summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG.md11
-rw-r--r--Core/Authentication/Provider/AnonymousAuthenticationProvider.php16
-rw-r--r--Core/Authentication/Provider/DaoAuthenticationProvider.php14
-rw-r--r--Core/Authentication/Provider/RememberMeAuthenticationProvider.php16
-rw-r--r--Core/Authentication/Provider/UserAuthenticationProvider.php10
-rw-r--r--Core/Authentication/RememberMe/PersistentToken.php2
-rw-r--r--Core/Authentication/SimpleFormAuthenticatorInterface.php2
-rw-r--r--Core/Authentication/SimplePreAuthenticatorInterface.php2
-rw-r--r--Core/Authentication/Token/AnonymousToken.php34
-rw-r--r--Core/Authentication/Token/RememberMeToken.php38
-rw-r--r--Core/Authorization/AccessDecisionManager.php8
-rw-r--r--Core/Exception/AccessDeniedException.php2
-rw-r--r--Core/Resources/translations/security.bg.xlf71
-rw-r--r--Core/Resources/translations/security.da.xlf2
-rw-r--r--Core/Resources/translations/security.fr.xlf12
-rw-r--r--Core/Resources/translations/security.hr.xlf71
-rw-r--r--Core/Resources/translations/security.id.xlf71
-rw-r--r--Core/Resources/translations/security.ja.xlf71
-rw-r--r--Core/Resources/translations/security.lt.xlf71
-rw-r--r--Core/Resources/translations/security.no.xlf2
-rw-r--r--Core/Resources/translations/security.pt_BR.xlf8
-rw-r--r--Core/Resources/translations/security.pt_PT.xlf6
-rw-r--r--Core/Resources/translations/security.th.xlf71
-rw-r--r--Core/Resources/translations/security.vi.xlf71
-rw-r--r--Core/Resources/translations/security.zh_CN.xlf71
-rw-r--r--Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php6
-rw-r--r--Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php10
-rw-r--r--Core/Tests/Authentication/Token/AnonymousTokenTest.php2
-rw-r--r--Core/Tests/Authentication/Token/RememberMeTokenTest.php6
-rw-r--r--Core/Tests/LegacySecurityContextTest.php2
-rw-r--r--Core/Tests/Util/SecureRandomTest.php2
-rw-r--r--Core/User/ChainUserProvider.php12
-rw-r--r--Core/User/User.php2
-rw-r--r--Http/Authentication/SimpleFormAuthenticatorInterface.php21
-rw-r--r--Http/Authentication/SimplePreAuthenticatorInterface.php21
-rw-r--r--Http/Firewall/AbstractPreAuthenticatedListener.php8
-rw-r--r--Http/Firewall/BasicAuthenticationListener.php6
-rw-r--r--Http/Firewall/ContextListener.php12
-rw-r--r--Http/Firewall/DigestAuthenticationListener.php2
-rw-r--r--Http/Firewall/ExceptionListener.php8
-rw-r--r--Http/Firewall/RememberMeListener.php6
-rw-r--r--Http/Firewall/SwitchUserListener.php7
-rw-r--r--Http/RememberMe/AbstractRememberMeServices.php40
-rw-r--r--Http/RememberMe/PersistentTokenBasedRememberMeServices.php6
-rw-r--r--Http/RememberMe/RememberMeServicesInterface.php4
-rw-r--r--Http/RememberMe/TokenBasedRememberMeServices.php10
-rw-r--r--Http/Session/SessionAuthenticationStrategyInterface.php2
-rw-r--r--Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php15
-rw-r--r--Http/Tests/Firewall/SwitchUserListenerTest.php58
-rw-r--r--Http/Tests/RememberMe/AbstractRememberMeServicesTest.php8
-rw-r--r--Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php6
-rw-r--r--Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php4
-rw-r--r--Http/composer.json2
-rw-r--r--Tests/Core/LegacySecurityContextInterfaceTest.php2
54 files changed, 876 insertions, 167 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 052f883..f202692 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,16 @@
CHANGELOG
=========
+2.8.0
+-----
+
+ * deprecated `getKey()` of the `AnonymousToken`, `RememberMeToken` and `AbstractRememberMeServices` classes
+ in favor of `getSecret()`.
+ * deprecated `Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface`, use
+ `Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface` instead
+ * deprecated `Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface`, use
+ `Symfony\Component\Security\Http\Authentication\SimpleFormAuthenticatorInterface` instead
+
2.7.0
-----
@@ -19,6 +29,7 @@ CHANGELOG
2.4.0
-----
+ * Translations in the `src/Symfony/Component/Security/Resources/translations/` directory are deprecated, ones in `src/Symfony/Component/Security/Core/Resources/translations/` must be used instead.
* The switch user listener now preserves the query string when switching a user
* The remember-me cookie hashes now use HMAC, which means that current cookies will be invalidated
* added simpler customization options
diff --git a/Core/Authentication/Provider/AnonymousAuthenticationProvider.php b/Core/Authentication/Provider/AnonymousAuthenticationProvider.php
index 7fbbf85..ff3d15f 100644
--- a/Core/Authentication/Provider/AnonymousAuthenticationProvider.php
+++ b/Core/Authentication/Provider/AnonymousAuthenticationProvider.php
@@ -22,16 +22,22 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
*/
class AnonymousAuthenticationProvider implements AuthenticationProviderInterface
{
- private $key;
+ /**
+ * Used to determine if the token is created by the application
+ * instead of a malicious client.
+ *
+ * @var string
+ */
+ private $secret;
/**
* Constructor.
*
- * @param string $key The key shared with the authentication token
+ * @param string $secret The secret shared with the AnonymousToken
*/
- public function __construct($key)
+ public function __construct($secret)
{
- $this->key = $key;
+ $this->secret = $secret;
}
/**
@@ -43,7 +49,7 @@ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface
return;
}
- if ($this->key !== $token->getKey()) {
+ if ($this->secret !== $token->getSecret()) {
throw new BadCredentialsException('The Token does not contain the expected key.');
}
diff --git a/Core/Authentication/Provider/DaoAuthenticationProvider.php b/Core/Authentication/Provider/DaoAuthenticationProvider.php
index b7b4917..90cba25 100644
--- a/Core/Authentication/Provider/DaoAuthenticationProvider.php
+++ b/Core/Authentication/Provider/DaoAuthenticationProvider.php
@@ -87,13 +87,13 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
}
return $user;
- } catch (UsernameNotFoundException $notFound) {
- $notFound->setUsername($username);
- throw $notFound;
- } catch (\Exception $repositoryProblem) {
- $ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
- $ex->setToken($token);
- throw $ex;
+ } catch (UsernameNotFoundException $e) {
+ $e->setUsername($username);
+ throw $e;
+ } catch (\Exception $e) {
+ $e = new AuthenticationServiceException($e->getMessage(), 0, $e);
+ $e->setToken($token);
+ throw $e;
}
}
}
diff --git a/Core/Authentication/Provider/RememberMeAuthenticationProvider.php b/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
index 82be1d1..f0a74eb 100644
--- a/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
+++ b/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
@@ -19,20 +19,20 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException;
class RememberMeAuthenticationProvider implements AuthenticationProviderInterface
{
private $userChecker;
- private $key;
+ private $secret;
private $providerKey;
/**
* Constructor.
