diff options
76 files changed, 1008 insertions, 558 deletions
diff --git a/Acl/Exception/Exception.php b/Acl/Exception/Exception.php index a38c8ee..f1e1001 100644 --- a/Acl/Exception/Exception.php +++ b/Acl/Exception/Exception.php @@ -16,6 +16,6 @@ namespace Symfony\Component\Security\Acl\Exception; * * @author Johannes M. Schmitt <schmittjoh@gmail.com> */ -class Exception extends \Exception +class Exception extends \RuntimeException { } diff --git a/Acl/Permission/AbstractMaskBuilder.php b/Acl/Permission/AbstractMaskBuilder.php new file mode 100644 index 0000000..867d2e2 --- /dev/null +++ b/Acl/Permission/AbstractMaskBuilder.php @@ -0,0 +1,85 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Permission; + +/** + * This abstract class implements nearly all the MaskBuilderInterface methods + */ +abstract class AbstractMaskBuilder implements MaskBuilderInterface +{ + /** + * @var int + */ + protected $mask; + + /** + * Constructor. + * + * @param int $mask optional; defaults to 0 + */ + public function __construct($mask = 0) + { + $this->set($mask); + } + + /** + * {@inheritdoc} + */ + public function set($mask) + { + if (!is_int($mask)) { + throw new \InvalidArgumentException('$mask must be an integer.'); + } + + $this->mask = $mask; + + return $this; + } + + /** + * {@inheritdoc} + */ + public function get() + { + return $this->mask; + } + + /** + * {@inheritdoc} + */ + public function add($mask) + { + $this->mask |= $this->resolveMask($mask); + + return $this; + } + + /** + * {@inheritdoc} + */ + public function remove($mask) + { + $this->mask &= ~$this->resolveMask($mask); + + return $this; + } + + /** + * {@inheritdoc} + */ + public function reset() + { + $this->mask = 0; + + return $this; + } +} diff --git a/Acl/Permission/BasicPermissionMap.php b/Acl/Permission/BasicPermissionMap.php index 4e26c02..fa5437d 100644 --- a/Acl/Permission/BasicPermissionMap.php +++ b/Acl/Permission/BasicPermissionMap.php @@ -17,7 +17,7 @@ namespace Symfony\Component\Security\Acl\Permission; * * @author Johannes M. Schmitt <schmittjoh@gmail.com> */ -class BasicPermissionMap implements PermissionMapInterface +class BasicPermissionMap implements PermissionMapInterface, MaskBuilderRetrievalInterface { const PERMISSION_VIEW = 'VIEW'; const PERMISSION_EDIT = 'EDIT'; @@ -105,4 +105,12 @@ class BasicPermissionMap implements PermissionMapInterface { return isset($this->map[$permission]); } + + /** + * {@inheritdoc} + */ + public function getMaskBuilder() + { + return new MaskBuilder(); + } } diff --git a/Acl/Permission/MaskBuilder.php b/Acl/Permission/MaskBuilder.php index 5364c9b..3079800 100644 --- a/Acl/Permission/MaskBuilder.php +++ b/Acl/Permission/MaskBuilder.php @@ -42,7 +42,7 @@ namespace Symfony\Component\Security\Acl\Permission; * * @author Johannes M. Schmitt <schmittjoh@gmail.com> */ -class MaskBuilder +class MaskBuilder extends AbstractMaskBuilder { const MASK_VIEW = 1; // 1 << 0 const MASK_CREATE = 2; // 1 << 1 @@ -67,50 +67,6 @@ class MaskBuilder const OFF = '.'; const ON = '*'; - private $mask; - - /** - * Constructor. - * - * @param int $mask optional; defaults to 0 - * - * @throws \InvalidArgumentException - */ - public function __construct($mask = 0) - { - if (!is_int($mask)) { - throw new \InvalidArgumentException('$mask must be an integer.'); - } - - $this->mask = $mask; - } - - /** - * Adds a mask to the permission. - * - * @param mixed $mask - * - * @return MaskBuilder - * - * @throws \InvalidArgumentException - */ - public function add($mask) - { - $this->mask |= $this->getMask($mask); - - return $this; - } - - /** - * Returns the mask of this permission. - * - * @return int - */ - public function get() - { - return $this->mask; - } - /** * Returns a human-readable representation of the permission. * @@ -136,34 +92,6 @@ class MaskBuilder } /** - * Removes a mask from the permission. - * - * @param mixed $mask - * - * @return MaskBuilder - * - * @throws \InvalidArgumentException - */ - public function remove($mask) - { - $this->mask &= ~$this->getMask($mask); - - return $this; - } - - /** - * Resets the PermissionBuilder. - * - * @return MaskBuilder - */ - public function reset() - { - $this->mask = 0; - - return $this; - } - - /** * Returns the code for the passed mask. * * @param int $mask @@ -204,7 +132,7 @@ class MaskBuilder * * @throws \InvalidArgumentException */ - private function getMask($code) + public function resolveMask($code) { if (is_string($code)) { if (!defined($name = sprintf('static::MASK_%s', strtoupper($code)))) { diff --git a/Acl/Permission/MaskBuilderInterface.php b/Acl/Permission/MaskBuilderInterface.php new file mode 100644 index 0000000..ba41830 --- /dev/null +++ b/Acl/Permission/MaskBuilderInterface.php @@ -0,0 +1,75 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Permission; + +/** + * This is the interface that must be implemented by mask builders. + */ +interface MaskBuilderInterface +{ + /** + * Set the mask of this permission + * + * @param int $mask + * + * @return MaskBuilderInterface + * @throws \InvalidArgumentException if $mask is not an integer + */ + public function set($mask); + + /** + * Returns the mask of this permission. + * + * @return int + */ + public function get(); + + /** + * Adds a mask to the permission. + * + * @param mixed $mask + * + * @return MaskBuilderInterface + * + * @throws \InvalidArgumentException + */ + public function add($mask); + + /** + * Removes a mask from the permission. + * + * @param mixed $mask + * + * @return MaskBuilderInterface + * + * @throws \InvalidArgumentException + */ + public function remove($mask); + + /** + * Resets the PermissionBuilder. + * + * @return MaskBuilderInterface + */ + public function reset(); + + /** + * Returns the mask for the passed code + * + * @param mixed $code + * + * @return int + * + * @throws \InvalidArgumentException + */ + public function resolveMask($code); +} diff --git a/Acl/Permission/MaskBuilderRetrievalInterface.php b/Acl/Permission/MaskBuilderRetrievalInterface.php new file mode 100644 index 0000000..7a99bca --- /dev/null +++ b/Acl/Permission/MaskBuilderRetrievalInterface.php @@ -0,0 +1,25 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Acl\Permission; + +/** + * Retrieves the MaskBuilder + */ +interface MaskBuilderRetrievalInterface +{ + /** + * Returns a new instance of the MaskBuilder used in the permissionMap + * + * @return MaskBuilderInterface + */ + public function getMaskBuilder(); +} diff --git a/Acl/README.md b/Acl/README.md index bb2d4d7..4b68d90 100644 --- a/Acl/README.md +++ b/Acl/README.md @@ -11,7 +11,7 @@ Resources Documentation: -http://symfony.com/doc/2.6/book/security.html +http://symfony.com/doc/2.7/book/security.html Tests ----- diff --git a/Acl/Resources/schema/drizzle.sql b/Acl/Resources/schema/drizzle.sql index 378f114..9398c29 100644 --- a/Acl/Resources/schema/drizzle.sql +++ b/Acl/Resources/schema/drizzle.sql @@ -1,12 +1,12 @@ -CREATE TABLE acl_classes (id INT AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, PRIMARY KEY(id), UNIQUE INDEX UNIQ_69DD750638A36066 (class_type)) +CREATE TABLE acl_classes (id INT AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, UNIQUE INDEX UNIQ_69DD750638A36066 (class_type), PRIMARY KEY(id)) COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_security_identities (id INT AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL, PRIMARY KEY(id), UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username)) +CREATE TABLE acl_security_identities (id INT AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL, UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username), PRIMARY KEY(id)) COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_object_identities (id INT AUTO_INCREMENT NOT NULL, parent_object_identity_id INT DEFAULT NULL, class_id INT NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, PRIMARY KEY(id), UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id)) +CREATE TABLE acl_object_identities (id INT AUTO_INCREMENT NOT NULL, parent_object_identity_id INT DEFAULT NULL, class_id INT NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id), PRIMARY KEY(id)) COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_object_identity_ancestors (object_identity_id INT NOT NULL, ancestor_id INT NOT NULL, PRIMARY KEY(object_identity_id, ancestor_id), INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id)) +CREATE TABLE acl_object_identity_ancestors (object_identity_id INT NOT NULL, ancestor_id INT NOT NULL, INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id), PRIMARY KEY(object_identity_id, ancestor_id)) COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_entries (id INT AUTO_INCREMENT NOT NULL, class_id INT NOT NULL, object_identity_id INT DEFAULT NULL, security_identity_id INT NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order INT NOT NULL, mask INT NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, PRIMARY KEY(id), UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id)) +CREATE TABLE acl_entries (id INT AUTO_INCREMENT NOT NULL, class_id INT NOT NULL, object_identity_id INT DEFAULT NULL, security_identity_id INT NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order INT NOT NULL, mask INT NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id), PRIMARY KEY(id)) COLLATE utf8_unicode_ci ENGINE = InnoDB ALTER TABLE acl_object_identities ADD CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) diff --git a/Acl/Resources/schema/mssql.sql b/Acl/Resources/schema/mssql.sql index 1b4733c..8126f78 100644 --- a/Acl/Resources/schema/mssql.sql +++ b/Acl/Resources/schema/mssql.sql @@ -1,24 +1,24 @@ -CREATE TABLE acl_classes (id INT UNSIGNED IDENTITY NOT NULL, class_type NVARCHAR(200) NOT NULL, PRIMARY KEY (id)) +CREATE TABLE acl_classes (id INT IDENTITY NOT NULL, class_type NVARCHAR(200) NOT NULL, PRIMARY KEY (id)) CREATE UNIQUE INDEX UNIQ_69DD750638A36066 ON acl_classes (class_type) WHERE class_type IS NOT NULL -CREATE TABLE acl_security_identities (id INT UNSIGNED IDENTITY NOT NULL, identifier NVARCHAR(200) NOT NULL, username BIT NOT NULL, PRIMARY KEY (id)) +CREATE TABLE acl_security_identities (id INT IDENTITY NOT NULL, identifier NVARCHAR(200) NOT NULL, username BIT NOT NULL, PRIMARY KEY (id)) CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) WHERE identifier IS NOT NULL AND username IS NOT NULL -CREATE TABLE acl_object_identities (id INT UNSIGNED IDENTITY NOT NULL, parent_object_identity_id INT UNSIGNED DEFAULT NULL, class_id INT UNSIGNED NOT NULL, object_identifier NVARCHAR(100) NOT NULL, entries_inheriting BIT NOT NULL, PRIMARY KEY (id)) +CREATE TABLE acl_object_identities (id INT IDENTITY NOT NULL, parent_object_identity_id INT, class_id INT NOT NULL, object_identifier NVARCHAR(100) NOT NULL, entries_inheriting BIT NOT NULL, PRIMARY KEY (id)) CREATE UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 ON acl_object_identities (object_identifier, class_id) WHERE object_identifier IS NOT NULL AND class_id IS NOT NULL CREATE INDEX IDX_9407E54977FA751A ON acl_object_identities (parent_object_identity_id) -CREATE TABLE acl_object_identity_ancestors (object_identity_id INT UNSIGNED NOT NULL, ancestor_id INT UNSIGNED NOT NULL, PRIMARY KEY (object_identity_id, ancestor_id)) +CREATE TABLE acl_object_identity_ancestors (object_identity_id INT NOT NULL, ancestor_id INT NOT NULL, PRIMARY KEY (object_identity_id, ancestor_id)) CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_identity_id) CREATE