('Authentication Success Handler did not return a Response.');
+        }
+
         if (null !== $this->rememberMeServices) {
             $this->rememberMeServices->loginSuccess($request, $response, $token);
         }
author	Alexander <iam.asm89@gmail.com>	2012-06-21 09:49:20 +0200
committer	Alexander <iam.asm89@gmail.com>	2012-07-08 19:59:10 +0200
commit	b13c20333403768a1905a43acad7fa2dc1772a25 (patch)
tree	ad0352d9e6e81f095ef4eb0c669ab7c4fd208dda /Http
parent	15dea5261261c3700c97787df9b6888b978dbac3 (diff)
download	symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.zip symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.tar.gz symfony-security-b13c20333403768a1905a43acad7fa2dc1772a25.tar.bz2