*
* @param UserCheckerInterface $userChecker An UserCheckerInterface interface
- * @param string $key A key
- * @param string $providerKey A provider key
+ * @param string $secret A secret
+ * @param string $providerKey A provider secret
*/
- public function __construct(UserCheckerInterface $userChecker, $key, $providerKey)
+ public function __construct(UserCheckerInterface $userChecker, $secret, $providerKey)
{
$this->userChecker = $userChecker;
- $this->key = $key;
+ $this->secret = $secret;
$this->providerKey = $providerKey;
}
@@ -45,14 +45,14 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
return;
}
- if ($this->key !== $token->getKey()) {
- throw new BadCredentialsException('The presented key does not match.');
+ if ($this->secret !== $token->getSecret()) {
+ throw new BadCredentialsException('The presented secret does not match.');
}
$user = $token->getUser();
$this->userChecker->checkPreAuth($user);
- $authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->key);
+ $authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->secret);
$authenticatedToken->setAttributes($token->getAttributes());
return $authenticatedToken;
diff --git a/Core/Authentication/Provider/UserAuthenticationProvider.php b/Core/Authentication/Provider/UserAuthenticationProvider.php
index 55ebed4..2674088 100644
--- a/Core/Authentication/Provider/UserAuthenticationProvider.php
+++ b/Core/Authentication/Provider/UserAuthenticationProvider.php
@@ -62,19 +62,19 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
}
$username = $token->getUsername();
- if (empty($username)) {
+ if ('' === $username || null === $username) {
$username = 'NONE_PROVIDED';
}
try {
$user = $this->retrieveUser($username, $token);
- } catch (UsernameNotFoundException $notFound) {
+ } catch (UsernameNotFoundException $e) {
if ($this->hideUserNotFoundExceptions) {
- throw new BadCredentialsException('Bad credentials.', 0, $notFound);
+ throw new BadCredentialsException('Bad credentials.', 0, $e);
}
- $notFound->setUsername($username);
+ $e->setUsername($username);
- throw $notFound;
+ throw $e;
}
if (!$user instanceof UserInterface) {
diff --git a/Core/Authentication/RememberMe/PersistentToken.php b/Core/Authentication/RememberMe/PersistentToken.php
index 92fcb4f..d85572d 100644
--- a/Core/Authentication/RememberMe/PersistentToken.php
+++ b/Core/Authentication/RememberMe/PersistentToken.php
@@ -40,7 +40,7 @@ final class PersistentToken implements PersistentTokenInterface
if (empty($class)) {
throw new \InvalidArgumentException('$class must not be empty.');
}
- if (empty($username)) {
+ if ('' === $username || null === $username) {
throw new \InvalidArgumentException('$username must not be empty.');
}
if (empty($series)) {
diff --git a/Core/Authentication/SimpleFormAuthenticatorInterface.php b/Core/Authentication/SimpleFormAuthenticatorInterface.php
index 95ee881..ae2b58b 100644
--- a/Core/Authentication/SimpleFormAuthenticatorInterface.php
+++ b/Core/Authentication/SimpleFormAuthenticatorInterface.php
@@ -14,6 +14,8 @@ namespace Symfony\Component\Security\Core\Authentication;
use Symfony\Component\HttpFoundation\Request;
/**
+ * @deprecated Deprecated since version 2.8, to be removed in 3.0. Use the same interface from Security\Http\Authentication instead.
+ *
* @author Jordi Boggiano <j.boggiano@seld.be>
*/
interface SimpleFormAuthenticatorInterface extends SimpleAuthenticatorInterface
diff --git a/Core/Authentication/SimplePreAuthenticatorInterface.php b/Core/Authentication/SimplePreAuthenticatorInterface.php
index 6164e7d..c01f064 100644
--- a/Core/Authentication/SimplePreAuthenticatorInterface.php
+++ b/Core/Authentication/SimplePreAuthenticatorInterface.php
@@ -14,6 +14,8 @@ namespace Symfony\Component\Security\Core\Authentication;
use Symfony\Component\HttpFoundation\Request;
/**
+ * @deprecated Since version 2.8, to be removed in 3.0. Use the same interface from Security\Http\Authentication instead.
+ *
* @author Jordi Boggiano <j.boggiano@seld.be>
*/
interface SimplePreAuthenticatorInterface extends SimpleAuthenticatorInterface
diff --git a/Core/Authentication/Token/AnonymousToken.php b/Core/Authentication/Token/AnonymousToken.php
index 571816c..22fc611 100644
--- a/Core/Authentication/Token/AnonymousToken.php
+++ b/Core/Authentication/Token/AnonymousToken.php
@@ -20,20 +20,20 @@ use Symfony\Component\Security\Core\Role\RoleInterface;
*/
class AnonymousToken extends AbstractToken
{
- private $key;
+ private $secret;
/**
* Constructor.
*
- * @param string $key The key shared with the authentication provider
- * @param string $user The user
- * @param RoleInterface[] $roles An array of roles
+ * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
+ * @param string $user The user
+ * @param RoleInterface[] $roles An array of roles
*/
- public function __construct($key, $user, array $roles = array())
+ public function __construct($secret, $user, array $roles = array())
{
parent::__construct($roles);
- $this->key = $key;
+ $this->secret = $secret;
$this->setUser($user);
$this->setAuthenticated(true);
}
@@ -47,13 +47,23 @@ class AnonymousToken extends AbstractToken
}
/**
- * Returns the key.
- *
- * @return string The Key
+ * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead.
*/
public function getKey()
{
- return $this->key;
+ @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED);
+
+ return $this->getSecret();
+ }
+
+ /**
+ * Returns the secret.
+ *
+ * @return string
+ */
+ public function getSecret()
+ {
+ return $this->secret;
}
/**
@@ -61,7 +71,7 @@ class AnonymousToken extends AbstractToken
*/
public function serialize()
{
- return serialize(array($this->key, parent::serialize()));
+ return serialize(array($this->secret, parent::serialize()));
}
/**
@@ -69,7 +79,7 @@ class AnonymousToken extends AbstractToken
*/
public function unserialize($serialized)
{
- list($this->key, $parentStr) = unserialize($serialized);
+ list($this->secret, $parentStr) = unserialize($serialized);
parent::unserialize($parentStr);
}
}
diff --git a/Core/Authentication/Token/RememberMeToken.php b/Core/Authentication/Token/RememberMeToken.php
index 609fdad..60e36f2 100644
--- a/Core/Authentication/Token/RememberMeToken.php
+++ b/Core/Authentication/Token/RememberMeToken.php
@@ -20,7 +20,7 @@ use Symfony\Component\Security\Core\User\UserInterface;
*/
class RememberMeToken extends AbstractToken
{
- private $key;
+ private $secret;
private $providerKey;
/**
@@ -28,16 +28,16 @@ class RememberMeToken extends AbstractToken
*
* @param UserInterface $user
* @param string $providerKey
- * @param string $key
+ * @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
*
* @throws \InvalidArgumentException
*/
- public function __construct(UserInterface $user, $providerKey, $key)
+ public function __construct(UserInterface $user, $providerKey, $secret)
{
parent::__construct($user->getRoles());
- if (empty($key)) {
- throw new \InvalidArgumentException('$key must not be empty.');
+ if (empty($secret)) {
+ throw new \InvalidArgumentException('$secret must not be empty.');
}
if (empty($providerKey)) {
@@ -45,7 +45,7 @@ class RememberMeToken extends AbstractToken
}
$this->providerKey = $providerKey;
- $this->key = $key;
+ $this->secret = $secret;
$this->setUser($user);
parent::setAuthenticated(true);
@@ -64,9 +64,9 @@ class RememberMeToken extends AbstractToken
}
/**
- * Returns the provider key.
+ * Returns the provider secret.
*
- * @return string The provider key
+ * @return string The provider secret
*/
public function getProviderKey()
{
@@ -74,13 +74,23 @@ class RememberMeToken extends AbstractToken
}
/**
- * Returns the key.
- *
- * @return string The Key
+ * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead.
*/
public function getKey()
{
- return $this->key;
+ @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED);
+
+ return $this->getSecret();
+ }
+
+ /**
+ * Returns the secret.