INDEX IDX_825DE299C671CEA1 ON acl_object_identity_ancestors (ancestor_id) -CREATE TABLE acl_entries (id INT UNSIGNED IDENTITY NOT NULL, class_id INT UNSIGNED NOT NULL, object_identity_id INT UNSIGNED DEFAULT NULL, security_identity_id INT UNSIGNED NOT NULL, field_name NVARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INT NOT NULL, granting BIT NOT NULL, granting_strategy NVARCHAR(30) NOT NULL, audit_success BIT NOT NULL, audit_failure BIT NOT NULL, PRIMARY KEY (id)) +CREATE TABLE acl_entries (id INT IDENTITY NOT NULL, class_id INT NOT NULL, object_identity_id INT, security_identity_id INT NOT NULL, field_name NVARCHAR(50), ace_order SMALLINT NOT NULL, mask INT NOT NULL, granting BIT NOT NULL, granting_strategy NVARCHAR(30) NOT NULL, audit_success BIT NOT NULL, audit_failure BIT NOT NULL, PRIMARY KEY (id)) CREATE UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 ON acl_entries (class_id, object_identity_id, field_name, ace_order) WHERE class_id IS NOT NULL AND object_identity_id IS NOT NULL AND field_name IS NOT NULL AND ace_order IS NOT NULL diff --git a/Acl/Resources/schema/mysql.sql b/Acl/Resources/schema/mysql.sql index db01e95..1c63f4d 100644 --- a/Acl/Resources/schema/mysql.sql +++ b/Acl/Resources/schema/mysql.sql @@ -1,12 +1,12 @@ -CREATE TABLE acl_classes (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, UNIQUE INDEX UNIQ_69DD750638A36066 (class_type), PRIMARY KEY(id)) ENGINE = InnoDB +CREATE TABLE acl_classes (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_type VARCHAR(200) NOT NULL, UNIQUE INDEX UNIQ_69DD750638A36066 (class_type), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_security_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username), PRIMARY KEY(id)) ENGINE = InnoDB +CREATE TABLE acl_security_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, identifier VARCHAR(200) NOT NULL, username TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 (identifier, username), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_object_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, parent_object_identity_id INT UNSIGNED DEFAULT NULL, class_id INT UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id), PRIMARY KEY(id)) ENGINE = InnoDB +CREATE TABLE acl_object_identities (id INT UNSIGNED AUTO_INCREMENT NOT NULL, parent_object_identity_id INT UNSIGNED DEFAULT NULL, class_id INT UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 (object_identifier, class_id), INDEX IDX_9407E54977FA751A (parent_object_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_object_identity_ancestors (object_identity_id INT UNSIGNED NOT NULL, ancestor_id INT UNSIGNED NOT NULL, INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id), PRIMARY KEY(object_identity_id, ancestor_id)) ENGINE = InnoDB +CREATE TABLE acl_object_identity_ancestors (object_identity_id INT UNSIGNED NOT NULL, ancestor_id INT UNSIGNED NOT NULL, INDEX IDX_825DE2993D9AB4A6 (object_identity_id), INDEX IDX_825DE299C671CEA1 (ancestor_id), PRIMARY KEY(object_identity_id, ancestor_id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB -CREATE TABLE acl_entries (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_id INT UNSIGNED NOT NULL, object_identity_id INT UNSIGNED DEFAULT NULL, security_identity_id INT UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INT NOT NULL, granting TINYINT(1) NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success TINYINT(1) NOT NULL, audit_failure TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id), PRIMARY KEY(id)) ENGINE = InnoDB +CREATE TABLE acl_entries (id INT UNSIGNED AUTO_INCREMENT NOT NULL, class_id INT UNSIGNED NOT NULL, object_identity_id INT UNSIGNED DEFAULT NULL, security_identity_id INT UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INT NOT NULL, granting TINYINT(1) NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success TINYINT(1) NOT NULL, audit_failure TINYINT(1) NOT NULL, UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 (class_id, object_identity_id, field_name, ace_order), INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 (class_id, object_identity_id, security_identity_id), INDEX IDX_46C8B806EA000B10 (class_id), INDEX IDX_46C8B8063D9AB4A6 (object_identity_id), INDEX IDX_46C8B806DF9183C9 (security_identity_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_unicode_ci ENGINE = InnoDB ALTER TABLE acl_object_identities ADD CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) diff --git a/Acl/Resources/schema/oracle.sql b/Acl/Resources/schema/oracle.sql index 9896cf0..94821dc 100644 --- a/Acl/Resources/schema/oracle.sql +++ b/Acl/Resources/schema/oracle.sql @@ -5,7 +5,7 @@ DECLARE BEGIN SELECT COUNT(CONSTRAINT_NAME) INTO constraints_Count FROM USER_CONSTRAINTS WHERE TABLE_NAME = 'ACL_CLASSES' AND CONSTRAINT_TYPE = 'P'; IF constraints_Count = 0 OR constraints_Count = '' THEN - EXECUTE IMMEDIATE 'ALTER TABLE ACL_CLASSES ADD CONSTRAINT ACL_CLASSES_AI_PK PRIMARY KEY (id)'; + EXECUTE IMMEDIATE 'ALTER TABLE ACL_CLASSES ADD CONSTRAINT ACL_CLASSES_AI_PK PRIMARY KEY (ID)'; END IF; END; @@ -19,14 +19,14 @@ DECLARE last_Sequence NUMBER; last_InsertID NUMBER; BEGIN - SELECT ACL_CLASSES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; - IF (:NEW.id IS NULL OR :NEW.id = 0) THEN - SELECT ACL_CLASSES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; + SELECT ACL_CLASSES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; + IF (:NEW.ID IS NULL OR :NEW.ID = 0) THEN + SELECT ACL_CLASSES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; ELSE SELECT NVL(Last_Number, 0) INTO last_Sequence FROM User_Sequences WHERE Sequence_Name = 'ACL_CLASSES_SEQ'; - SELECT :NEW.id INTO last_InsertID FROM DUAL; + SELECT :NEW.ID INTO last_InsertID FROM DUAL; WHILE (last_InsertID > last_Sequence) LOOP SELECT ACL_CLASSES_SEQ.NEXTVAL INTO last_Sequence FROM DUAL; END LOOP; @@ -42,7 +42,7 @@ DECLARE BEGIN SELECT COUNT(CONSTRAINT_NAME) INTO constraints_Count FROM USER_CONSTRAINTS WHERE TABLE_NAME = 'ACL_SECURITY_IDENTITIES' AND CONSTRAINT_TYPE = 'P'; IF constraints_Count = 0 OR constraints_Count = '' THEN - EXECUTE IMMEDIATE 'ALTER TABLE ACL_SECURITY_IDENTITIES ADD CONSTRAINT ACL_SECURITY_IDENTITIES_AI_PK PRIMARY KEY (id)'; + EXECUTE IMMEDIATE 'ALTER TABLE ACL_SECURITY_IDENTITIES ADD CONSTRAINT ACL_SECURITY_IDENTITIES_AI_PK PRIMARY KEY (ID)'; END IF; END; @@ -56,14 +56,14 @@ DECLARE last_Sequence NUMBER; last_InsertID NUMBER; BEGIN - SELECT ACL_SECURITY_IDENTITIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; - IF (:NEW.id IS NULL OR :NEW.id = 0) THEN - SELECT ACL_SECURITY_IDENTITIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; + SELECT ACL_SECURITY_IDENTITIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; + IF (:NEW.ID IS NULL OR :NEW.ID = 0) THEN + SELECT ACL_SECURITY_IDENTITIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; ELSE SELECT NVL(Last_Number, 0) INTO last_Sequence FROM User_Sequences WHERE Sequence_Name = 'ACL_SECURITY_IDENTITIES_SEQ'; - SELECT :NEW.id INTO last_InsertID FROM DUAL; + SELECT :NEW.ID INTO last_InsertID FROM DUAL; WHILE (last_InsertID > last_Sequence) LOOP SELECT ACL_SECURITY_IDENTITIES_SEQ.NEXTVAL INTO last_Sequence FROM DUAL; END LOOP; @@ -72,14 +72,14 @@ END; CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) -CREATE TABLE acl_object_identities (id NUMBER(10) NOT NULL, parent_object_identity_id NUMBER(10) DEFAULT NULL, class_id NUMBER(10) NOT NULL, object_identifier VARCHAR2(100) NOT NULL, entries_inheriting NUMBER(1) NOT NULL, PRIMARY KEY(id)) +CREATE TABLE acl_object_identities (id NUMBER(10) NOT NULL, parent_object_identity_id NUMBER(10) DEFAULT NULL NULL, class_id NUMBER(10) NOT NULL, object_identifier VARCHAR2(100) NOT NULL, entries_inheriting NUMBER(1) NOT NULL, PRIMARY KEY(id)) DECLARE constraints_Count NUMBER; BEGIN SELECT COUNT(CONSTRAINT_NAME) INTO constraints_Count FROM USER_CONSTRAINTS WHERE TABLE_NAME = 'ACL_OBJECT_IDENTITIES' AND CONSTRAINT_TYPE = 'P'; IF constraints_Count = 0 OR constraints_Count = '' THEN - EXECUTE IMMEDIATE 'ALTER TABLE ACL_OBJECT_IDENTITIES ADD CONSTRAINT ACL_OBJECT_IDENTITIES_AI_PK PRIMARY KEY (id)'; + EXECUTE IMMEDIATE 'ALTER TABLE ACL_OBJECT_IDENTITIES ADD CONSTRAINT ACL_OBJECT_IDENTITIES_AI_PK PRIMARY KEY (ID)'; END IF; END; @@ -93,14 +93,14 @@ DECLARE last_Sequence NUMBER; last_InsertID NUMBER; BEGIN - SELECT ACL_OBJECT_IDENTITIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; - IF (:NEW.id IS NULL OR :NEW.id = 0) THEN - SELECT ACL_OBJECT_IDENTITIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; + SELECT ACL_OBJECT_IDENTITIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; + IF (:NEW.ID IS NULL OR :NEW.ID = 0) THEN + SELECT ACL_OBJECT_IDENTITIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; ELSE SELECT NVL(Last_Number, 0) INTO last_Sequence FROM User_Sequences WHERE Sequence_Name = 'ACL_OBJECT_IDENTITIES_SEQ'; - SELECT :NEW.id INTO last_InsertID FROM DUAL; + SELECT :NEW.ID INTO last_InsertID FROM DUAL; WHILE (last_InsertID > last_Sequence) LOOP SELECT ACL_OBJECT_IDENTITIES_SEQ.NEXTVAL INTO last_Sequence FROM DUAL; END LOOP; @@ -117,14 +117,14 @@ CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_ident CREATE INDEX IDX_825DE299C671CEA1 ON acl_object_identity_ancestors (ancestor_id) -CREATE TABLE acl_entries (id NUMBER(10) NOT NULL, class_id NUMBER(10) NOT NULL, object_identity_id NUMBER(10) DEFAULT NULL, security_identity_id NUMBER(10) NOT NULL, field_name VARCHAR2(50) DEFAULT NULL, ace_order NUMBER(5) NOT NULL, mask NUMBER(10) NOT NULL, granting NUMBER(1) NOT NULL, granting_strategy VARCHAR2(30) NOT NULL, audit_success NUMBER(1) NOT NULL, audit_failure NUMBER(1) NOT NULL, PRIMARY KEY(id)) +CREATE TABLE acl_entries (id NUMBER(10) NOT NULL, class_id NUMBER(10) NOT NULL, object_identity_id NUMBER(10) DEFAULT NULL NULL, security_identity_id NUMBER(10) NOT NULL, field_name VARCHAR2(50) DEFAULT NULL NULL, ace_order NUMBER(5) NOT NULL, mask NUMBER(10) NOT NULL, granting NUMBER(1) NOT NULL, granting_strategy VARCHAR2(30) NOT NULL, audit_success NUMBER(1) NOT NULL, audit_failure NUMBER(1) NOT NULL, PRIMARY KEY(id)) DECLARE constraints_Count NUMBER; BEGIN SELECT COUNT(CONSTRAINT_NAME) INTO constraints_Count FROM USER_CONSTRAINTS WHERE TABLE_NAME = 'ACL_ENTRIES' AND CONSTRAINT_TYPE = 'P'; IF constraints_Count = 0 OR constraints_Count = '' THEN - EXECUTE IMMEDIATE 'ALTER TABLE ACL_ENTRIES ADD CONSTRAINT ACL_ENTRIES_AI_PK PRIMARY KEY (id)'; + EXECUTE IMMEDIATE 'ALTER TABLE ACL_ENTRIES ADD CONSTRAINT ACL_ENTRIES_AI_PK PRIMARY KEY (ID)'; END IF; END; @@ -138,14 +138,14 @@ DECLARE last_Sequence NUMBER; last_InsertID NUMBER; BEGIN - SELECT ACL_ENTRIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; - IF (:NEW.id IS NULL OR :NEW.id = 0) THEN - SELECT ACL_ENTRIES_SEQ.NEXTVAL INTO :NEW.id FROM DUAL; + SELECT ACL_ENTRIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; + IF (:NEW.ID IS NULL OR :NEW.ID = 0) THEN + SELECT ACL_ENTRIES_SEQ.NEXTVAL INTO :NEW.ID FROM DUAL; ELSE SELECT NVL(Last_Number, 0) INTO last_Sequence FROM User_Sequences WHERE Sequence_Name = 'ACL_ENTRIES_SEQ'; - SELECT :NEW.id INTO last_InsertID FROM DUAL; + SELECT :NEW.ID INTO last_InsertID FROM DUAL; WHILE (last_InsertID > last_Sequence) LOOP SELECT ACL_ENTRIES_SEQ.NEXTVAL INTO last_Sequence FROM DUAL; END LOOP; diff --git a/Acl/Resources/schema/sqlanywhere.sql b/Acl/Resources/schema/sqlanywhere.sql new file mode 