diff options
41 files changed, 218 insertions, 70 deletions
diff --git a/Acl/Dbal/MutableAclProvider.php b/Acl/Dbal/MutableAclProvider.php index 273625a..bd1976f 100644 --- a/Acl/Dbal/MutableAclProvider.php +++ b/Acl/Dbal/MutableAclProvider.php @@ -554,9 +554,9 @@ QUERY; * * @param SecurityIdentityInterface $sid * - * @throws \InvalidArgumentException - * * @return string + * + * @throws \InvalidArgumentException */ protected function getInsertSecurityIdentitySql(SecurityIdentityInterface $sid) { @@ -626,9 +626,9 @@ QUERY; * * @param SecurityIdentityInterface $sid * - * @throws \InvalidArgumentException - * * @return string + * + * @throws \InvalidArgumentException */ protected function getSelectSecurityIdentityIdSql(SecurityIdentityInterface $sid) { @@ -655,9 +655,9 @@ QUERY; * * @param SecurityIdentityInterface $sid * - * @throws \InvalidArgumentException - * * @return string + * + * @throws \InvalidArgumentException */ protected function getDeleteSecurityIdentityIdSql(SecurityIdentityInterface $sid) { @@ -673,9 +673,9 @@ QUERY; * @param int $pk * @param array $changes * - * @throws \InvalidArgumentException - * * @return string + * + * @throws \InvalidArgumentException */ protected function getUpdateObjectIdentitySql($pk, array $changes) { @@ -723,9 +723,9 @@ QUERY; * @param int $pk * @param array $sets * - * @throws \InvalidArgumentException - * * @return string + * + * @throws \InvalidArgumentException */ protected function getUpdateAccessControlEntrySql($pk, array $sets) { diff --git a/Acl/Domain/ObjectIdentity.php b/Acl/Domain/ObjectIdentity.php index 871bda7..ec817e2 100644 --- a/Acl/Domain/ObjectIdentity.php +++ b/Acl/Domain/ObjectIdentity.php @@ -52,9 +52,9 @@ final class ObjectIdentity implements ObjectIdentityInterface * * @param object $domainObject * - * @throws InvalidDomainObjectException - * * @return ObjectIdentity + * + * @throws InvalidDomainObjectException */ public static function fromDomainObject($domainObject) { diff --git a/Acl/Domain/PermissionGrantingStrategy.php b/Acl/Domain/PermissionGrantingStrategy.php index 742c4e5..f8a09a6 100644 --- a/Acl/Domain/PermissionGrantingStrategy.php +++ b/Acl/Domain/PermissionGrantingStrategy.php @@ -130,7 +130,7 @@ class PermissionGrantingStrategy implements PermissionGrantingStrategyInterface * @param SecurityIdentityInterface[] $sids An array of SecurityIdentityInterface implementations * @param bool $administrativeMode True turns off audit logging * - * @return bool true, or false; either granting, or denying access respectively. + * @return bool true, or false; either granting, or denying access respectively * * @throws NoAceFoundException */ diff --git a/Acl/Model/AclInterface.php b/Acl/Model/AclInterface.php index 6a70a7c..13a6cf8 100644 --- a/Acl/Model/AclInterface.php +++ b/Acl/Model/AclInterface.php @@ -97,9 +97,9 @@ interface AclInterface extends \Serializable * @param array $securityIdentities * @param bool $administrativeMode * - * @throws NoAceFoundException when no ACE was applicable for this request - * * @return bool + * + * @throws NoAceFoundException when no ACE was applicable for this request */ public function isGranted(array $masks, array $securityIdentities, $administrativeMode = false); diff --git a/Acl/Model/MutableAclProviderInterface.php b/Acl/Model/MutableAclProviderInterface.php index 95f531e..ee6d7c4 100644 --- a/Acl/Model/MutableAclProviderInterface.php +++ b/Acl/Model/MutableAclProviderInterface.php @@ -25,10 +25,10 @@ interface MutableAclProviderInterface extends AclProviderInterface * * @param ObjectIdentityInterface $oid * + * @return MutableAclInterface + * * @throws AclAlreadyExistsException when there already is an ACL for the given * object identity - * - * @return MutableAclInterface */ public function createAcl(ObjectIdentityInterface $oid); diff --git a/Acl/Permission/MaskBuilder.php b/Acl/Permission/MaskBuilder.php index 0b5f388..ed13ecb 100644 --- a/Acl/Permission/MaskBuilder.php +++ b/Acl/Permission/MaskBuilder.php @@ -96,10 +96,10 @@ class MaskBuilder extends AbstractMaskBuilder * * @param int $mask * + * @return string + * * @throws \InvalidArgumentException * @throws \RuntimeException - * - * @return string */ public static function getCode($mask) { diff --git a/Acl/Resources/bin/generateSql.php b/Acl/Resources/bin/generateSql.php index 4b1b38d..c425651 100644 --- a/Acl/Resources/bin/generateSql.php +++ b/Acl/Resources/bin/generateSql.php @@ -37,7 +37,7 @@ $reflection = new ReflectionClass('Doctrine\\DBAL\\Platforms\\AbstractPlatform') $finder = new Finder(); $finder->name('*Platform.php')->in(dirname($reflection->getFileName())); foreach ($finder as $file) { - require_once $file->getPathName(); + require_once $file->getPathname(); $className = 'Doctrine\\DBAL\\Platforms\\'.