+ *
+ * @return string
+ */
+ public function getSecret()
+ {
+ return $this->secret;
}
/**
@@ -97,7 +107,7 @@ class RememberMeToken extends AbstractToken
public function serialize()
{
return serialize(array(
- $this->key,
+ $this->secret,
$this->providerKey,
parent::serialize(),
));
@@ -108,7 +118,7 @@ class RememberMeToken extends AbstractToken
*/
public function unserialize($serialized)
{
- list($this->key, $this->providerKey, $parentStr) = unserialize($serialized);
+ list($this->secret, $this->providerKey, $parentStr) = unserialize($serialized);
parent::unserialize($parentStr);
}
}
diff --git a/Core/Authorization/AccessDecisionManager.php b/Core/Authorization/AccessDecisionManager.php
index 61debe3..e021cc7 100644
--- a/Core/Authorization/AccessDecisionManager.php
+++ b/Core/Authorization/AccessDecisionManager.php
@@ -150,7 +150,6 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
{
$grant = 0;
$deny = 0;
- $abstain = 0;
foreach ($this->voters as $voter) {
$result = $voter->vote($token, $object, $attributes);
@@ -164,11 +163,6 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
++$deny;
break;
-
- default:
- ++$abstain;
-
- break;
}
}
@@ -180,7 +174,7 @@ class AccessDecisionManager implements AccessDecisionManagerInterface
return false;
}
- if ($grant == $deny && $grant != 0) {
+ if ($grant > 0) {
return $this->allowIfEqualGrantedDeniedDecisions;
}
diff --git a/Core/Exception/AccessDeniedException.php b/Core/Exception/AccessDeniedException.php
index 7c16afb..736a36b 100644
--- a/Core/Exception/AccessDeniedException.php
+++ b/Core/Exception/AccessDeniedException.php
@@ -18,7 +18,7 @@ namespace Symfony\Component\Security\Core\Exception;
*/
class AccessDeniedException extends \RuntimeException
{
- public function __construct($message = 'Access Denied', \Exception $previous = null)
+ public function __construct($message = 'Access Denied.', \Exception $previous = null)
{
parent::__construct($message, 403, $previous);
}
diff --git a/Core/Resources/translations/security.bg.xlf b/Core/Resources/translations/security.bg.xlf
new file mode 100644
index 0000000..06692ea
--- /dev/null
+++ b/Core/Resources/translations/security.bg.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>Грешка при автентикация.</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>Удостоверението за автентикация не е открито.</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>Заявката за автентикация не може да бъде обработената поради системна грешка.</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>Невалидно удостоверение за автентикация.</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Това cookie вече се ползва от някой друг.</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>Нямате права за достъп до този ресурс.</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>Невалиден CSRF токен.</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Digest nonce е изтекъл.</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>Не е открит провайдър, който да поддържа този токен за автентикация.</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Сесията не е достъпна, или времето за достъп е изтекло, или кукитата не са разрешени.</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>Токена не е открит.</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>Потребителското име не е открито.</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>Акаунта е изтекъл.</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>Удостоверението за автентикация е изтекло.</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>Акаунта е деактивиран.</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>Акаунта е заключен.</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.da.xlf b/Core/Resources/translations/security.da.xlf
index 9c7b886..2ac4150 100644
--- a/Core/Resources/translations/security.da.xlf
+++ b/Core/Resources/translations/security.da.xlf
@@ -1,6 +1,6 @@
<?xml version="1.0"?>
<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
- <file source-language="no" datatype="plaintext" original="file.ext">
+ <file source-language="en" datatype="plaintext" original="file.ext">
<body>
<trans-unit id="1">
<source>An authentication exception occurred.</source>
diff --git a/Core/Resources/translations/security.fr.xlf b/Core/Resources/translations/security.fr.xlf
index f3965d3..5a77c6e 100644
--- a/Core/Resources/translations/security.fr.xlf
+++ b/Core/Resources/translations/security.fr.xlf
@@ -8,7 +8,7 @@
</trans-unit>
<trans-unit id="2">
<source>Authentication credentials could not be found.</source>
- <target>Les droits d'authentification n'ont pas pu être trouvés.</target>
+ <target>Les identifiants d'authentification n'ont pas pu être trouvés.</target>
</trans-unit>
<trans-unit id="3">
<source>Authentication request could not be processed due to a system problem.</source>
@@ -16,7 +16,7 @@
</trans-unit>
<trans-unit id="4">
<source>Invalid credentials.</source>
- <target>Droits invalides.</target>
+ <target>Identifiants invalides.</target>
</trans-unit>
<trans-unit id="5">
<source>Cookie has already been used by someone else.</source>
@@ -24,7 +24,7 @@
</trans-unit>
<trans-unit id="6">
<source>Not privileged to request the resource.</source>
- <target>Pas de privilèges pour accéder à la ressource.</target>
+ <target>Privilèges insuffisants pour accéder à la ressource.</target>
</trans-unit>
<trans-unit id="7">
<source>Invalid CSRF token.</source>
@@ -40,7 +40,7 @@
</trans-unit>
<trans-unit id="10">
<source>No session available, it either timed out or cookies are not enabled.</source>
- <target>Pas de session disponible, celle-ci a expiré ou les cookies ne sont pas activés.</target>
+ <target>Aucune session disponible, celle-ci a expiré ou les cookies ne sont pas activés.</target>
</trans-unit>
<trans-unit id="11">
<source>No token could be found.</source>
@@ -48,7 +48,7 @@
</trans-unit>
<trans-unit id="12">
<source>Username could not be found.</source>
- <target>Le nom d'utilisateur ne peut pas être trouvé.</target>
+ <target>Le nom d'utilisateur n'a pas pu être trouvé.</target>
</trans-unit>
<trans-unit id="13">
<source>Account has expired.</source>
@@ -56,7 +56,7 @@
</trans-unit>
<trans-unit id="14">
<source>Credentials have expired.</source>
- <target>Les droits ont expirés.</target>
+ <target>Les identifiants ont expiré.</target>
</trans-unit>
<trans-unit id="15">
<source>Account is disabled.</source>
diff --git a/Core/Resources/translations/security.hr.xlf b/Core/Resources/translations/security.hr.xlf
new file mode 100644
index 0000000..147b6e3
--- /dev/null
+++ b/Core/Resources/translations/security.hr.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>Dogodila se autentifikacijske iznimka.</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>Autentifikacijski podaci nisu pronađeni.</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>Autentifikacijski zahtjev nije moguće provesti uslijed sistemskog problema.</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>Neispravni akreditacijski podaci.</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie je već netko drugi iskoristio.</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>Nemate privilegije zahtijevati resurs.</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>Neispravan CSRF token.</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Digest nonce je isteko.</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>Nije pronađen autentifikacijski provider koji bi podržao autentifikacijski token.</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Sesija nije dostupna, ili je istekla ili cookies nisu omogućeni.</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>Token nije pronađen.</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>Korisničko ime nije pronađeno.</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>Račun je isteko.</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>Akreditacijski podaci su istekli.</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>Račun je onemogućen.</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>Račun je zaključan.</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.id.xlf b/Core/Resources/translations/security.id.xlf