100644 index 0000000..d73b102 --- /dev/null +++ b/Acl/Resources/schema/sqlanywhere.sql @@ -0,0 +1,43 @@ +CREATE TABLE acl_classes (id UNSIGNED INT IDENTITY NOT NULL, class_type VARCHAR(200) NOT NULL, PRIMARY KEY (id)) + +CREATE UNIQUE INDEX UNIQ_69DD750638A36066 ON acl_classes (class_type) + +CREATE TABLE acl_security_identities (id UNSIGNED INT IDENTITY NOT NULL, identifier VARCHAR(200) NOT NULL, username BIT NOT NULL, PRIMARY KEY (id)) + +CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) + +CREATE TABLE acl_object_identities (id UNSIGNED INT IDENTITY NOT NULL, parent_object_identity_id UNSIGNED INT DEFAULT NULL, class_id UNSIGNED INT NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BIT NOT NULL, PRIMARY KEY (id)) + +CREATE UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 ON acl_object_identities (object_identifier, class_id) + +CREATE INDEX IDX_9407E54977FA751A ON acl_object_identities (parent_object_identity_id) + +CREATE TABLE acl_object_identity_ancestors (object_identity_id UNSIGNED INT NOT NULL, ancestor_id UNSIGNED INT NOT NULL, PRIMARY KEY (object_identity_id, ancestor_id)) + +CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_identity_id) + +CREATE INDEX IDX_825DE299C671CEA1 ON acl_object_identity_ancestors (ancestor_id) + +CREATE TABLE acl_entries (id UNSIGNED INT IDENTITY NOT NULL, class_id UNSIGNED INT NOT NULL, object_identity_id UNSIGNED INT DEFAULT NULL, security_identity_id UNSIGNED INT NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order UNSIGNED SMALLINT NOT NULL, mask INT NOT NULL, granting BIT NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BIT NOT NULL, audit_failure BIT NOT NULL, PRIMARY KEY (id)) + +CREATE UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 ON acl_entries (class_id, object_identity_id, field_name, ace_order) + +CREATE INDEX IDX_46C8B806EA000B103D9AB4A6DF9183C9 ON acl_entries (class_id, object_identity_id, security_identity_id) + +CREATE INDEX IDX_46C8B806EA000B10 ON acl_entries (class_id) + +CREATE INDEX IDX_46C8B8063D9AB4A6 ON acl_entries (object_identity_id) + +CREATE INDEX IDX_46C8B806DF9183C9 ON acl_entries (security_identity_id) + +ALTER TABLE acl_object_identities ADD CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) + +ALTER TABLE acl_object_identity_ancestors ADD CONSTRAINT FK_825DE2993D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE + +ALTER TABLE acl_object_identity_ancestors ADD CONSTRAINT FK_825DE299C671CEA1 FOREIGN KEY (ancestor_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE + +ALTER TABLE acl_entries ADD CONSTRAINT FK_46C8B806EA000B10 FOREIGN KEY (class_id) REFERENCES acl_classes (id) ON UPDATE CASCADE ON DELETE CASCADE + +ALTER TABLE acl_entries ADD CONSTRAINT FK_46C8B8063D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON UPDATE CASCADE ON DELETE CASCADE + +ALTER TABLE acl_entries ADD CONSTRAINT FK_46C8B806DF9183C9 FOREIGN KEY (security_identity_id) REFERENCES acl_security_identities (id) ON UPDATE CASCADE ON DELETE CASCADE
\ No newline at end of file diff --git a/Acl/Resources/schema/sqlite.sql b/Acl/Resources/schema/sqlite.sql index 21c9f67..4429bfa 100644 --- a/Acl/Resources/schema/sqlite.sql +++ b/Acl/Resources/schema/sqlite.sql @@ -1,24 +1,24 @@ -CREATE TABLE acl_classes (id INTEGER NOT NULL, class_type VARCHAR(200) NOT NULL, PRIMARY KEY("id")) +CREATE TABLE acl_classes (id INTEGER NOT NULL, class_type VARCHAR(200) NOT NULL, PRIMARY KEY(id)) CREATE UNIQUE INDEX UNIQ_69DD750638A36066 ON acl_classes (class_type) -CREATE TABLE acl_security_identities (id INTEGER NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL, PRIMARY KEY("id")) +CREATE TABLE acl_security_identities (id INTEGER NOT NULL, identifier VARCHAR(200) NOT NULL, username BOOLEAN NOT NULL, PRIMARY KEY(id)) CREATE UNIQUE INDEX UNIQ_8835EE78772E836AF85E0677 ON acl_security_identities (identifier, username) -CREATE TABLE acl_object_identities (id INTEGER NOT NULL, parent_object_identity_id INTEGER DEFAULT NULL, class_id INTEGER NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, PRIMARY KEY("id")) +CREATE TABLE acl_object_identities (id INTEGER NOT NULL, parent_object_identity_id INTEGER UNSIGNED DEFAULT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identifier VARCHAR(100) NOT NULL, entries_inheriting BOOLEAN NOT NULL, PRIMARY KEY(id), CONSTRAINT FK_9407E54977FA751A FOREIGN KEY (parent_object_identity_id) REFERENCES acl_object_identities (id) NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE UNIQUE INDEX UNIQ_9407E5494B12AD6EA000B10 ON acl_object_identities (object_identifier, class_id) CREATE INDEX IDX_9407E54977FA751A ON acl_object_identities (parent_object_identity_id) -CREATE TABLE acl_object_identity_ancestors (object_identity_id INTEGER NOT NULL, ancestor_id INTEGER NOT NULL, PRIMARY KEY("object_identity_id", "ancestor_id")) +CREATE TABLE acl_object_identity_ancestors (object_identity_id INTEGER UNSIGNED NOT NULL, ancestor_id INTEGER UNSIGNED NOT NULL, PRIMARY KEY(object_identity_id, ancestor_id), CONSTRAINT FK_825DE2993D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_825DE299C671CEA1 FOREIGN KEY (ancestor_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE INDEX IDX_825DE2993D9AB4A6 ON acl_object_identity_ancestors (object_identity_id) CREATE INDEX IDX_825DE299C671CEA1 ON acl_object_identity_ancestors (ancestor_id) -CREATE TABLE acl_entries (id INTEGER NOT NULL, class_id INTEGER NOT NULL, object_identity_id INTEGER DEFAULT NULL, security_identity_id INTEGER NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order INTEGER NOT NULL, mask INTEGER NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, PRIMARY KEY("id")) +CREATE TABLE acl_entries (id INTEGER NOT NULL, class_id INTEGER UNSIGNED NOT NULL, object_identity_id INTEGER UNSIGNED DEFAULT NULL, security_identity_id INTEGER UNSIGNED NOT NULL, field_name VARCHAR(50) DEFAULT NULL, ace_order SMALLINT UNSIGNED NOT NULL, mask INTEGER NOT NULL, granting BOOLEAN NOT NULL, granting_strategy VARCHAR(30) NOT NULL, audit_success BOOLEAN NOT NULL, audit_failure BOOLEAN NOT NULL, PRIMARY KEY(id), CONSTRAINT FK_46C8B806EA000B10 FOREIGN KEY (class_id) REFERENCES acl_classes (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B8063D9AB4A6 FOREIGN KEY (object_identity_id) REFERENCES acl_object_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE, CONSTRAINT FK_46C8B806DF9183C9 FOREIGN KEY (security_identity_id) REFERENCES acl_security_identities (id) ON DELETE CASCADE NOT DEFERRABLE INITIALLY IMMEDIATE) CREATE UNIQUE INDEX UNIQ_46C8B806EA000B103D9AB4A64DEF17BCE4289BF4 ON acl_entries (class_id, object_identity_id, field_name, ace_order) diff --git a/Acl/Voter/AclVoter.php b/Acl/Voter/AclVoter.php index 9657eed..7022231 100644 --- a/Acl/Voter/AclVoter.php +++ b/Acl/Voter/AclVoter.php @@ -64,7 +64,7 @@ class AclVoter implements VoterInterface if (null === $object) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Object identity unavailable. Voting to %s', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); + $this->logger->debug(sprintf('Object identity unavailable. Voting to %s.', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); } return $this->allowIfObjectIdentityUnavailable ? self::ACCESS_GRANTED : self::ACCESS_ABSTAIN; @@ -79,7 +79,7 @@ class AclVoter implements VoterInterface $oid = $object; } elseif (null === $oid = $this->objectIdentityRetrievalStrategy->getObjectIdentity($object)) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Object identity unavailable. Voting to %s', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); + $this->logger->debug(sprintf('Object identity unavailable. Voting to %s.', $this->allowIfObjectIdentityUnavailable ? 'grant access' : 'abstain')); } return $this->allowIfObjectIdentityUnavailable ? self::ACCESS_GRANTED : self::ACCESS_ABSTAIN; @@ -96,13 +96,13 @@ class AclVoter implements VoterInterface if (null === $field && $acl->isGranted($masks, $sids, false)) { if (null !== $this->logger) { - $this->logger->debug('ACL found, permission granted. Voting to grant access'); + $this->logger->debug('ACL found, permission granted. Voting to grant access.'); } return self::ACCESS_GRANTED; } elseif (null !== $field && $acl->isFieldGranted($field, $masks, $sids, false)) { if (null !== $this->logger) { - $this->logger->debug('ACL found, permission granted. Voting to grant access'); + $this->logger->debug('ACL found, permission granted. Voting to grant access.'); } return self::ACCESS_GRANTED; diff --git a/Acl/composer.json b/Acl/composer.json index 6925f15..2c0401f 100644 --- a/Acl/composer.json +++ b/Acl/composer.json @@ -16,11 +16,11 @@ } ], "require": { - "php": ">=5.3.3", - "symfony/security-core": "~2.4" + "php": ">=5.3.9", + "symfony/security-core": "~2.4|~3.0.0" }, "require-dev": { - "symfony/phpunit-bridge": "~2.7", + "symfony/phpunit-bridge": "~2.7|~3.0.0", "doctrine/common": "~2.2", "doctrine/dbal": "~2.2", "psr/log": "~1.0" @@ -37,7 +37,7 @@ "minimum-stability": "dev", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.7-dev" } } } diff --git a/Acl/phpunit.xml.dist b/Acl/phpunit.xml.dist index ee662c8..7552339 100644 --- a/Acl/phpunit.xml.dist +++ b/Acl/phpunit.xml.dist @@ -14,6 +14,7 @@ <php> <ini name="error_reporting" value="-1" /> </php> + <testsuites> <testsuite name="Symfony Security Component ACL Test Suite"> <directory>./Tests/</directory> diff --git a/CHANGELOG.md b/CHANGELOG.md index c08d5cc..052f883 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,15 @@ CHANGELOG ========= +2.7.0 +----- + + * added LogoutUrlGenerator + * added the triggering of the `Symfony\Component\Security\Http\SecurityEvents::INTERACTIVE_LOGIN` in `Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener` + * The MaskBuilder logic has been abstracted in the `Symfony\Component\Security\Acl\Permission\AbstractMaskBuilder` + and described in the `Symfony\Component\Security\Acl\Permission\MaskBuilderInterface` + * added interface `Symfony\Component\Security\Acl\Permission\MaskBuilderRetrievalInterface` + 2.6.0 ----- diff --git a/Core/Authentication/AuthenticationProviderManager.php b/Core/Authentication/AuthenticationProviderManager.php index f713e8f..16de8da 100644 --- a/Core/Authentication/AuthenticationProviderManager.php +++ b/Core/Authentication/AuthenticationProviderManager.php @@ -48,6 +48,12 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface throw new \InvalidArgumentException('You must at least add one authentication provider.'); } + foreach ($providers as $provider) { + if (!$provider instanceof AuthenticationProviderInterface) { + throw new \InvalidArgumentException(sprintf('Provider "%s" must implement the AuthenticationProviderInterface.', get_class($provider))); + } + } + $this->providers = $providers; $this->eraseCredentials = (bool) $eraseCredentials; } diff --git a/Core/README.md b/Core/README.md index 66c323e..8e05a92 100644 --- a/Core/README.md +++ b/Core/README.md @@ -11,7 +11,7 @@ Resources Documentation: -http://symfony.com/doc/2.6/book/security.html +http://symfony.com/doc/2.7/book/security.html Tests ----- diff --git a/Core/SecurityContext.php b/Core/SecurityContext.php index 0761c59..27e85c5 100644 --- a/Core/SecurityContext.php +++ b/Core/SecurityContext.php @@ -11,6 +11,8 @@ namespace Symfony\Component\Security\Core; +trigger_error('The '.__NAMESPACE__.'