$file->getBasename('.php'); $reflection = new ReflectionClass($className); diff --git a/Acl/Tests/Domain/ObjectIdentityTest.php b/Acl/Tests/Domain/ObjectIdentityTest.php index 70f89a3..770ada7 100644 --- a/Acl/Tests/Domain/ObjectIdentityTest.php +++ b/Acl/Tests/Domain/ObjectIdentityTest.php @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Acl\Tests\Domain { use Symfony\Component\Security\Acl\Domain\ObjectIdentity; + use Symfony\Component\Security\Acl\Model\DomainObjectInterface; class ObjectIdentityTest extends \PHPUnit_Framework_TestCase { @@ -34,17 +35,7 @@ namespace Symfony\Component\Security\Acl\Tests\Domain public function testFromDomainObjectPrefersInterfaceOverGetId() { - $domainObject = $this->getMock('Symfony\Component\Security\Acl\Model\DomainObjectInterface'); - $domainObject - ->expects($this->once()) - ->method('getObjectIdentifier') - ->will($this->returnValue('getObjectIdentifier()')) - ; - $domainObject - ->expects($this->never()) - ->method('getId') - ->will($this->returnValue('getId()')) - ; + $domainObject = new DomainObjectImplementation(); $id = ObjectIdentity::fromDomainObject($domainObject); $this->assertEquals('getObjectIdentifier()', $id->getIdentifier()); @@ -121,6 +112,19 @@ namespace Symfony\Component\Security\Acl\Tests\Domain return $this->id; } } + + class DomainObjectImplementation implements DomainObjectInterface + { + public function getObjectIdentifier() + { + return 'getObjectIdentifier()'; + } + + public function getId() + { + return 'getId()'; + } + } } namespace Acme\DemoBundle\Proxy\__CG__\Symfony\Component\Security\Acl\Tests\Domain diff --git a/Core/Authentication/Token/AnonymousToken.php b/Core/Authentication/Token/AnonymousToken.php index 571816c..0d7dea0 100644 --- a/Core/Authentication/Token/AnonymousToken.php +++ b/Core/Authentication/Token/AnonymousToken.php @@ -26,7 +26,7 @@ class AnonymousToken extends AbstractToken * Constructor. * * @param string $key The key shared with the authentication provider - * @param string $user The user + * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string * @param RoleInterface[] $roles An array of roles */ public function __construct($key, $user, array $roles = array()) diff --git a/Core/Authentication/Token/PreAuthenticatedToken.php b/Core/Authentication/Token/PreAuthenticatedToken.php index 1798203..b4b5e70 100644 --- a/Core/Authentication/Token/PreAuthenticatedToken.php +++ b/Core/Authentication/Token/PreAuthenticatedToken.php @@ -26,7 +26,7 @@ class PreAuthenticatedToken extends AbstractToken /** * Constructor. * - * @param string|object $user The user + * @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string * @param mixed $credentials The user credentials * @param string $providerKey The provider key * @param RoleInterface[]|string[] $roles An array of roles diff --git a/Core/Authentication/Token/TokenInterface.php b/Core/Authentication/Token/TokenInterface.php index be90802..4e1dd7b 100644 --- a/Core/Authentication/Token/TokenInterface.php +++ b/Core/Authentication/Token/TokenInterface.php @@ -33,7 +33,7 @@ interface TokenInterface extends \Serializable /** * Returns the user roles. * - * @return RoleInterface[] An array of RoleInterface instances. + * @return RoleInterface[] An array of RoleInterface instances */ public function getRoles(); diff --git a/Core/Authentication/Token/UsernamePasswordToken.php b/Core/Authentication/Token/UsernamePasswordToken.php index 9248136..33b00f0 100644 --- a/Core/Authentication/Token/UsernamePasswordToken.php +++ b/Core/Authentication/Token/UsernamePasswordToken.php @@ -26,7 +26,7 @@ class UsernamePasswordToken extends AbstractToken /** * Constructor. * - * @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method. + * @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method * @param string $credentials This usually is the password of the user * @param string $providerKey The provider key * @param RoleInterface[]|string[] $roles An array of roles diff --git a/Core/AuthenticationEvents.php b/Core/AuthenticationEvents.php index 90b7142..13bce30 100644 --- a/Core/AuthenticationEvents.php +++ b/Core/AuthenticationEvents.php @@ -20,6 +20,8 @@ final class AuthenticationEvents * The event listener method receives a * Symfony\Component\Security\Core\Event\AuthenticationEvent instance. * + * @Event + * * @var string */ const AUTHENTICATION_SUCCESS = 'security.authentication.success'; @@ -32,6 +34,8 @@ final class AuthenticationEvents * Symfony\Component\Security\Core\Event\AuthenticationFailureEvent * instance. * + * @Event + * * @var string */ const AUTHENTICATION_FAILURE = 'security.authentication.failure'; diff --git a/Core/Security.php b/Core/Security.php index 14d32f8..84cc77d 100644 --- a/Core/Security.php +++ b/Core/Security.php @@ -21,4 +21,5 @@ final class Security const ACCESS_DENIED_ERROR = '_security.403_error'; const AUTHENTICATION_ERROR = '_security.last_error'; const LAST_USERNAME = '_security.last_username'; + const MAX_USERNAME_LENGTH = 4096; } diff --git a/Core/SecurityContextInterface.php b/Core/SecurityContextInterface.php index 2a06ca4..73edd23 100644 --- a/Core/SecurityContextInterface.php +++ b/Core/SecurityContextInterface.php @@ -26,4 +26,5 @@ interface SecurityContextInterface extends TokenStorageInterface, AuthorizationC const ACCESS_DENIED_ERROR = Security::ACCESS_DENIED_ERROR; const AUTHENTICATION_ERROR = Security::AUTHENTICATION_ERROR; const LAST_USERNAME = Security::LAST_USERNAME; + const MAX_USERNAME_LENGTH = Security::MAX_USERNAME_LENGTH; } diff --git a/Core/Tests/LegacySecurityContextTest.php b/Core/Tests/LegacySecurityContextTest.php index 92d7c16..fbb847e 100644 --- a/Core/Tests/LegacySecurityContextTest.php +++ b/Core/Tests/LegacySecurityContextTest.php @@ -11,8 +11,6 @@ namespace Symfony\Component\Security\Core\Tests; -use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; -use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; use Symfony\Component\Security\Core\SecurityContext; /** diff --git a/Core/Tests/Validator/Constraints/LegacyUserPasswordValidatorTest.php b/Core/Tests/Validator/Constraints/LegacyUserPasswordValidatorTest.php index 8053732..f7da8c0 100644 --- a/Core/Tests/Validator/Constraints/LegacyUserPasswordValidatorTest.php +++ b/Core/Tests/Validator/Constraints/LegacyUserPasswordValidatorTest.php @@ -14,8 +14,6 @@ namespace Symfony\Component\Security\Core\Tests\Validator\Constraints; use Symfony\Component\Validator\Validation; /** - * @since 2.5.4 - * * @author Bernhard Schussek <bschussek@gmail.com> * @group legacy */ diff --git a/Core/User/InMemoryUserProvider.php b/Core/User/InMemoryUserProvider.php index c1981de..e09d72e 100644 --- a/Core/User/InMemoryUserProvider.php +++ b/Core/User/InMemoryUserProvider.php @@ -97,7 +97,7 @@ class InMemoryUserProvider implements UserProviderInterface /** * Returns the user by given username. * - * @param string $username The username. + * @param string $username The username * * @return User * diff --git a/Csrf/CsrfTokenManagerInterface.php b/Csrf/CsrfTokenManagerInterface.php index bccabe6..5936b64 100644 --- a/Csrf/CsrfTokenManagerInterface.php +++ b/Csrf/CsrfTokenManagerInterface.php @@ -14,8 +14,6 @@ namespace Symfony\Component\Security\Csrf; /** * Manages CSRF tokens. * - * @since 2.4 - * * @author Bernhard Schussek <bschussek@gmail.com> */ interface CsrfTokenManagerInterface diff --git a/Csrf/TokenGenerator/TokenGeneratorInterface.php b/Csrf/TokenGenerator/TokenGeneratorInterface.php index 1405b84..0ec2881 100644 --- a/Csrf/TokenGenerator/TokenGeneratorInterface.php +++ b/Csrf/TokenGenerator/TokenGeneratorInterface.php @@ -14,8 +14,6 @@ namespace Symfony\Component\Security\Csrf\TokenGenerator; /** * Generates CSRF tokens. * - * @since 2.4 - * * @author Bernhard Schussek <bschussek@gmail.com> */ interface TokenGeneratorInterface diff --git