new file mode 100644
index 0000000..ab1153b
--- /dev/null
+++ b/Core/Resources/translations/security.id.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>Terjadi sebuah pengecualian otentikasi.</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>Kredensial otentikasi tidak bisa ditemukan.</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>Permintaan otentikasi tidak bisa diproses karena masalah sistem.</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>Kredensial salah.</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie sudah digunakan oleh orang lain.</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>Tidak berhak untuk meminta sumber daya.</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>Token CSRF salah.</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Digest nonce telah berakhir.</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>Tidak ditemukan penyedia otentikasi untuk mendukung token otentikasi.</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Tidak ada sesi yang tersedia, mungkin waktu sudah habis atau cookie tidak diaktifkan</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>Tidak ada token yang bisa ditemukan.</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>Username tidak bisa ditemukan.</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>Akun telah berakhir.</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>Kredensial telah berakhir.</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>Akun dinonaktifkan.</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>Akun terkunci.</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.ja.xlf b/Core/Resources/translations/security.ja.xlf
new file mode 100644
index 0000000..6a6b062
--- /dev/null
+++ b/Core/Resources/translations/security.ja.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>認証エラーが発生しました。</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>認証資格がありません。</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>システムの問題により認証要求を処理できませんでした。</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>資格が無効です。</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie が別のユーザーで使用されています。</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>リソースをリクエストする権限がありません。</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>CSRF トークンが無効です。</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Digest の nonce 値が期限切れです。</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>認証トークンをサポートする認証プロバイダーが見つかりません。</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>利用可能なセッションがありません。タイムアウトしたか、Cookie が無効になっています。</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>トークンが見つかりません。</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>ユーザー名が見つかりません。</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>アカウントが有効期限切れです。</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>資格が有効期限切れです。</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>アカウントが無効です。</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>アカウントはロックされています。</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.lt.xlf b/Core/Resources/translations/security.lt.xlf
new file mode 100644
index 0000000..da6c332
--- /dev/null
+++ b/Core/Resources/translations/security.lt.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>Įvyko autentifikacijos klaida.</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>Nepavyko rasti autentifikacijos duomneų.</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>Autentifikacijos užklausos nepavyko įvykdyti dėl sistemos klaidų.</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>Klaidingi duomenys.</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Slapukas buvo panaudotas kažkam kitam.</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>Neturite teisių pasiektį resursą.</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>Neteisingas CSRF raktas.</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Prieigos kodas yra pasibaigęs.</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>Nerastas autentifikacijos tiekėjas, kuris palaikytų autentifikacijos raktą.</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Sesija yra nepasiekiama, pasibaigė galiojimo laikas arba slapukai yra išjungti.</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>Nepavyko rasti rakto.</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>Tokio naudotojo vardo nepavyko rasti.</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>Paskyros galiojimo laikas baigėsi.</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>Autentifikacijos duomenų galiojimo laikas baigėsi.</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>Paskyra yra išjungta.</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>Paskyra yra užblokuota.</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.no.xlf b/Core/Resources/translations/security.no.xlf
index 3857ab4..3369d43 100644
--- a/Core/Resources/translations/security.no.xlf
+++ b/Core/Resources/translations/security.no.xlf
@@ -1,6 +1,6 @@
<?xml version="1.0"?>
<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
- <file source-language="no" datatype="plaintext" original="file.ext">
+ <file source-language="en" datatype="plaintext" original="file.ext">
<body>
<trans-unit id="1">
<source>An authentication exception occurred.</source>
diff --git a/Core/Resources/translations/security.pt_BR.xlf b/Core/Resources/translations/security.pt_BR.xlf
index 846fd49..61685d9 100644
--- a/Core/Resources/translations/security.pt_BR.xlf
+++ b/Core/Resources/translations/security.pt_BR.xlf
@@ -20,7 +20,7 @@
</trans-unit>
<trans-unit id="5">
<source>Cookie has already been used by someone else.</source>
- <target>Este cookie já esta em uso.</target>
+ <target>Este cookie já está em uso.</target>
</trans-unit>
<trans-unit id="6">
<source>Not privileged to request the resource.</source>
@@ -40,7 +40,7 @@
</trans-unit>
<trans-unit id="10">
<source>No session available, it either timed out or cookies are not enabled.</source>
- <target>Nenhuma sessão disponível, ela expirou ou cookies estão desativados.</target>
+ <target>Nenhuma sessão disponível, ela expirou ou os cookies estão desativados.</target>
</trans-unit>
<trans-unit id="11">
<source>No token could be found.</source>
@@ -52,7 +52,7 @@
</trans-unit>
<trans-unit id="13">
<source>Account has expired.</source>
- <target>A conta esta expirada.</target>
+ <target>A conta está expirada.</target>
</trans-unit>
<trans-unit id="14">
<source>Credentials have expired.</source>
@@ -64,7 +64,7 @@
</trans-unit>
<trans-unit id="16">
<source>Account is locked.</source>
- <target>A conta esta travada.</target>
+ <target>A conta está travada.</target>
</trans-unit>
</body>
</file>
diff --git a/Core/Resources/translations/security.pt_PT.xlf b/Core/Resources/translations/security.pt_PT.xlf
index e661000..f2af13e 100644
--- a/Core/Resources/translations/security.pt_PT.xlf
+++ b/Core/Resources/translations/security.pt_PT.xlf
@@ -4,7 +4,7 @@
<body>
<trans-unit id="1">
<source>An authentication exception occurred.</source>
- <target>Ocorreu um excepção durante a autenticação.</target>
+ <target>Ocorreu uma excepção durante a autenticação.</target>
</trans-unit>
<trans-unit id="2">
<source>Authentication credentials could not be found.</source>
@@ -20,7 +20,7 @@
</trans-unit>
<trans-unit id="5">
<source>Cookie has already been used by someone else.</source>
- <target>Este cookie já esta em uso.</target>
+ <target>Este cookie já está em uso.</target>
</trans-unit>
<trans-unit id="6">
<source>Not privileged to request the resource.</source>
@@ -64,7 +64,7 @@
</trans-unit>
<trans-unit id="16">
<source>Account is locked.</source>
- <target>A conta esta trancada.</target>
+ <target>A conta está trancada.</target>
</trans-unit>
</body>
</file>
diff --git a/Core/Resources/translations/security.th.xlf b/Core/Resources/translations/security.th.xlf
new file mode 100644
index 0000000..a8cb8d5
--- /dev/null