\SecurityContext class is deprecated since version 2.6 and will be removed in 3.0. Use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage or Symfony\Component\Security\Core\Authorization\AuthorizationChecker instead.', E_USER_DEPRECATED); + use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; @@ -26,7 +28,7 @@ use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; * * @author Fabien Potencier <fabien@symfony.com> * @author Johannes M. Schmitt <schmittjoh@gmail.com> - * @deprecated Deprecated since version 2.6, to be removed in 3.0. + * @deprecated since version 2.6, to be removed in 3.0. */ class SecurityContext implements SecurityContextInterface { @@ -70,6 +72,8 @@ class SecurityContext implements SecurityContextInterface } /** + * @deprecated since version 2.6, to be removed in 3.0. Use TokenStorageInterface::getToken() instead. + * * {@inheritdoc} */ public function getToken() @@ -78,6 +82,8 @@ class SecurityContext implements SecurityContextInterface } /** + * @deprecated since version 2.6, to be removed in 3.0. Use TokenStorageInterface::setToken() instead. + * * {@inheritdoc} */ public function setToken(TokenInterface $token = null) @@ -86,6 +92,8 @@ class SecurityContext implements SecurityContextInterface } /** + * @deprecated since version 2.6, to be removed in 3.0. Use AuthorizationCheckerInterface::isGranted() instead. + * * {@inheritdoc} */ public function isGranted($attributes, $object = null) diff --git a/Core/SecurityContextInterface.php b/Core/SecurityContextInterface.php index bceb506..f260aa3 100644 --- a/Core/SecurityContextInterface.php +++ b/Core/SecurityContextInterface.php @@ -11,6 +11,8 @@ namespace Symfony\Component\Security\Core; +trigger_error('The '.__NAMESPACE__.'\SecurityContextInterface interface is deprecated since version 2.6 and will be removed in 3.0.', E_USER_DEPRECATED); + use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; @@ -18,7 +20,7 @@ use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; * The SecurityContextInterface. * * @author Johannes M. Schmitt <schmittjoh@gmail.com> - * @deprecated Deprecated since version 2.6, to be removed in 3.0. + * @deprecated since version 2.6, to be removed in 3.0. */ interface SecurityContextInterface extends TokenStorageInterface, AuthorizationCheckerInterface { diff --git a/Core/Tests/Authentication/AuthenticationProviderManagerTest.php b/Core/Tests/Authentication/AuthenticationProviderManagerTest.php index df25874..cc8b7c0 100644 --- a/Core/Tests/Authentication/AuthenticationProviderManagerTest.php +++ b/Core/Tests/Authentication/AuthenticationProviderManagerTest.php @@ -27,6 +27,16 @@ class AuthenticationProviderManagerTest extends \PHPUnit_Framework_TestCase new AuthenticationProviderManager(array()); } + /** + * @expectedException \InvalidArgumentException + */ + public function testAuthenticateWithProvidersWithIncorrectInterface() + { + new AuthenticationProviderManager(array( + new \stdClass(), + )); + } + public function testAuthenticateWhenNoProviderSupportsToken() { $manager = new AuthenticationProviderManager(array( diff --git a/Core/Tests/Encoder/BCryptPasswordEncoderTest.php b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php index 2f7b845..4d9ca6d 100644 --- a/Core/Tests/Encoder/BCryptPasswordEncoderTest.php +++ b/Core/Tests/Encoder/BCryptPasswordEncoderTest.php @@ -47,8 +47,6 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase public function testResultLength() { - $this->skipIfPhpVersionIsNotSupported(); - $encoder = new BCryptPasswordEncoder(self::VALID_COST); $result = $encoder->encodePassword(self::PASSWORD, null); $this->assertEquals(60, strlen($result)); @@ -56,21 +54,12 @@ class BCryptPasswordEncoderTest extends \PHPUnit_Framework_TestCase public function testValidation() { - $this->skipIfPhpVersionIsNotSupported(); - $encoder = new BCryptPasswordEncoder(self::VALID_COST); $result = $encoder->encodePassword(self::PASSWORD, null); $this->assertTrue($encoder->isPasswordValid($result, self::PASSWORD, null)); $this->assertFalse($encoder->isPasswordValid($result, 'anotherPassword', null)); } - private function skipIfPhpVersionIsNotSupported() - { - if (PHP_VERSION_ID < 50307) { - $this->markTestSkipped('Requires PHP >= 5.3.7'); - } - } - /** * @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException */ diff --git a/Core/Tests/SecurityContextTest.php b/Core/Tests/LegacySecurityContextTest.php index bcf9ad9..f1f7861 100644 --- a/Core/Tests/SecurityContextTest.php +++ b/Core/Tests/LegacySecurityContextTest.php @@ -15,7 +15,10 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; use Symfony\Component\Security\Core\SecurityContext; -class SecurityContextTest extends \PHPUnit_Framework_TestCase +/** + * @group legacy + */ +class LegacySecurityContextTest extends \PHPUnit_Framework_TestCase { private $tokenStorage; private $authorizationChecker; @@ -23,6 +26,8 @@ class SecurityContextTest extends \PHPUnit_Framework_TestCase protected function setUp() { + $this->iniSet('error_reporting', -1 & ~E_USER_DEPRECATED); + $this->tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $this->authorizationChecker = $this->getMock('Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface'); $this->securityContext = new SecurityContext($this->tokenStorage, $this->authorizationChecker); diff --git a/Core/Tests/User/UserTest.php b/Core/Tests/User/UserTest.php index 2fe6daa..f514eda 100644 --- a/Core/Tests/User/UserTest.php +++ b/Core/Tests/User/UserTest.php @@ -123,4 +123,13 @@ class UserTest extends \PHPUnit_Framework_TestCase $user->eraseCredentials(); $this->assertEquals('superpass', $user->getPassword()); } + + /** + * @covers Symfony\Component\Security\Core\User\User::__toString + */ + public function testToString() + { + $user = new User('fabien', 'superpass'); + $this->assertEquals('fabien', (string) $user); + } } diff --git a/Core/Tests/Validator/Constraints/LegacyUserPasswordValidator2Dot4ApiTest.php b/Core/Tests/Validator/Constraints/LegacyUserPasswordValidator2Dot4ApiTest.php deleted file mode 100644 index cfbfdc1..0000000 --- a/Core/Tests/Validator/Constraints/LegacyUserPasswordValidator2Dot4ApiTest.php +++ /dev/null @@ -1,27 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Core\Tests\Validator\Constraints; - -use Symfony\Component\Validator\Validation; - -/** - * @since 2.5.4 - * @author Bernhard Schussek <bschussek@gmail.com> - * @group legacy - */ -class LegacyUserPasswordValidator2Dot4ApiTest extends UserPasswordValidatorTest -{ - protected function getApiVersion() - { - return Validation::API_VERSION_2_4; - } -} diff --git a/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php b/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php index 7792913..047c929 100644 --- a/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php +++ b/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php @@ -11,9 +11,9 @@ namespace Symfony\Component\Security\Core\Tests\Validator\Constraints; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator; use Symfony\Component\Validator\Tests\Constraints\AbstractConstraintValidatorTest; @@ -28,9 +28,9 @@ abstract class UserPasswordValidatorTest extends AbstractConstraintValidatorTest const SALT = '^S4lt$'; /** - * @var SecurityContextInterface + * @var TokenStorageInterface */ - protected $securityContext; + protected $tokenStorage; /** * @var PasswordEncoderInterface @@ -44,13 +44,13 @@ abstract class UserPasswordValidatorTest extends AbstractConstraintValidatorTest protected function createValidator() { - return new UserPasswordValidator($this->securityContext, $this->encoderFactory); + return new UserPasswordValidator($this->tokenStorage, $this->encoderFactory); } protected function setUp() { $user = $this->createUser(); - $this->securityContext = $this->createSecurityContext($user); + $this->tokenStorage = $this->createTokenStorage($user); $this->encoder = $this->createPasswordEncoder(); $this->encoderFactory = $this->createEncoderFactory($this->encoder); @@ -97,7 +97,7 @@ abstract class UserPasswordValidatorTest extends AbstractConstraintValidatorTest { $user = $this->getMock('Foo\Bar\User'); - $this->securityContext = $this->createSecurityContext($user); + $this->tokenStorage = $this->createTokenStorage($user); $this->validator = $this->createValidator(); $this->validator->initialize($this->context); @@ -141,11 +141,11 @@ abstract class UserPasswordValidatorTest extends AbstractConstraintValidatorTest return $mock; } - protected function createSecurityContext($user = null) + protected function createTokenStorage($user = null) { $token = $this->createAuthenticationToken($user); - $mock = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $mock = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $mock ->expects($this->any()) ->method('getToken') diff --git a/Core/User/User.php b/Core/User/User.php index ea2c6a4..d458b72 100644 --- a/Core/User/User.php +++ b/Core/User/User.php @@ -43,6 +43,11 @@ final class User implements AdvancedUserInterface $this->roles = $roles; } + public function __toString() + { + return $this->getUsername(); + } + /** * {@inheritdoc} */ diff --git a/Core/Util/SecureRandom.php b/Core/Util/SecureRandom.php index c0924df..f4167e4 100644 --- a/Core/Util/SecureRandom.php +++ b/Core/Util/SecureRandom.php @@ -43,9 +43,7 @@ final class SecureRandom implements SecureRandomInterface $this->logger = $logger; // determine whether to use OpenSSL - if ('\\' === DIRECTORY_SEPARATOR && PHP_VERSION_ID < 50304) { - $this->useOpenSsl = false; - } elseif (!function_exists('openssl_random_pseudo_bytes')) { + if (!function_exists('openssl_random_pseudo_bytes')) { if (null !== $this->logger) { $this->logger->notice('It is recommended that you enable the "openssl" extension for random number generation.'); } diff --git a/Core/Validator/Constraints/UserPasswordValidator.php b/Core/Validator/Constraints/UserPasswordValidator.php index 5f9ad2a..2dc7fee 100644 --- a/Core/Validator/Constraints/UserPasswordValidator.php +++ b/Core/Validator/Constraints/UserPasswordValidator.php @@ -12,8 +12,8 @@ namespace Symfony\Component\Security\Core\Validator\Constraints; use Symfony\Component\Security\Core\User\UserInterface; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Validator\Constraint; use Symfony\Component\Validator\ConstraintValidator; use Symfony\Component\Validator\Exception\ConstraintDefinitionException; @@ -21,12 +21,12 @@ use Symfony\Component\Validator\Exception\UnexpectedTypeException; class UserPasswordValidator extends ConstraintValidator { - private $securityContext; + private $tokenStorage; private $encoderFactory; - public function __construct(SecurityContextInterface $securityContext, EncoderFactoryInterface $encoderFactory) + public function __construct(TokenStorageInterface $tokenStorage, EncoderFactoryInterface $encoderFactory) { - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->encoderFactory = $encoderFactory; } @@ -39,7 +39,7 @@ class UserPasswordValidator extends ConstraintValidator throw new UnexpectedTypeException($constraint, __NAMESPACE__.'\UserPassword'); } - $user = $this->securityContext->getToken()->getUser(); + $user = $this->tokenStorage->getToken()->getUser(); if (!