a/Csrf/TokenGenerator/UriSafeTokenGenerator.php b/Csrf/TokenGenerator/UriSafeTokenGenerator.php index edeb435..31e82ee 100644 --- a/Csrf/TokenGenerator/UriSafeTokenGenerator.php +++ b/Csrf/TokenGenerator/UriSafeTokenGenerator.php @@ -17,8 +17,6 @@ use Symfony\Component\Security\Core\Util\SecureRandom; /** * Generates CSRF tokens. * - * @since 2.4 - * * @author Bernhard Schussek <bernhard.schussek@symfony.com> */ class UriSafeTokenGenerator implements TokenGeneratorInterface diff --git a/Csrf/TokenStorage/NativeSessionTokenStorage.php b/Csrf/TokenStorage/NativeSessionTokenStorage.php index 2620156..71151fa 100644 --- a/Csrf/TokenStorage/NativeSessionTokenStorage.php +++ b/Csrf/TokenStorage/NativeSessionTokenStorage.php @@ -16,8 +16,6 @@ use Symfony\Component\Security\Csrf\Exception\TokenNotFoundException; /** * Token storage that uses PHP's native session handling. * - * @since 2.4 - * * @author Bernhard Schussek <bschussek@gmail.com> */ class NativeSessionTokenStorage implements TokenStorageInterface diff --git a/Csrf/TokenStorage/SessionTokenStorage.php b/Csrf/TokenStorage/SessionTokenStorage.php index a6a6ea3..37b33e6 100644 --- a/Csrf/TokenStorage/SessionTokenStorage.php +++ b/Csrf/TokenStorage/SessionTokenStorage.php @@ -15,9 +15,7 @@ use Symfony\Component\HttpFoundation\Session\SessionInterface; use Symfony\Component\Security\Csrf\Exception\TokenNotFoundException; /** - * Token storage that uses a Symfony2 Session object. - * - * @since 2.4 + * Token storage that uses a Symfony Session object. * * @author Bernhard Schussek <bschussek@gmail.com> */ diff --git a/Csrf/TokenStorage/TokenStorageInterface.php b/Csrf/TokenStorage/TokenStorageInterface.php index 5efe72f..92386fb 100644 --- a/Csrf/TokenStorage/TokenStorageInterface.php +++ b/Csrf/TokenStorage/TokenStorageInterface.php @@ -14,8 +14,6 @@ namespace Symfony\Component\Security\Csrf\TokenStorage; /** * Stores CSRF tokens. * - * @since 2.4 - * * @author Bernhard Schussek <bschussek@gmail.com> */ interface TokenStorageInterface diff --git a/Http/Authentication/AuthenticationUtils.php b/Http/Authentication/AuthenticationUtils.php index 4d5c71a..c6397e8 100644 --- a/Http/Authentication/AuthenticationUtils.php +++ b/Http/Authentication/AuthenticationUtils.php @@ -65,7 +65,13 @@ class AuthenticationUtils */ public function getLastUsername() { - $session = $this->getRequest()->getSession(); + $request = $this->getRequest(); + + if ($request->attributes->has(Security::LAST_USERNAME)) { + return $request->attributes->get(Security::LAST_USERNAME); + } + + $session = $request->getSession(); return null === $session ? '' : $session->get(Security::LAST_USERNAME); } diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php index f8004d6..830c00a 100644 --- a/Http/Authentication/DefaultAuthenticationFailureHandler.php +++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php @@ -46,7 +46,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle * * @param HttpKernelInterface $httpKernel * @param HttpUtils $httpUtils - * @param array $options Options for processing a failed authentication attempt. + * @param array $options Options for processing a failed authentication attempt * @param LoggerInterface $logger Optional logger */ public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options = array(), LoggerInterface $logger = null) diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php index 5fa7071..b6a7df5 100644 --- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php +++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php @@ -39,7 +39,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle * Constructor. * * @param HttpUtils $httpUtils - * @param array $options Options for processing a successful authentication attempt. + * @param array $options Options for processing a successful authentication attempt */ public function __construct(HttpUtils $httpUtils, array $options = array()) { diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index ebe96ea..5bbf13d 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -56,7 +56,7 @@ class BasicAuthenticationListener implements ListenerInterface { $request = $event->getRequest(); - if (false === $username = $request->headers->get('PHP_AUTH_USER', false)) { + if (null === $username = $request->headers->get('PHP_AUTH_USER')) { return; } diff --git a/Http/Firewall/SimpleFormAuthenticationListener.php b/Http/Firewall/SimpleFormAuthenticationListener.php index 4733b6a..8123e0e 100644 --- a/Http/Firewall/SimpleFormAuthenticationListener.php +++ b/Http/Firewall/SimpleFormAuthenticationListener.php @@ -24,6 +24,7 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerI use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Security; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; @@ -116,6 +117,10 @@ class SimpleFormAuthenticationListener extends AbstractAuthenticationListener $password = $request->get($this->options['password_parameter'], null, true); } + if (strlen($username) > Security::MAX_USERNAME_LENGTH) { + throw new BadCredentialsException('Invalid username.'); + } + $request->getSession()->set(Security::LAST_USERNAME, $username); $token = $this->simpleAuthenticator->createToken($request, $username, $password, $this->providerKey); diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 7c068fe..7de83d2 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\Exception\AccessDeniedException; +use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; @@ -161,7 +162,7 @@ class SwitchUserListener implements ListenerInterface throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.'); } - if (null !== $this->dispatcher) { + if (null !== $this->dispatcher && $original->getUser() instanceof UserInterface) { $user = $this->provider->refreshUser($original->getUser()); $switchEvent = new SwitchUserEvent($request, $user); $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); diff --git a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php index 07ab85a..ba4329b 100644 --- a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php +++ b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php @@ -24,6 +24,7 @@ use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Exception\InvalidArgumentException; use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\Security; @@ -91,6 +92,10 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL $password = $request->get($this->options['password_parameter'], null, true); } + if (strlen($username) > Security::MAX_USERNAME_LENGTH) { + throw new BadCredentialsException('Invalid username.'); + } + $request->getSession()->set(Security::LAST_USERNAME, $username); return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey)); diff --git a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php index 82b5533..252b124 100644 --- a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php +++ b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php @@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Http\Tests\Authentication; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler; use Symfony\Component\Security\Core\Security; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\HttpKernelInterface; class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCase @@ -52,7 +53,7 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas ->method('createRequest')->with($this->request, '/login') ->will($this->returnValue($subRequest)); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $this->httpKernel->expects($this->once()) ->method('handle')->with($subRequest, HttpKernelInterface::SUB_REQUEST) ->will($this->returnValue($response)); @@ -65,7 +66,7 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas public function testRedirect() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $this->httpUtils->expects($this->once()) ->method('createRedirectResponse')->with($this->request, '/login') ->will($this->returnValue($response)); diff --git a/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php b/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php index 4d1847d..ae9f02b 100644 --- a/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php +++ b/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\Authentication; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; class DefaultAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCase @@ -157,8 +158,7 @@ class DefaultAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCas private function expectRedirectResponse($path) { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - + $response = new Response(); $this->httpUtils->expects($this->once()) ->method('createRedirectResponse') ->with($this->request, $path) diff --git a/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php b/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php index 6e79b07..8a31886 100644 --- a/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php +++ b/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; @@ -41,7 +42,7 @@ class SimpleAuthenticationHandlerTest extends \PHPUnit_Framework_TestCase // No methods are invoked on the exception; we just assert on its class $this->authenticationException = new AuthenticationException(); - $this->response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $this->response = new Response(); } public function testOnAuthenticationSuccessFallsBackToDefaultHandlerIfSimpleIsNotASuccessHandler() diff --git a/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php b/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php index 3acb9c2..75a6be4 100644 --- a/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php +++ b/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\EntryPoint; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint; use Symfony\Component\HttpKernel\HttpKernelInterface; @@ -19,7 +20,7 @@ class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase public function testStart() { $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $httpKernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); @@ -39,7 +40,7 @@ class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase { $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); $subRequest = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = new \Symfony\Component\HttpFoundation\Response('', 200); + $response = new Response('', 200); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); $httpUtils diff --git a/Http/Tests/Firewall/RememberMeListenerTest.php b/Http/Tests/Firewall/RememberMeListenerTest.php index 7309042..cd2f1b8 100644 --- a/Http/Tests/Firewall/RememberMeListenerTest.php +++ b/Http/Tests/Firewall/RememberMeListenerTest.php @@ -101,7 +101,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException * @expectedExceptionMessage Authentication failed. */ public function testOnCoreSecurityIgnoresAuthenticationOptionallyRethrowsExceptionThrownAuthenticationManagerImplementation() diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php index f43b564..28d73e0 100644 --- a/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -158,6 +158,59 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($this->event); } + public function testExitUserDoesNotDispatchEventWithStringUser() + { + $originalUser = 'anon.'; + $this + ->userProvider + ->expects($this->never()) + ->method('refreshUser'); + $originalToken = $this->getToken(); + $originalToken + ->expects($this->any()) + ->method('getUser') + ->willReturn($originalUser); + $role = $this + ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') + ->disableOriginalConstructor() + ->getMock(); + $role + ->expects($this->any()) + ->method('getSource') + ->willReturn($originalToken); + $this + ->tokenStorage + ->expects($this->any()) + ->method('getToken') + ->willReturn($this->getToken(array($role))); + $this + ->request + ->expects($this->any()) + ->method('get') + ->with('_switch_user') + ->willReturn('_exit'); + $this + ->request + ->query + ->expects($this->any()) + ->method('all') + ->will($this->returnValue(array())); + $this + ->request + ->expects($this->any()) + ->method('getUri') + ->willReturn('/'); + + $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + $dispatcher + ->expects($this->never()) + ->method('dispatch') + ; + + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); + $listener->handle($this->event); + } + /** * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ diff --git a/Http/Tests/FirewallTest.php b/Http/Tests/FirewallTest.php index 9994737..1e0c1ef 100644 --- a/Http/Tests/FirewallTest.php +++ b/Http/Tests/FirewallTest.php @@ -11,9 +11,10 @@ namespace Symfony\Component\Security\Http\Tests; -use