+++ b/Core/Resources/translations/security.th.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>พบความผิดพลาดในการรับรองตัวตน</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>ไม่พบข้อมูลในการรับรองตัวตน (credentials) </target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>คำร้องในการรับรองตัวตนไม่สามารถดำเนินการได้ เนื่องมาจากปัญหาของระบบ</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>ข้อมูลการรับรองตัวตนไม่ถูกต้อง</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie ถูกใช้งานไปแล้วด้วยผู้อื่น</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>ไม่ได้รับสิทธิ์ให้ใช้งานส่วนนี้ได้</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>CSRF token ไม่ถูกต้อง</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Digest nonce หมดอายุ</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>ไม่พบ authentication provider ที่รองรับสำหรับ authentication token</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>ไม่มี session ที่พร้อมใช้งาน, Session หมดอายุไปแล้วหรือ cookies ไม่ถูกเปิดใช้งาน</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>ไม่พบ token</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>ไม่พบ Username</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>บัญชีหมดอายุไปแล้ว</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>ข้อมูลการระบุตัวตนหมดอายุแล้ว</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>บัญชีถูกระงับแล้ว</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>บัญชีถูกล็อกแล้ว</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.vi.xlf b/Core/Resources/translations/security.vi.xlf
new file mode 100644
index 0000000..b85a439
--- /dev/null
+++ b/Core/Resources/translations/security.vi.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>Có lỗi trong quá trình xác thực.</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>Thông tin dùng để xác thực không tìm thấy.</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>Yêu cầu xác thực không thể thực hiện do lỗi của hệ thống.</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>Thông tin dùng để xác thực không hợp lệ.</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie đã được dùng bởi người dùng khác.</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>Không được phép yêu cầu tài nguyên.</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>Mã CSRF không hợp lệ.</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>Mã dùng một lần đã hết hạn.</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>Không tìm thấy nhà cung cấp dịch vụ xác thực nào cho mã xác thực mà bạn sử dụng.</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Không tìm thấy phiên làm việc. Phiên làm việc hoặc cookie có thể bị tắt.</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>Không tìm thấy mã token.</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>Không tìm thấy tên người dùng username.</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>Tài khoản đã hết hạn.</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>Thông tin xác thực đã hết hạn.</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>Tài khoản bị tạm ngừng.</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>Tài khoản bị khóa.</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Resources/translations/security.zh_CN.xlf b/Core/Resources/translations/security.zh_CN.xlf
new file mode 100644
index 0000000..2d6affe
--- /dev/null
+++ b/Core/Resources/translations/security.zh_CN.xlf
@@ -0,0 +1,71 @@
+<?xml version="1.0"?>
+<xliff version="1.2" xmlns="urn:oasis:names:tc:xliff:document:1.2">
+ <file source-language="en" datatype="plaintext" original="file.ext">
+ <body>
+ <trans-unit id="1">
+ <source>An authentication exception occurred.</source>
+ <target>身份验证发生异常。</target>
+ </trans-unit>
+ <trans-unit id="2">
+ <source>Authentication credentials could not be found.</source>
+ <target>没有找到身份验证的凭证。</target>
+ </trans-unit>
+ <trans-unit id="3">
+ <source>Authentication request could not be processed due to a system problem.</source>
+ <target>由于系统故障,身份验证的请求无法被处理。</target>
+ </trans-unit>
+ <trans-unit id="4">
+ <source>Invalid credentials.</source>
+ <target>无效的凭证。</target>
+ </trans-unit>
+ <trans-unit id="5">
+ <source>Cookie has already been used by someone else.</source>
+ <target>Cookie 已经被其他人使用。</target>
+ </trans-unit>
+ <trans-unit id="6">
+ <source>Not privileged to request the resource.</source>
+ <target>没有权限请求此资源。</target>
+ </trans-unit>
+ <trans-unit id="7">
+ <source>Invalid CSRF token.</source>
+ <target>无效的 CSRF token 。</target>
+ </trans-unit>
+ <trans-unit id="8">
+ <source>Digest nonce has expired.</source>
+ <target>摘要随机串(digest nonce)已过期。</target>
+ </trans-unit>
+ <trans-unit id="9">
+ <source>No authentication provider found to support the authentication token.</source>
+ <target>没有找到支持此 token 的身份验证服务提供方。</target>
+ </trans-unit>
+ <trans-unit id="10">
+ <source>No session available, it either timed out or cookies are not enabled.</source>
+ <target>Session 不可用。会话超时或没有启用 cookies 。</target>
+ </trans-unit>
+ <trans-unit id="11">
+ <source>No token could be found.</source>
+ <target>找不到 token 。</target>
+ </trans-unit>
+ <trans-unit id="12">
+ <source>Username could not be found.</source>
+ <target>找不到用户名。</target>
+ </trans-unit>
+ <trans-unit id="13">
+ <source>Account has expired.</source>
+ <target>帐号已过期。</target>
+ </trans-unit>
+ <trans-unit id="14">
+ <source>Credentials have expired.</source>
+ <target>凭证已过期。</target>
+ </trans-unit>
+ <trans-unit id="15">
+ <source>Account is disabled.</source>
+ <target>帐号已被禁用。</target>
+ </trans-unit>
+ <trans-unit id="16">
+ <source>Account is locked.</source>
+ <target>帐号已被锁定。</target>
+ </trans-unit>
+ </body>
+ </file>
+</xliff>
diff --git a/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php b/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php
index 5a189b0..5b71747 100644
--- a/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php
+++ b/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php
@@ -37,7 +37,7 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
{
$provider = $this->getProvider('foo');
- $this->assertNull($provider->authenticate($this->getSupportedToken('bar')));
+ $provider->authenticate($this->getSupportedToken('bar'));
}
public function testAuthenticate()
@@ -50,9 +50,9 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
protected function getSupportedToken($key)
{
- $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getKey'), array(), '', false);
+ $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getSecret'), array(), '', false);
$token->expects($this->any())
- ->method('getKey')
+ ->method('getSecret')
->will($this->returnValue($key))
;
diff --git a/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php b/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
index a6fff4b..735d195 100644
--- a/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
+++ b/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
@@ -36,10 +36,10 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
/**
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
*/
- public function testAuthenticateWhenKeysDoNotMatch()
+ public function testAuthenticateWhenSecretsDoNotMatch()
{
- $provider = $this->getProvider(null, 'key1');
- $token = $this->getSupportedToken(null, 'key2');
+ $provider = $this->getProvider(null, 'secret1');
+ $token = $this->getSupportedToken(null, 'secret2');
$provider->authenticate($token);
}
@@ -77,7 +77,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
$this->assertEquals('', $authToken->getCredentials());
}
- protected function getSupportedToken($user = null, $key = 'test')
+ protected function getSupportedToken($user = null, $secret = 'test')
{
if (null === $user) {
$user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
@@ -87,7 +87,7 @@ class RememberMeAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
->will($this->returnValue(array()));
}
- $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', array('getProviderKey'), array($user, 'foo', $key));
+ $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', array('getProviderKey'), array($user, 'foo', $secret));
$token
->expects($this->once())
->method('getProviderKey')
diff --git a/Core/Tests/Authentication/Token/AnonymousTokenTest.php b/Core/Tests/Authentication/Token/AnonymousTokenTest.php