$user instanceof UserInterface) { throw new ConstraintDefinitionException('The User object must implement the UserInterface interface.'); diff --git a/Core/composer.json b/Core/composer.json index f8e289b..f5e3179 100644 --- a/Core/composer.json +++ b/Core/composer.json @@ -16,15 +16,15 @@ } ], "require": { - "php": ">=5.3.3" + "php": ">=5.3.9" }, "require-dev": { - "symfony/phpunit-bridge": "~2.7", - "symfony/event-dispatcher": "~2.1", - "symfony/expression-language": "~2.6", - "symfony/http-foundation": "~2.4", - "symfony/translation": "~2.0,>=2.0.5", - "symfony/validator": "~2.5,>=2.5.5", + "symfony/phpunit-bridge": "~2.7|~3.0.0", + "symfony/event-dispatcher": "~2.1|~3.0.0", + "symfony/expression-language": "~2.6|~3.0.0", + "symfony/http-foundation": "~2.4|~3.0.0", + "symfony/translation": "~2.0,>=2.0.5|~3.0.0", + "symfony/validator": "~2.5,>=2.5.5|~3.0.0", "psr/log": "~1.0", "ircmaxell/password-compat": "1.0.*" }, @@ -42,7 +42,7 @@ "minimum-stability": "dev", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.7-dev" } } } diff --git a/Core/phpunit.xml.dist b/Core/phpunit.xml.dist index 6b2ccb0..8a1a291 100644 --- a/Core/phpunit.xml.dist +++ b/Core/phpunit.xml.dist @@ -14,6 +14,7 @@ <php> <ini name="error_reporting" value="-1" /> </php> + <testsuites> <testsuite name="Symfony Security Component Core Test Suite"> <directory>./Tests/</directory> diff --git a/Csrf/README.md b/Csrf/README.md index 89ed66c..30d7bb2 100644 --- a/Csrf/README.md +++ b/Csrf/README.md @@ -9,7 +9,7 @@ Resources Documentation: -http://symfony.com/doc/2.6/book/security.html +http://symfony.com/doc/2.7/book/security.html Tests ----- diff --git a/Csrf/composer.json b/Csrf/composer.json index 5c869e0..4d4ff6a 100644 --- a/Csrf/composer.json +++ b/Csrf/composer.json @@ -16,12 +16,12 @@ } ], "require": { - "php": ">=5.3.3", - "symfony/security-core": "~2.4" + "php": ">=5.3.9", + "symfony/security-core": "~2.4|~3.0.0" }, "require-dev": { - "symfony/phpunit-bridge": "~2.7", - "symfony/http-foundation": "~2.1" + "symfony/phpunit-bridge": "~2.7|~3.0.0", + "symfony/http-foundation": "~2.1|~3.0.0" }, "suggest": { "symfony/http-foundation": "For using the class SessionTokenStorage." @@ -33,7 +33,7 @@ "minimum-stability": "dev", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.7-dev" } } } diff --git a/Csrf/phpunit.xml.dist b/Csrf/phpunit.xml.dist index f72d115..8f950a3 100644 --- a/Csrf/phpunit.xml.dist +++ b/Csrf/phpunit.xml.dist @@ -14,6 +14,7 @@ <php> <ini name="error_reporting" value="-1" /> </php> + <testsuites> <testsuite name="Symfony Security Component CSRF Test Suite"> <directory>./Tests/</directory> diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php index 8864dae..f8004d6 100644 --- a/Http/Authentication/DefaultAuthenticationFailureHandler.php +++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php @@ -92,7 +92,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle if ($this->options['failure_forward']) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Forwarding to %s', $this->options['failure_path'])); + $this->logger->debug('Authentication failure, forward triggered.', array('failure_path' => $this->options['failure_path'])); } $subRequest = $this->httpUtils->createRequest($request, $this->options['failure_path']); @@ -102,7 +102,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle } if (null !== $this->logger) { - $this->logger->debug(sprintf('Redirecting to %s', $this->options['failure_path'])); + $this->logger->debug('Authentication failure, redirect triggered.', array('failure_path' => $this->options['failure_path'])); } $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception); diff --git a/Http/Authentication/SimpleAuthenticationHandler.php b/Http/Authentication/SimpleAuthenticationHandler.php index 09a55ef..6a1311f 100644 --- a/Http/Authentication/SimpleAuthenticationHandler.php +++ b/Http/Authentication/SimpleAuthenticationHandler.php @@ -57,7 +57,7 @@ class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterfa { if ($this->simpleAuthenticator instanceof AuthenticationSuccessHandlerInterface) { if ($this->logger) { - $this->logger->debug(sprintf('Using the %s object as authentication success handler', get_class($this->simpleAuthenticator))); + $this->logger->debug('Selected an authentication success handler.', array('handler' => get_class($this->simpleAuthenticator))); } $response = $this->simpleAuthenticator->onAuthenticationSuccess($request, $token); @@ -71,7 +71,7 @@ class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterfa } if ($this->logger) { - $this->logger->debug('Fallback to the default authentication success handler'); + $this->logger->debug('Fallback to the default authentication success handler.'); } return $this->successHandler->onAuthenticationSuccess($request, $token); @@ -84,7 +84,7 @@ class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterfa { if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) { if ($this->logger) { - $this->logger->debug(sprintf('Using the %s object as authentication failure handler', get_class($this->simpleAuthenticator))); + $this->logger->debug('Selected an authentication failure handler.', array('handler' => get_class($this->simpleAuthenticator))); } $response = $this->simpleAuthenticator->onAuthenticationFailure($request, $exception); @@ -98,7 +98,7 @@ class SimpleAuthenticationHandler implements AuthenticationFailureHandlerInterfa } if ($this->logger) { - $this->logger->debug('Fallback to the default authentication failure handler'); + $this->logger->debug('Fallback to the default authentication failure handler.'); } return $this->failureHandler->onAuthenticationFailure($request, $exception); diff --git a/Http/EntryPoint/DigestAuthenticationEntryPoint.php b/Http/EntryPoint/DigestAuthenticationEntryPoint.php index 5a7aa1a..89f80ad 100644 --- a/Http/EntryPoint/DigestAuthenticationEntryPoint.php +++ b/Http/EntryPoint/DigestAuthenticationEntryPoint.php @@ -54,7 +54,7 @@ class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterfac } if (null !== $this->logger) { - $this->logger->debug(sprintf('WWW-Authenticate header sent to user agent: "%s"', $authenticateHeader)); + $this->logger->debug('WWW-Authenticate header sent.', array('header' => $authenticateHeader)); } $response = new Response(); diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php index 39c6951..09a4f55 100644 --- a/Http/Firewall/AbstractAuthenticationListener.php +++ b/Http/Firewall/AbstractAuthenticationListener.php @@ -16,8 +16,8 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerI use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Core\Security; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\SessionUnavailableException; @@ -56,7 +56,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface protected $providerKey; protected $httpUtils; - private $securityContext; + private $tokenStorage; private $sessionStrategy; private $dispatcher; private $successHandler; @@ -66,7 +66,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface /** * Constructor. * - * @param SecurityContextInterface $securityContext A SecurityContext instance + * @param TokenStorageInterface $tokenStorage A TokenStorageInterface instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param SessionAuthenticationStrategyInterface $sessionStrategy * @param HttpUtils $httpUtils An HttpUtilsInterface instance @@ -80,13 +80,13 @@ abstract class AbstractAuthenticationListener implements ListenerInterface * * @throws \InvalidArgumentException */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->sessionStrategy = $sessionStrategy; $this->providerKey = $providerKey; @@ -193,12 +193,12 @@ abstract class AbstractAuthenticationListener implements ListenerInterface private function onFailure(Request $request, AuthenticationException $failed) { if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication request failed: %s', $failed->getMessage())); + $this->logger->info('Authentication request failed.', array('exception' => $failed)); } - $token = $this->securityContext->getToken(); + $token = $this->tokenStorage->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); } $response = $this->failureHandler->onAuthenticationFailure($request, $failed); @@ -213,10 +213,10 @@ abstract class AbstractAuthenticationListener implements ListenerInterface private function onSuccess(Request $request, TokenInterface $token) { if (null !== $this->logger) { - $this->logger->info(sprintf('User "%s" has been authenticated successfully', $token->getUsername())); + $this->logger->info('User has been authenticated successfully.', array('username' => $token->getUsername())); } - $this->securityContext->setToken($token); + $this->tokenStorage->setToken($token); $session = $request->getSession(); $session->remove(Security::AUTHENTICATION_ERROR); diff --git a/Http/Firewall/AbstractPreAuthenticatedListener.php b/Http/Firewall/AbstractPreAuthenticatedListener.php index f040107..5ed8aa7 100644 --- a/Http/Firewall/AbstractPreAuthenticatedListener.php +++ b/Http/Firewall/AbstractPreAuthenticatedListener.php @@ -11,9 +11,9 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Http\SecurityEvents; @@ -33,14 +33,14 @@ use Symfony\Component\Security\Core\Exception\BadCredentialsException; abstract class AbstractPreAuthenticatedListener implements ListenerInterface { protected $logger; - private $securityContext; + private $tokenStorage; private $authenticationManager; private $providerKey; private $dispatcher; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->providerKey = $providerKey; $this->logger = $logger; @@ -56,10 +56,6 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface { $request = $event->getRequest(); - if (null !== $this->logger) { - $this->logger->debug(sprintf('Checking secure context token: %s', $this->securityContext->getToken())); - } - try { list($user, $credentials) = $this->getPreAuthenticatedData($request); } catch (BadCredentialsException $exception) { @@ -68,23 +64,27 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface return; } - if (null !== $token = $this->securityContext->getToken()) { + if (null !== $this->logger) { + $this->logger->debug('Checking current security token.', array('token' => (string) $this->tokenStorage->getToken())); + } + + if (null !== $token = $this->tokenStorage->getToken()) { if ($token instanceof PreAuthenticatedToken && $this->providerKey == $token->getProviderKey() && $token->isAuthenticated() && $token->getUsername() === $user) { return; } } if (null !== $this->logger) { - $this->logger->debug(sprintf('Trying to pre-authenticate user "%s"', $user)); + $this->logger->debug('Trying to pre-authenticate user.', array('username' => (string) $user)); } try { $token = $this->authenticationManager->authenticate(new PreAuthenticatedToken($user, $credentials, $this->providerKey)); if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication success: %s', $token)); + $this->logger->info('Pre-authentication successful.', array('token' => (string) $token)); } - $this->securityContext->setToken($token); + $this->tokenStorage->setToken($token); if (null !== $this->dispatcher) { $loginEvent = new InteractiveLoginEvent($request, $token); @@ -102,12 +102,12 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface */ private function clearToken(AuthenticationException $exception) { - $token = $this->securityContext->getToken(); + $token = $this->tokenStorage->getToken(); if ($token instanceof PreAuthenticatedToken && $this->providerKey === $token->getProviderKey()) { - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); if (null !