Symfony\Component\Security\Http\Firewall; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\Security\Http\Firewall; class FirewallTest extends \PHPUnit_Framework_TestCase { @@ -46,7 +47,7 @@ class FirewallTest extends \PHPUnit_Framework_TestCase public function testOnKernelRequestStopsWhenThereIsAResponse() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $first = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); $first diff --git a/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php b/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php index 381a48e..8a94e53 100644 --- a/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php +++ b/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\Logout; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Logout\DefaultLogoutSuccessHandler; class DefaultLogoutSuccessHandlerTest extends \PHPUnit_Framework_TestCase @@ -18,7 +19,7 @@ class DefaultLogoutSuccessHandlerTest extends \PHPUnit_Framework_TestCase public function testLogout() { $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); $httpUtils->expects($this->once()) diff --git a/Http/Tests/RememberMe/ResponseListenerTest.php b/Http/Tests/RememberMe/ResponseListenerTest.php index 78de8e4..23f7df7 100644 --- a/Http/Tests/RememberMe/ResponseListenerTest.php +++ b/Http/Tests/RememberMe/ResponseListenerTest.php @@ -15,6 +15,7 @@ use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\Security\Http\RememberMe\ResponseListener; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpKernel\KernelEvents; @@ -81,7 +82,7 @@ class ResponseListenerTest extends \PHPUnit_Framework_TestCase private function getResponse() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $response->headers = $this->getMock('Symfony\Component\HttpFoundation\ResponseHeaderBag'); return $response; diff --git a/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php b/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php new file mode 100644 index 0000000..b7c6ab9 --- /dev/null +++ b/Tests/Http/Firewall/UsernamePasswordFormAuthenticationListenerTest.php @@ -0,0 +1,78 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Tests\Http\Firewall; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener; +use Symfony\Component\Security\Core\SecurityContextInterface; + +class UsernamePasswordFormAuthenticationListenerTest extends \PHPUnit_Framework_TestCase +{ + /** + * @dataProvider getUsernameForLength + */ + public function testHandleWhenUsernameLength($username, $ok) + { + $request = Request::create('/login_check', 'POST', array('_username' => $username)); + $request->setSession($this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface')); + + $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); + $httpUtils + ->expects($this->any()) + ->method('checkRequestPath') + ->will($this->returnValue(true)) + ; + + $failureHandler = $this->getMock('Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface'); + $failureHandler + ->expects($ok ? $this->never() : $this->once()) + ->method('onAuthenticationFailure') + ->will($this->returnValue(new Response())) + ; + + $authenticationManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager')->disableOriginalConstructor()->getMock(); + $authenticationManager + ->expects($ok ? $this->once() : $this->never()) + ->method('authenticate') + ->will($this->returnValue(new Response())) + ; + + $listener = new UsernamePasswordFormAuthenticationListener( + $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), + $authenticationManager, + $this->getMock('Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface'), + $httpUtils, + 'TheProviderKey', + $this->getMock('Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface'), + $failureHandler, + array('require_previous_session' => false) + ); + + $event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); + $event + ->expects($this->any()) + ->method('getRequest') + ->will($this->returnValue($request)) + ; + + $listener->handle($event); + } + + public function getUsernameForLength() + { + return array( + array(str_repeat('x', SecurityContextInterface::MAX_USERNAME_LENGTH + 1), false), + array(str_repeat('x', SecurityContextInterface::MAX_USERNAME_LENGTH - 1), true), + ); + } +} |