index b5cf006..cac2039 100644
--- a/Core/Tests/Authentication/Token/AnonymousTokenTest.php
+++ b/Core/Tests/Authentication/Token/AnonymousTokenTest.php
@@ -28,7 +28,7 @@ class AnonymousTokenTest extends \PHPUnit_Framework_TestCase
public function testGetKey()
{
$token = new AnonymousToken('foo', 'bar');
- $this->assertEquals('foo', $token->getKey());
+ $this->assertEquals('foo', $token->getSecret());
}
public function testGetCredentials()
diff --git a/Core/Tests/Authentication/Token/RememberMeTokenTest.php b/Core/Tests/Authentication/Token/RememberMeTokenTest.php
index 7449204..b83de4a 100644
--- a/Core/Tests/Authentication/Token/RememberMeTokenTest.php
+++ b/Core/Tests/Authentication/Token/RememberMeTokenTest.php
@@ -22,7 +22,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase
$token = new RememberMeToken($user, 'fookey', 'foo');
$this->assertEquals('fookey', $token->getProviderKey());
- $this->assertEquals('foo', $token->getKey());
+ $this->assertEquals('foo', $token->getSecret());
$this->assertEquals(array(new Role('ROLE_FOO')), $token->getRoles());
$this->assertSame($user, $token->getUser());
$this->assertTrue($token->isAuthenticated());
@@ -31,7 +31,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase
/**
* @expectedException \InvalidArgumentException
*/
- public function testConstructorKeyCannotBeNull()
+ public function testConstructorSecretCannotBeNull()
{
new RememberMeToken(
$this->getUser(),
@@ -43,7 +43,7 @@ class RememberMeTokenTest extends \PHPUnit_Framework_TestCase
/**
* @expectedException \InvalidArgumentException
*/
- public function testConstructorKeyCannotBeEmptyString()
+ public function testConstructorSecretCannotBeEmptyString()
{
new RememberMeToken(
$this->getUser(),
diff --git a/Core/Tests/LegacySecurityContextTest.php b/Core/Tests/LegacySecurityContextTest.php
index f1f7861..c5da22d 100644
--- a/Core/Tests/LegacySecurityContextTest.php
+++ b/Core/Tests/LegacySecurityContextTest.php
@@ -26,8 +26,6 @@ class LegacySecurityContextTest extends \PHPUnit_Framework_TestCase
protected function setUp()
{
- $this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED);
-
$this->tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface');
$this->authorizationChecker = $this->getMock('Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface');
$this->securityContext = new SecurityContext($this->tokenStorage, $this->authorizationChecker);
diff --git a/Core/Tests/Util/SecureRandomTest.php b/Core/Tests/Util/SecureRandomTest.php
index 666af30..2e94cc1 100644
--- a/Core/Tests/Util/SecureRandomTest.php
+++ b/Core/Tests/Util/SecureRandomTest.php
@@ -138,7 +138,7 @@ class SecureRandomTest extends \PHPUnit_Framework_TestCase
*/
public function testSerialCorrelation($secureRandom)
{
- $shift = rand(1, 5000);
+ $shift = mt_rand(1, 5000);
$b = $this->getBitSequence($secureRandom, 20000);
$Z = 0;
diff --git a/Core/User/ChainUserProvider.php b/Core/User/ChainUserProvider.php
index 6e14a4f..8604ddc 100644
--- a/Core/User/ChainUserProvider.php
+++ b/Core/User/ChainUserProvider.php
@@ -47,7 +47,7 @@ class ChainUserProvider implements UserProviderInterface
foreach ($this->providers as $provider) {
try {
return $provider->loadUserByUsername($username);
- } catch (UsernameNotFoundException $notFound) {
+ } catch (UsernameNotFoundException $e) {
// try next one
}
}
@@ -67,18 +67,18 @@ class ChainUserProvider implements UserProviderInterface
foreach ($this->providers as $provider) {
try {
return $provider->refreshUser($user);
- } catch (UnsupportedUserException $unsupported) {
+ } catch (UnsupportedUserException $e) {
// try next one
- } catch (UsernameNotFoundException $notFound) {
+ } catch (UsernameNotFoundException $e) {
$supportedUserFound = true;
// try next one
}
}
if ($supportedUserFound) {
- $ex = new UsernameNotFoundException(sprintf('There is no user with name "%s".', $user->getUsername()));
- $ex->setUsername($user->getUsername());
- throw $ex;
+ $e = new UsernameNotFoundException(sprintf('There is no user with name "%s".', $user->getUsername()));
+ $e->setUsername($user->getUsername());
+ throw $e;
} else {
throw new UnsupportedUserException(sprintf('The account "%s" is not supported.', get_class($user)));
}
diff --git a/Core/User/User.php b/Core/User/User.php
index d458b72..bc81f7f 100644
--- a/Core/User/User.php
+++ b/Core/User/User.php
@@ -30,7 +30,7 @@ final class User implements AdvancedUserInterface
public function __construct($username, $password, array $roles = array(), $enabled = true, $userNonExpired = true, $credentialsNonExpired = true, $userNonLocked = true)
{
- if (empty($username)) {
+ if ('' === $username || null === $username) {
throw new \InvalidArgumentException('The username cannot be empty.');
}
diff --git a/Http/Authentication/SimpleFormAuthenticatorInterface.php b/Http/Authentication/SimpleFormAuthenticatorInterface.php
new file mode 100644
index 0000000..112688c
--- /dev/null
+++ b/Http/Authentication/SimpleFormAuthenticatorInterface.php
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface as BaseSimpleFormAuthenticatorInterface;
+
+/**
+ * @author Jordi Boggiano <j.boggiano@seld.be>
+ */
+interface SimpleFormAuthenticatorInterface extends BaseSimpleFormAuthenticatorInterface
+{
+}
diff --git a/Http/Authentication/SimplePreAuthenticatorInterface.php b/Http/Authentication/SimplePreAuthenticatorInterface.php
new file mode 100644
index 0000000..afa8049
--- /dev/null
+++ b/Http/Authentication/SimplePreAuthenticatorInterface.php
@@ -0,0 +1,21 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface as BaseSimplePreAuthenticatorInterface;
+
+/**
+ * @author Jordi Boggiano <j.boggiano@seld.be>
+ */
+interface SimplePreAuthenticatorInterface extends BaseSimplePreAuthenticatorInterface
+{
+}
diff --git a/Http/Firewall/AbstractPreAuthenticatedListener.php b/Http/Firewall/AbstractPreAuthenticatedListener.php
index 5ed8aa7..b793310 100644
--- a/Http/Firewall/AbstractPreAuthenticatedListener.php
+++ b/Http/Firewall/AbstractPreAuthenticatedListener.php
@@ -58,8 +58,8 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface
try {
list($user, $credentials) = $this->getPreAuthenticatedData($request);
- } catch (BadCredentialsException $exception) {
- $this->clearToken($exception);
+ } catch (BadCredentialsException $e) {
+ $this->clearToken($e);
return;
}
@@ -90,8 +90,8 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface
$loginEvent = new InteractiveLoginEvent($request, $token);
$this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent);
}
- } catch (AuthenticationException $failed) {
- $this->clearToken($failed);
+ } catch (AuthenticationException $e) {
+ $this->clearToken($e);
}
}
diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php
index 11ae8f9..ebe96ea 100644
--- a/Http/Firewall/BasicAuthenticationListener.php
+++ b/Http/Firewall/BasicAuthenticationListener.php
@@ -73,21 +73,21 @@ class BasicAuthenticationListener implements ListenerInterface
try {
$token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey));
$this->tokenStorage->setToken($token);
- } catch (AuthenticationException $failed) {
+ } catch (AuthenticationException $e) {
$token = $this->tokenStorage->getToken();
if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) {
$this->tokenStorage->setToken(null);
}
if (null !== $this->logger) {
- $this->logger->info('Basic authentication failed for user.', array('username' => $username, 'exception' => $failed));
+ $this->logger->info('Basic authentication failed for user.', array('username' => $username, 'exception' => $e));
}
if ($this->ignoreFailure) {
return;
}
- $event->setResponse($this->authenticationEntryPoint->start($request, $failed));
+ $event->setResponse($this->authenticationEntryPoint->start($request, $e));
}
}
}
diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php
index 013586c..9ac37cd 100644
--- a/Http/Firewall/ContextListener.php
+++ b/Http/Firewall/ContextListener.php
@@ -101,7 +101,7 @@ class ContextListener implements ListenerInterface
}
/**
- * Writes the SecurityContext to the session.
+ * Writes the security token into the session.