== $this->logger) { - $this->logger->info(sprintf('Cleared security context due to exception: %s', $exception->getMessage())); + $this->logger->info('Cleared security token due to an exception.', array('exception' => $exception)); } } } diff --git a/Http/Firewall/AccessListener.php b/Http/Firewall/AccessListener.php index ecb6a09..6fd68f3 100644 --- a/Http/Firewall/AccessListener.php +++ b/Http/Firewall/AccessListener.php @@ -11,10 +11,10 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Http\AccessMapInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; @@ -26,14 +26,14 @@ use Symfony\Component\Security\Core\Exception\AccessDeniedException; */ class AccessListener implements ListenerInterface { - private $context; + private $tokenStorage; private $accessDecisionManager; private $map; private $authManager; - public function __construct(SecurityContextInterface $context, AccessDecisionManagerInterface $accessDecisionManager, AccessMapInterface $map, AuthenticationManagerInterface $authManager) + public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionManagerInterface $accessDecisionManager, AccessMapInterface $map, AuthenticationManagerInterface $authManager) { - $this->context = $context; + $this->tokenStorage = $tokenStorage; $this->accessDecisionManager = $accessDecisionManager; $this->map = $map; $this->authManager = $authManager; @@ -49,7 +49,7 @@ class AccessListener implements ListenerInterface */ public function handle(GetResponseEvent $event) { - if (null === $token = $this->context->getToken()) { + if (null === $token = $this->tokenStorage->getToken()) { throw new AuthenticationCredentialsNotFoundException('A Token was not found in the SecurityContext.'); } @@ -63,7 +63,7 @@ class AccessListener implements ListenerInterface if (!$token->isAuthenticated()) { $token = $this->authManager->authenticate($token); - $this->context->setToken($token); + $this->tokenStorage->setToken($token); } if (!$this->accessDecisionManager->decide($token, $attributes, $request)) { diff --git a/Http/Firewall/AnonymousAuthenticationListener.php b/Http/Firewall/AnonymousAuthenticationListener.php index 68f8987..f7feee8 100644 --- a/Http/Firewall/AnonymousAuthenticationListener.php +++ b/Http/Firewall/AnonymousAuthenticationListener.php @@ -12,8 +12,8 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; @@ -26,14 +26,14 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; */ class AnonymousAuthenticationListener implements ListenerInterface { - private $context; + private $tokenStorage; private $key; private $authenticationManager; private $logger; - public function __construct(SecurityContextInterface $context, $key, LoggerInterface $logger = null, AuthenticationManagerInterface $authenticationManager = null) + public function __construct(TokenStorageInterface $tokenStorage, $key, LoggerInterface $logger = null, AuthenticationManagerInterface $authenticationManager = null) { - $this->context = $context; + $this->tokenStorage = $tokenStorage; $this->key = $key; $this->authenticationManager = $authenticationManager; $this->logger = $logger; @@ -46,7 +46,7 @@ class AnonymousAuthenticationListener implements ListenerInterface */ public function handle(GetResponseEvent $event) { - if (null !== $this->context->getToken()) { + if (null !== $this->tokenStorage->getToken()) { return; } @@ -56,14 +56,14 @@ class AnonymousAuthenticationListener implements ListenerInterface $token = $this->authenticationManager->authenticate($token); } - $this->context->setToken($token); + $this->tokenStorage->setToken($token); if (null !== $this->logger) { - $this->logger->info('Populated SecurityContext with an anonymous Token'); + $this->logger->info('Populated the TokenStorage with an anonymous Token.'); } } catch (AuthenticationException $failed) { if (null !== $this->logger) { - $this->logger->info(sprintf('Anonymous authentication failed: %s', $failed->getMessage())); + $this->logger->info('Anonymous authentication failed.', array('exception' => $failed)); } } } diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index bfc4abc..11ae8f9 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -11,8 +11,8 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; @@ -26,20 +26,20 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException; */ class BasicAuthenticationListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $authenticationManager; private $providerKey; private $authenticationEntryPoint; private $logger; private $ignoreFailure; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->providerKey = $providerKey; $this->authenticationEntryPoint = $authenticationEntryPoint; @@ -60,27 +60,27 @@ class BasicAuthenticationListener implements ListenerInterface return; } - if (null !== $token = $this->securityContext->getToken()) { + if (null !== $token = $this->tokenStorage->getToken()) { if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && $token->getUsername() === $username) { return; } } if (null !== $this->logger) { - $this->logger->info(sprintf('Basic Authentication Authorization header found for user "%s"', $username)); + $this->logger->info('Basic authentication Authorization header found for user.', array('username' => $username)); } try { $token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey)); - $this->securityContext->setToken($token); + $this->tokenStorage->setToken($token); } catch (AuthenticationException $failed) { - $token = $this->securityContext->getToken(); + $token = $this->tokenStorage->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); } if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication request failed for user "%s": %s', $username, $failed->getMessage())); + $this->logger->info('Basic authentication failed for user.', array('username' => $username, 'exception' => $failed)); } if ($this->ignoreFailure) { diff --git a/Http/Firewall/ChannelListener.php b/Http/Firewall/ChannelListener.php index 9e4a6ee..637a7f5 100644 --- a/Http/Firewall/ChannelListener.php +++ b/Http/Firewall/ChannelListener.php @@ -44,11 +44,11 @@ class ChannelListener implements ListenerInterface { $request = $event->getRequest(); - list($attributes, $channel) = $this->map->getPatterns($request); + list(, $channel) = $this->map->getPatterns($request); if ('https' === $channel && !$request->isSecure()) { if (null !== $this->logger) { - $this->logger->info('Redirecting to HTTPS'); + $this->logger->info('Redirecting to HTTPS.'); } $response = $this->authenticationEntryPoint->start($request); @@ -60,7 +60,7 @@ class ChannelListener implements ListenerInterface if ('http' === $channel && $request->isSecure()) { if (null !== $this->logger) { - $this->logger->info('Redirecting to HTTP'); + $this->logger->info('Redirecting to HTTP.'); } $response = $this->authenticationEntryPoint->start($request); diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 732bbf7..013586c 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -16,10 +16,10 @@ use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpKernel\Event\FilterResponseEvent; use Symfony\Component\HttpKernel\KernelEvents; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -32,14 +32,15 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface; */ class ContextListener implements ListenerInterface { - private $context; + private $tokenStorage; private $contextKey; + private $sessionKey; private $logger; private $userProviders; private $dispatcher; private $registered; - public function __construct(SecurityContextInterface $context, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { if (empty($contextKey)) { throw new \InvalidArgumentException('$contextKey must not be empty.'); @@ -51,15 +52,16 @@ class ContextListener implements ListenerInterface } } - $this->context = $context; + $this->tokenStorage = $tokenStorage; $this->userProviders = $userProviders; $this->contextKey = $contextKey; + $this->sessionKey = '_security_'.$contextKey; $this->logger = $logger; $this->dispatcher = $dispatcher; } /** - * Reads the SecurityContext from the session. + * Reads the Security Token from the session. * * @param GetResponseEvent $event A GetResponseEvent instance */ @@ -73,8 +75,8 @@ class ContextListener implements ListenerInterface $request = $event->getRequest(); $session = $request->hasPreviousSession() ? $request->getSession() : null; - if (null === $session || null === $token = $session->get('_security_'.$this->contextKey)) { - $this->context->setToken(null); + if (null === $session || null === $token = $session->get($this->sessionKey)) { + $this->tokenStorage->setToken(null); return; } @@ -82,20 +84,20 @@ class ContextListener implements ListenerInterface $token = unserialize($token); if (null !== $this->logger) { - $this->logger->debug('Read SecurityContext from the session'); + $this->logger->debug('Read existing security token from the session.', array('key' => $this->sessionKey)); } if ($token instanceof TokenInterface) { $token = $this->refreshUser($token); } elseif (null !== $token) { if (null !== $this->logger) { - $this->logger->warning(sprintf('Session includes a "%s" where a security token is expected', is_object($token) ? get_class($token) : gettype($token))); + $this->logger->warning('Expected a security token from the session, got something else.', array('key' => $this->sessionKey, 'received' => $token)); } $token = null; } - $this->context->setToken($token); + $this->tokenStorage->setToken($token); } /** @@ -116,10 +118,6 @@ class ContextListener implements ListenerInterface $this->dispatcher->removeListener(KernelEvents::RESPONSE, array($this, 'onKernelResponse')); $this->registered = false; - if (null !== $this->logger) { - $this->logger->debug('Write SecurityContext in the session'); - } - $request = $event->getRequest(); $session = $request->getSession(); @@ -127,12 +125,16 @@ class ContextListener implements ListenerInterface return; } - if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) { + if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) { if ($request->hasPreviousSession()) { - $session->remove('_security_'.$this->contextKey); + $session->remove($this->sessionKey); } } else { - $session->set('_security_'.$this->contextKey, serialize($token)); + $session->set($this->sessionKey, serialize($token)); + + if (null !== $this->logger) { + $this->logger->debug('Stored the security token in the session.', array('key' => $this->sessionKey)); + } } } @@ -152,17 +154,13 @@ class ContextListener implements ListenerInterface return $token; } - if (null !== $this->logger) { - $this->logger->debug(sprintf('Reloading user from user provider.')); - } - foreach ($this->userProviders as $provider) { try { $refreshedUser = $provider->refreshUser($user); $token->setUser($refreshedUser); if (null !== $this->logger) { - $this->logger->debug(sprintf('Username "%s" was reloaded from user provider.', $refreshedUser->getUsername())); + $this->logger->debug('User was reloaded from a user provider.', array('username' => $refreshedUser->getUsername(), 'provider' => get_class($provider))); } return $token; @@ -170,7 +168,7 @@ class ContextListener implements ListenerInterface // let's try the next user provider } catch (UsernameNotFoundException $notFound) { if (null !