*
* @param FilterResponseEvent $event A FilterResponseEvent instance
*/
@@ -121,10 +121,6 @@ class ContextListener implements ListenerInterface
$request = $event->getRequest();
$session = $request->getSession();
- if (null === $session) {
- return;
- }
-
if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) {
if ($request->hasPreviousSession()) {
$session->remove($this->sessionKey);
@@ -164,11 +160,11 @@ class ContextListener implements ListenerInterface
}
return $token;
- } catch (UnsupportedUserException $unsupported) {
+ } catch (UnsupportedUserException $e) {
// let's try the next user provider
- } catch (UsernameNotFoundException $notFound) {
+ } catch (UsernameNotFoundException $e) {
if (null !== $this->logger) {
- $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $notFound->getUsername(), 'provider' => get_class($provider)));
+ $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $e->getUsername(), 'provider' => get_class($provider)));
}
return;
diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php
index c5aaca3..9a6fbfe 100644
--- a/Http/Firewall/DigestAuthenticationListener.php
+++ b/Http/Firewall/DigestAuthenticationListener.php
@@ -93,7 +93,7 @@ class DigestAuthenticationListener implements ListenerInterface
}
$serverDigestMd5 = $digestAuth->calculateServerDigest($user->getPassword(), $request->getMethod());
- } catch (UsernameNotFoundException $notFound) {
+ } catch (UsernameNotFoundException $e) {
$this->fail($event, $request, new BadCredentialsException(sprintf('Username %s not found.', $digestAuth->getUsername())));
return;
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
index 6d1f27d..a1cae2a 100644
--- a/Http/Firewall/ExceptionListener.php
+++ b/Http/Firewall/ExceptionListener.php
@@ -47,8 +47,9 @@ class ExceptionListener
private $errorPage;
private $logger;
private $httpUtils;
+ private $stateless;
- public function __construct(TokenStorageInterface $tokenStorage, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null)
+ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null, $stateless = false)
{
$this->tokenStorage = $tokenStorage;
$this->accessDeniedHandler = $accessDeniedHandler;
@@ -58,6 +59,7 @@ class ExceptionListener
$this->authenticationTrustResolver = $trustResolver;
$this->errorPage = $errorPage;
$this->logger = $logger;
+ $this->stateless = $stateless;
}
/**
@@ -185,7 +187,9 @@ class ExceptionListener
$this->logger->debug('Calling Authentication entry point.');
}
- $this->setTargetPath($request);
+ if (!$this->stateless) {
+ $this->setTargetPath($request);
+ }
if ($authException instanceof AccountStatusException) {
// remove the security token to prevent infinite redirect loops
diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php
index e34627c..f5ec8c7 100644
--- a/Http/Firewall/RememberMeListener.php
+++ b/Http/Firewall/RememberMeListener.php
@@ -83,19 +83,19 @@ class RememberMeListener implements ListenerInterface
if (null !== $this->logger) {
$this->logger->debug('Populated the token storage with a remember-me token.');
}
- } catch (AuthenticationException $failed) {
+ } catch (AuthenticationException $e) {
if (null !== $this->logger) {
$this->logger->warning(
'The token storage was not populated with remember-me token as the'
.' AuthenticationManager rejected the AuthenticationToken returned'
- .' by the RememberMeServices.', array('exception' => $failed)
+ .' by the RememberMeServices.', array('exception' => $e)
);
}
$this->rememberMeServices->loginFail($request);
if (!$this->catchExceptions) {
- throw $failed;
+ throw $e;
}
}
}
diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php
index 5fc56e7..7c068fe 100644
--- a/Http/Firewall/SwitchUserListener.php
+++ b/Http/Firewall/SwitchUserListener.php
@@ -115,9 +115,9 @@ class SwitchUserListener implements ListenerInterface
if (false !== $originalToken) {
if ($token->getUsername() === $request->get($this->usernameParameter)) {
return $token;
- } else {
- throw new \LogicException(sprintf('You are already switched to "%s" user.', $token->getUsername()));
}
+
+ throw new \LogicException(sprintf('You are already switched to "%s" user.', $token->getUsername()));
}
if (false === $this->accessDecisionManager->decide($token, array($this->role))) {
@@ -162,7 +162,8 @@ class SwitchUserListener implements ListenerInterface
}
if (null !== $this->dispatcher) {
- $switchEvent = new SwitchUserEvent($request, $original->getUser());
+ $user = $this->provider->refreshUser($original->getUser());
+ $switchEvent = new SwitchUserEvent($request, $user);
$this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent);
}
diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php
index 5df82fa..16810bd 100644
--- a/Http/RememberMe/AbstractRememberMeServices.php
+++ b/Http/RememberMe/AbstractRememberMeServices.php
@@ -36,24 +36,24 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
protected $logger;
protected $options;
private $providerKey;
- private $key;
+ private $secret;
private $userProviders;
/**
* Constructor.
*
* @param array $userProviders
- * @param string $key
+ * @param string $secret
* @param string $providerKey
* @param array $options
* @param LoggerInterface $logger
*
* @throws \InvalidArgumentException
*/
- public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null)
+ public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null)
{
- if (empty($key)) {
- throw new \InvalidArgumentException('$key must not be empty.');
+ if (empty($secret)) {
+ throw new \InvalidArgumentException('$secret must not be empty.');
}
if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.');
@@ -63,7 +63,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
}
$this->userProviders = $userProviders;
- $this->key = $key;
+ $this->secret = $secret;
$this->providerKey = $providerKey;
$this->options = $options;
$this->logger = $logger;
@@ -81,11 +81,21 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
}
/**
- * @return string
+ * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead.
*/
public function getKey()
{
- return $this->key;
+ @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED);
+
+ return $this->getSecret();
+ }
+
+ /**
+ * @return string
+ */
+ public function getSecret()
+ {
+ return $this->secret;
}
/**
@@ -122,22 +132,22 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
$this->logger->info('Remember-me cookie accepted.');
}
- return new RememberMeToken($user, $this->providerKey, $this->key);
- } catch (CookieTheftException $theft) {
+ return new RememberMeToken($user, $this->providerKey, $this->secret);
+ } catch (CookieTheftException $e) {
$this->cancelCookie($request);
- throw $theft;
- } catch (UsernameNotFoundException $notFound) {
+ throw $e;
+ } catch (UsernameNotFoundException $e) {
if (null !== $this->logger) {
$this->logger->info('User for remember-me cookie not found.');
}
- } catch (UnsupportedUserException $unSupported) {
+ } catch (UnsupportedUserException $e) {
if (null !== $this->logger) {
$this->logger->warning('User class for remember-me cookie not supported.');
}
- } catch (AuthenticationException $invalid) {
+ } catch (AuthenticationException $e) {
if (null !== $this->logger) {
- $this->logger->debug('Remember-Me authentication failed.', array('exception' => $invalid));
+ $this->logger->debug('Remember-Me authentication failed.', array('exception' => $e));
}
}
diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
index 4fb7e09..3e465d6 100644
--- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
+++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
@@ -38,15 +38,15 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
* Constructor.
*
* @param array $userProviders
- * @param string $key
+ * @param string $secret
* @param string $providerKey
* @param array $options
* @param LoggerInterface $logger
* @param SecureRandomInterface $secureRandom
*/
- public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom)
+ public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom)
{
- parent::__construct($userProviders, $key, $providerKey, $options, $logger);
+ parent::__construct($userProviders, $secret, $providerKey, $options, $logger);
$this->secureRandom = $secureRandom;
}
diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php
index 7adb827..5750a8c 100644
--- a/Http/RememberMe/RememberMeServicesInterface.php
+++ b/Http/RememberMe/RememberMeServicesInterface.php
@@ -36,8 +36,8 @@ interface RememberMeServicesInterface
const COOKIE_ATTR_NAME = '_security_remember_me_cookie';
/**
- * This method will be called whenever the SecurityContext does not contain
- * an TokenInterface object and the framework wishes to provide an implementation
+ * This method will be called whenever the TokenStorage does not contain
+ * a TokenInterface object and the framework wishes to provide an implementation
* with an opportunity to authenticate the request using remember-me capabilities.
*
* No attempt whatsoever is made to determine whether the browser has requested
diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php
index 65bac0a..f6107ec 100644
--- a/Http/RememberMe/TokenBasedRememberMeServices.php
+++ b/Http/RememberMe/TokenBasedRememberMeServices.php
@@ -42,12 +42,12 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
}
try {
$user = $this->getUserProvider($class)->loadUserByUsername($username);
- } catch (\Exception $ex) {
- if (!$ex instanceof AuthenticationException) {
- $ex = new AuthenticationException($ex->getMessage(), $ex->getCode(), $ex);
+ } catch (\Exception $e) {
+ if (!$e instanceof AuthenticationException) {
+ $e = new AuthenticationException($e->getMessage(), $e->getCode(), $e);
}
- throw $ex;
+ throw $e;
}
if (!$user instanceof UserInterface) {
@@ -121,6 +121,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
*/
protected function generateCookieHash($class, $username, $expires, $password)
{
- return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey());
+ return hash_hmac('sha256', $class.$username.$expires.$password, $this->getSecret());
}
}
diff --git a/Http/Session/SessionAuthenticationStrategyInterface.php b/Http/Session/SessionAuthenticationStrategyInterface.php
index 9cb95d8..dd0c381 100644
--- a/Http/Session/SessionAuthenticationStrategyInterface.php
+++ b/Http/Session/SessionAuthenticationStrategyInterface.php
@@ -27,7 +27,7 @@ interface SessionAuthenticationStrategyInterface
/**
* This performs any necessary changes to the session.