== $this->logger) { - $this->logger->warning(sprintf('Username "%s" could not be found.', $notFound->getUsername())); + $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $notFound->getUsername(), 'provider' => get_class($provider))); } return; diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index a5e0222..e459152 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -11,12 +11,12 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Exception\AuthenticationServiceException; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; @@ -31,19 +31,19 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException; */ class DigestAuthenticationListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $provider; private $providerKey; private $authenticationEntryPoint; private $logger; - public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null) + public function __construct(TokenStorageInterface $tokenStorage, UserProviderInterface $provider, $providerKey, DigestAuthenticationEntryPoint $authenticationEntryPoint, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->provider = $provider; $this->providerKey = $providerKey; $this->authenticationEntryPoint = $authenticationEntryPoint; @@ -67,14 +67,14 @@ class DigestAuthenticationListener implements ListenerInterface $digestAuth = new DigestData($header); - if (null !== $token = $this->securityContext->getToken()) { + if (null !== $token = $this->tokenStorage->getToken()) { if ($token instanceof UsernamePasswordToken && $token->isAuthenticated() && $token->getUsername() === $digestAuth->getUsername()) { return; } } if (null !== $this->logger) { - $this->logger->debug(sprintf('Digest Authorization header received from user agent: %s', $header)); + $this->logger->debug('Digest Authorization header received from user agent.', array('header' => $header)); } try { @@ -89,7 +89,7 @@ class DigestAuthenticationListener implements ListenerInterface $user = $this->provider->loadUserByUsername($digestAuth->getUsername()); if (null === $user) { - throw new AuthenticationServiceException('AuthenticationDao returned null, which is an interface contract violation'); + throw new AuthenticationServiceException('Digest User provider returned null, which is an interface contract violation'); } $serverDigestMd5 = $digestAuth->calculateServerDigest($user->getPassword(), $request->getMethod()); @@ -101,7 +101,7 @@ class DigestAuthenticationListener implements ListenerInterface if ($serverDigestMd5 !== $digestAuth->getResponse()) { if (null !== $this->logger) { - $this->logger->debug(sprintf("Expected response: '%s' but received: '%s'; is AuthenticationDao returning clear text passwords?", $serverDigestMd5, $digestAuth->getResponse())); + $this->logger->debug("Unexpected response from the DigestAuth received; is the header returning a clear text passwords?", array('expected' => $serverDigestMd5, 'received' => $digestAuth->getResponse())); } $this->fail($event, $request, new BadCredentialsException('Incorrect response')); @@ -116,21 +116,21 @@ class DigestAuthenticationListener implements ListenerInterface } if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication success for user "%s" with response "%s"', $digestAuth->getUsername(), $digestAuth->getResponse())); + $this->logger->info('Digest authentication successful.', array('username' => $digestAuth->getUsername(), 'received' => $digestAuth->getResponse())); } - $this->securityContext->setToken(new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey)); + $this->tokenStorage->setToken(new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey)); } private function fail(GetResponseEvent $event, Request $request, AuthenticationException $authException) { - $token = $this->securityContext->getToken(); + $token = $this->tokenStorage->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); } if (null !== $this->logger) { - $this->logger->info($authException); + $this->logger->info('Digest authentication failed.', array('exception' => $authException)); } $event->setResponse($this->authenticationEntryPoint->start($request, $authException)); diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index e52f927..213a837 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -14,8 +14,8 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Core\Security; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AuthenticationException; @@ -39,7 +39,7 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface; */ class ExceptionListener { - private $context; + private $tokenStorage; private $providerKey; private $accessDeniedHandler; private $authenticationEntryPoint; @@ -48,9 +48,9 @@ class ExceptionListener private $logger; private $httpUtils; - public function __construct(SecurityContextInterface $context, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) { - $this->context = $context; + $this->tokenStorage = $tokenStorage; $this->accessDeniedHandler = $accessDeniedHandler; $this->httpUtils = $httpUtils; $this->providerKey = $providerKey; @@ -102,7 +102,7 @@ class ExceptionListener private function handleAuthenticationException(GetResponseForExceptionEvent $event, AuthenticationException $exception) { if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication exception occurred; redirecting to authentication entry point (%s)', $exception->getMessage())); + $this->logger->info('An AuthenticationException was thrown; redirecting to authentication entry point.', array('exception' => $exception)); } try { @@ -116,10 +116,10 @@ class ExceptionListener { $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception)); - $token = $this->context->getToken(); + $token = $this->tokenStorage->getToken(); if (!$this->authenticationTrustResolver->isFullFledged($token)) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Access is denied (user is not fully authenticated) by "%s" at line %s; redirecting to authentication entry point', $exception->getFile(), $exception->getLine())); + $this->logger->debug('Access denied, the user is not fully authenticated; redirecting to authentication entry point.', array('exception' => $exception)); } try { @@ -135,7 +135,7 @@ class ExceptionListener } if (null !== $this->logger) { - $this->logger->debug(sprintf('Access is denied (and user is neither anonymous, nor remember-me) by "%s" at line %s', $exception->getFile(), $exception->getLine())); + $this->logger->debug('Access denied, the user is neither anonymous, nor remember-me.', array('exception' => $exception)); } try { @@ -153,7 +153,7 @@ class ExceptionListener } } catch (\Exception $e) { if (null !== $this->logger) { - $this->logger->error(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); + $this->logger->error('An exception was thrown when handling an AccessDeniedException.', array('exception' => $e)); } $event->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e)); @@ -163,7 +163,7 @@ class ExceptionListener private function handleLogoutException(LogoutException $exception) { if (null !== $this->logger) { - $this->logger->info(sprintf('Logout exception occurred; wrapping with AccessDeniedHttpException (%s)', $exception->getMessage())); + $this->logger->info('A LogoutException was thrown.', array('exception' => $exception)); } } @@ -182,14 +182,18 @@ class ExceptionListener } if (null !== $this->logger) { - $this->logger->debug('Calling Authentication entry point'); + $this->logger->debug('Calling Authentication entry point.'); } $this->setTargetPath($request); if ($authException instanceof AccountStatusException) { // remove the security token to prevent infinite redirect loops - $this->context->setToken(null); + $this->tokenStorage->setToken(null); + + if (null !== $this->logger) { + $this->logger->info('The security token was removed due to an AccountStatusException.', array('exception' => $authException)); + } } return $this->authenticationEntryPoint->start($request, $authException); diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php index 3a45e37..96f5685 100644 --- a/Http/Firewall/LogoutListener.php +++ b/Http/Firewall/LogoutListener.php @@ -16,8 +16,8 @@ use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\GetResponseEvent; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\InvalidArgumentException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Exception\LogoutException; use Symfony\Component\Security\Csrf\CsrfToken; use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface; @@ -32,7 +32,7 @@ use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface; */ class LogoutListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $options; private $handlers; private $successHandler; @@ -42,13 +42,13 @@ class LogoutListener implements ListenerInterface /** * Constructor. * - * @param SecurityContextInterface $securityContext + * @param TokenStorageInterface $tokenStorage * @param HttpUtils $httpUtils An HttpUtilsInterface instance * @param LogoutSuccessHandlerInterface $successHandler A LogoutSuccessHandlerInterface instance * @param array $options An array of options to process a logout attempt * @param CsrfTokenManagerInterface $csrfTokenManager A CsrfTokenManagerInterface instance */ - public function __construct(SecurityContextInterface $securityContext, HttpUtils $httpUtils, LogoutSuccessHandlerInterface $successHandler, array $options = array(), $csrfTokenManager = null) + public function __construct(TokenStorageInterface $tokenStorage, HttpUtils $httpUtils, LogoutSuccessHandlerInterface $successHandler, array $options = array(), $csrfTokenManager = null) { if ($csrfTokenManager instanceof CsrfProviderInterface) { $csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager); @@ -56,7 +56,7 @@ class LogoutListener implements ListenerInterface throw new InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->httpUtils = $httpUtils; $this->options = array_merge(array( 'csrf_parameter' => '_csrf_token', @@ -111,13 +111,13 @@ class LogoutListener implements ListenerInterface } // handle multiple logout attempts gracefully - if ($token = $this->securityContext->getToken()) { + if ($token = $this->tokenStorage->getToken()) { foreach ($this->handlers as $handler) { $handler->logout($request, $response, $token); } } - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); $event->setResponse($response); } diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 7ec73e7..e34627c 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -14,8 +14,8 @@ namespace Symfony\Component\Security\Http\Firewall; use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Http\SecurityEvents; @@ -28,7 +28,7 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface; */ class RememberMeListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $rememberMeServices; private $authenticationManager; private $logger; @@ -38,16 +38,16 @@ class RememberMeListener implements ListenerInterface /** * Constructor. * - * @param SecurityContextInterface $securityContext + * @param TokenStorageInterface $tokenStorage * @param RememberMeServicesInterface $rememberMeServices * @param AuthenticationManagerInterface $authenticationManager * @param LoggerInterface $logger * @param EventDispatcherInterface $dispatcher * @param bool $catchExceptions */ - public function __construct(SecurityContextInterface $securityContext, RememberMeServicesInterface $rememberMeServices, AuthenticationManagerInterface $authenticationManager, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $catchExceptions = true) + public function __construct(TokenStorageInterface $tokenStorage, RememberMeServicesInterface $rememberMeServices, AuthenticationManagerInterface $authenticationManager, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $catchExceptions = true) { - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->rememberMeServices = $rememberMeServices; $this->authenticationManager = $authenticationManager; $this->logger = $logger; @@ -62,7 +62,7 @@ class RememberMeListener implements ListenerInterface */ public function handle(GetResponseEvent $event) { - if (null !