*
- * This method is called before the SecurityContext is populated with a
+ * This method is called before the TokenStorage is populated with a
* Token, and only by classes inheriting from AbstractAuthenticationListener.
*
* @param Request $request
diff --git a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
index dcd672b..d99b562 100644
--- a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
+++ b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php
@@ -35,7 +35,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
->method('authenticate')
;
- $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager);
+ $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', null, $authenticationManager);
$listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false));
}
@@ -48,16 +48,15 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
->will($this->returnValue(null))
;
- $anonymousToken = new AnonymousToken('TheKey', 'anon.', array());
+ $anonymousToken = new AnonymousToken('TheSecret', 'anon.', array());
$authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
$authenticationManager
->expects($this->once())
->method('authenticate')
- ->with(self::logicalAnd(
- $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken'),
- $this->attributeEqualTo('key', 'TheKey')
- ))
+ ->with($this->callback(function ($token) {
+ return 'TheSecret' === $token->getSecret();
+ }))
->will($this->returnValue($anonymousToken))
;
@@ -67,7 +66,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
->with($anonymousToken)
;
- $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager);
+ $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', null, $authenticationManager);
$listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false));
}
@@ -82,7 +81,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase
$authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface');
- $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', $logger, $authenticationManager);
+ $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', $logger, $authenticationManager);
$listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false));
}
}
diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php
index 3b6442d..f43b564 100644
--- a/Http/Tests/Firewall/SwitchUserListenerTest.php
+++ b/Http/Tests/Firewall/SwitchUserListenerTest.php
@@ -11,7 +11,9 @@
namespace Symfony\Component\Security\Http\Tests\Firewall;
+use Symfony\Component\Security\Http\Event\SwitchUserEvent;
use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
+use Symfony\Component\Security\Http\SecurityEvents;
class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase
{
@@ -100,6 +102,62 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase
$listener->handle($this->event);
}
+ public function testExitUserDispatchesEventWithRefreshedUser()
+ {
+ $originalUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+ $refreshedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+ $this
+ ->userProvider
+ ->expects($this->any())
+ ->method('refreshUser')
+ ->with($originalUser)
+ ->willReturn($refreshedUser);
+ $originalToken = $this->getToken();
+ $originalToken
+ ->expects($this->any())
+ ->method('getUser')
+ ->willReturn($originalUser);
+ $role = $this
+ ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole')
+ ->disableOriginalConstructor()
+ ->getMock();
+ $role->expects($this->any())->method('getSource')->willReturn($originalToken);
+ $this
+ ->tokenStorage
+ ->expects($this->any())
+ ->method('getToken')
+ ->willReturn($this->getToken(array($role)));
+ $this
+ ->request
+ ->expects($this->any())
+ ->method('get')
+ ->with('_switch_user')
+ ->willReturn('_exit');
+ $this
+ ->request
+ ->expects($this->any())
+ ->method('getUri')
+ ->willReturn('/');
+ $this
+ ->request
+ ->query
+ ->expects($this->any())
+ ->method('all')
+ ->will($this->returnValue(array()));
+
+ $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface');
+ $dispatcher
+ ->expects($this->once())
+ ->method('dispatch')
+ ->with(SecurityEvents::SWITCH_USER, $this->callback(function (SwitchUserEvent $event) use ($refreshedUser) {
+ return $event->getTargetUser() === $refreshedUser;
+ }))
+ ;
+
+ $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher);
+ $listener->handle($this->event);
+ }
+
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException
*/
diff --git a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php
index 2225b6c..5a6a839 100644
--- a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php
+++ b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php
@@ -25,10 +25,10 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
$this->assertEquals('foo', $service->getRememberMeParameter());
}
- public function testGetKey()
+ public function testGetSecret()
{
$service = $this->getService();
- $this->assertEquals('fookey', $service->getKey());
+ $this->assertEquals('foosecret', $service->getSecret());
}
public function testAutoLoginReturnsNullWhenNoCookie()
@@ -78,7 +78,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
$returnedToken = $service->autoLogin($request);
$this->assertSame($user, $returnedToken->getUser());
- $this->assertSame('fookey', $returnedToken->getKey());
+ $this->assertSame('foosecret', $returnedToken->getSecret());
$this->assertSame('fookey', $returnedToken->getProviderKey());
}
@@ -268,7 +268,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
}
return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
- array($userProvider), 'fookey', 'fookey', $options, $logger,
+ array($userProvider), 'foosecret', 'fookey', $options, $logger,
));
}
diff --git a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
index 6aee1b1..889211c 100644
--- a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
+++ b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
@@ -115,7 +115,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test
try {
$service->autoLogin($request);
$this->fail('Expected CookieTheftException was not thrown.');
- } catch (CookieTheftException $theft) {
+ } catch (CookieTheftException $e) {
}
$this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME));
@@ -174,7 +174,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken);
$this->assertSame($user, $returnedToken->getUser());
- $this->assertEquals('fookey', $returnedToken->getKey());
+ $this->assertEquals('foosecret', $returnedToken->getSecret());
$this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME));
}
@@ -311,7 +311,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test
$userProvider = $this->getProvider();
}
- return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
+ return new PersistentTokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
}
protected function getProvider()
diff --git a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php
index 8383cec..2a892c3 100644
--- a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php
+++ b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php
@@ -140,7 +140,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
$this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken);
$this->assertSame($user, $returnedToken->getUser());
- $this->assertEquals('fookey', $returnedToken->getKey());
+ $this->assertEquals('foosecret', $returnedToken->getSecret());
}
public function provideUsernamesForAutoLogin()
@@ -264,7 +264,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
$userProvider = $this->getProvider();
}
- $service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
+ $service = new TokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger);
return $service;
}
diff --git a/Http/composer.json b/Http/composer.json
index 1c49504..98bd8cd 100644
--- a/Http/composer.json
+++ b/Http/composer.json
@@ -17,7 +17,7 @@
],
"require": {
"php": ">=5.3.9",
- "symfony/security-core": "~2.6|~3.0.0",
+ "symfony/security-core": "~2.8|~3.0.0",
"symfony/event-dispatcher": "~2.1|~3.0.0",
"symfony/http-foundation": "~2.4|~3.0.0",
"symfony/http-kernel": "~2.4|~3.0.0"
diff --git a/Tests/Core/LegacySecurityContextInterfaceTest.php b/Tests/Core/LegacySecurityContextInterfaceTest.php
index 3fad2b1..57517bf 100644
--- a/Tests/Core/LegacySecurityContextInterfaceTest.php
+++ b/Tests/Core/LegacySecurityContextInterfaceTest.php
@@ -24,8 +24,6 @@ class LegacySecurityContextInterfaceTest extends \PHPUnit_Framework_TestCase
*/
public function testConstantSync()
{
- $this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED);
-
$this->assertSame(Security::ACCESS_DENIED_ERROR, SecurityContextInterface::ACCESS_DENIED_ERROR);
$this->assertSame(Security::AUTHENTICATION_ERROR, SecurityContextInterface::AUTHENTICATION_ERROR);
$this->assertSame(Security::LAST_USERNAME, SecurityContextInterface::LAST_USERNAME);