== $this->securityContext->getToken()) { + if (null !== $this->tokenStorage->getToken()) { return; } @@ -73,7 +73,7 @@ class RememberMeListener implements ListenerInterface try { $token = $this->authenticationManager->authenticate($token); - $this->securityContext->setToken($token); + $this->tokenStorage->setToken($token); if (null !== $this->dispatcher) { $loginEvent = new InteractiveLoginEvent($request, $token); @@ -81,14 +81,14 @@ class RememberMeListener implements ListenerInterface } if (null !== $this->logger) { - $this->logger->debug('SecurityContext populated with remember-me token.'); + $this->logger->debug('Populated the token storage with a remember-me token.'); } } catch (AuthenticationException $failed) { if (null !== $this->logger) { $this->logger->warning( - 'SecurityContext not populated with remember-me token as the' + 'The token storage was not populated with remember-me token as the' .' AuthenticationManager rejected the AuthenticationToken returned' - .' by the RememberMeServices: '.$failed->getMessage() + .' by the RememberMeServices.', array('exception' => $failed) ); } diff --git a/Http/Firewall/RemoteUserAuthenticationListener.php b/Http/Firewall/RemoteUserAuthenticationListener.php index f190a17..c42badf 100644 --- a/Http/Firewall/RemoteUserAuthenticationListener.php +++ b/Http/Firewall/RemoteUserAuthenticationListener.php @@ -11,8 +11,8 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Psr\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Exception\BadCredentialsException; @@ -28,9 +28,9 @@ class RemoteUserAuthenticationListener extends AbstractPreAuthenticatedListener { private $userKey; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'REMOTE_USER', LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'REMOTE_USER', LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { - parent::__construct($securityContext, $authenticationManager, $providerKey, $logger, $dispatcher); + parent::__construct($tokenStorage, $authenticationManager, $providerKey, $logger, $dispatcher); $this->userKey = $userKey; } diff --git a/Http/Firewall/SimpleFormAuthenticationListener.php b/Http/Firewall/SimpleFormAuthenticationListener.php index 7f27b7f..4733b6a 100644 --- a/Http/Firewall/SimpleFormAuthenticationListener.php +++ b/Http/Firewall/SimpleFormAuthenticationListener.php @@ -23,8 +23,8 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerI use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Security; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; use Psr\Log\LoggerInterface; @@ -40,7 +40,7 @@ class SimpleFormAuthenticationListener extends AbstractAuthenticationListener /** * Constructor. * - * @param SecurityContextInterface $securityContext A SecurityContext instance + * @param TokenStorageInterface $tokenStorage A TokenStorageInterface instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param SessionAuthenticationStrategyInterface $sessionStrategy * @param HttpUtils $httpUtils An HttpUtilsInterface instance @@ -57,7 +57,7 @@ class SimpleFormAuthenticationListener extends AbstractAuthenticationListener * @throws \InvalidArgumentException In case no simple authenticator is provided * @throws InvalidArgumentException In case an invalid CSRF token manager is passed */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null, SimpleFormAuthenticatorInterface $simpleAuthenticator = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null, SimpleFormAuthenticatorInterface $simpleAuthenticator = null) { if (!$simpleAuthenticator) { throw new \InvalidArgumentException('Missing simple authenticator'); @@ -79,7 +79,8 @@ class SimpleFormAuthenticationListener extends AbstractAuthenticationListener 'intention' => 'authenticate', 'post_only' => true, ), $options); - parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, $options, $logger, $dispatcher); + + parent::__construct($tokenStorage, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, $options, $logger, $dispatcher); } /** diff --git a/Http/Firewall/SimplePreAuthenticationListener.php b/Http/Firewall/SimplePreAuthenticationListener.php index e80cc98..8f1f6fd 100644 --- a/Http/Firewall/SimplePreAuthenticationListener.php +++ b/Http/Firewall/SimplePreAuthenticationListener.php @@ -11,16 +11,19 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; +use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; +use Symfony\Component\Security\Http\SecurityEvents; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** * SimplePreAuthenticationListener implements simple proxying to an authenticator. @@ -29,32 +32,35 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerI */ class SimplePreAuthenticationListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $authenticationManager; private $providerKey; private $simpleAuthenticator; private $logger; + private $dispatcher; /** * Constructor. * - * @param SecurityContextInterface $securityContext A SecurityContext instance + * @param TokenStorageInterface $tokenStorage A TokenStorageInterface instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param string $providerKey * @param SimplePreAuthenticatorInterface $simpleAuthenticator A SimplePreAuthenticatorInterface instance * @param LoggerInterface $logger A LoggerInterface instance + * @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->authenticationManager = $authenticationManager; $this->providerKey = $providerKey; $this->simpleAuthenticator = $simpleAuthenticator; $this->logger = $logger; + $this->dispatcher = $dispatcher; } /** @@ -67,10 +73,10 @@ class SimplePreAuthenticationListener implements ListenerInterface $request = $event->getRequest(); if (null !== $this->logger) { - $this->logger->info(sprintf('Attempting simple pre-authorization %s', $this->providerKey)); + $this->logger->info('Attempting SimplePreAuthentication.', array('key' => $this->providerKey, 'authenticator' => get_class($this->simpleAuthenticator))); } - if (null !== $this->securityContext->getToken() && !$this->securityContext->getToken() instanceof AnonymousToken) { + if (null !== $this->tokenStorage->getToken() && !$this->tokenStorage->getToken() instanceof AnonymousToken) { return; } @@ -83,12 +89,17 @@ class SimplePreAuthenticationListener implements ListenerInterface } $token = $this->authenticationManager->authenticate($token); - $this->securityContext->setToken($token); + $this->tokenStorage->setToken($token); + + if (null !== $this->dispatcher) { + $loginEvent = new InteractiveLoginEvent($request, $token); + $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); + } } catch (AuthenticationException $e) { - $this->securityContext->setToken(null); + $this->tokenStorage->setToken(null); if (null !== $this->logger) { - $this->logger->info(sprintf('Authentication request failed: %s', $e->getMessage())); + $this->logger->info('SimplePreAuthentication request failed.', array('exception' => $e, 'authenticator' => get_class($this->simpleAuthenticator))); } if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) { diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index b46b1bc..5fc56e7 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\Exception\AccessDeniedException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; @@ -23,6 +22,7 @@ use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Role\SwitchUserRole; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Http\Event\SwitchUserEvent; @@ -37,7 +37,7 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface; */ class SwitchUserListener implements ListenerInterface { - private $securityContext; + private $tokenStorage; private $provider; private $userChecker; private $providerKey; @@ -47,16 +47,13 @@ class SwitchUserListener implements ListenerInterface private $logger; private $dispatcher; - /** - * Constructor. - */ - public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, UserCheckerInterface $userChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH', EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, UserProviderInterface $provider, UserCheckerInterface $userChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH', EventDispatcherInterface $dispatcher = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); } - $this->securityContext = $securityContext; + $this->tokenStorage = $tokenStorage; $this->provider = $provider; $this->userChecker = $userChecker; $this->providerKey = $providerKey; @@ -83,10 +80,10 @@ class SwitchUserListener implements ListenerInterface } if ('_exit' === $request->get($this->usernameParameter)) { - $this->securityContext->setToken($this->attemptExitUser($request)); + $this->tokenStorage->setToken($this->attemptExitUser($request)); } else { try { - $this->securityContext->setToken($this->attemptSwitchUser($request)); + $this->tokenStorage->setToken($this->attemptSwitchUser($request)); } catch (AuthenticationException $e) { throw new \LogicException(sprintf('Switch User failed: "%s"', $e->getMessage())); } @@ -112,7 +109,7 @@ class SwitchUserListener implements ListenerInterface */ private function attemptSwitchUser(Request $request) { - $token = $this->securityContext->getToken(); + $token = $this->tokenStorage->getToken(); $originalToken = $this->getOriginalToken($token); if (false !== $originalToken) { @@ -130,14 +127,14 @@ class SwitchUserListener implements ListenerInterface $username = $request->get($this->usernameParameter); if (null !== $this->logger) { - $this->logger->info(sprintf('Attempt to switch to user "%s"', $username)); + $this->logger->info('Attempting to switch to user.', array('username' => $username)); } $user = $this->provider->loadUserByUsername($username); $this->userChecker->checkPostAuth($user); $roles = $user->getRoles(); - $roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->securityContext->getToken()); + $roles[] = new SwitchUserRole('ROLE_PREVIOUS_ADMIN', $this->tokenStorage->getToken()); $token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles); @@ -160,7 +157,7 @@ class SwitchUserListener implements ListenerInterface */ private function attemptExitUser(Request $request) { - if (false === $original = $this->getOriginalToken($this->securityContext->getToken())) { + if (false === $original = $this->getOriginalToken($this->tokenStorage->getToken())) { throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.'); } diff --git a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php index b857fb3..07ab85a 100644 --- a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php +++ b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php @@ -22,11 +22,11 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerI use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\InvalidArgumentException; use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\Security; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** @@ -39,10 +39,7 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL { private $csrfTokenManager; - /** - * {@inheritdoc} - */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, $csrfTokenManager = null) { if ($csrfTokenManager instanceof CsrfProviderInterface) { $csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager); @@ -50,7 +47,7 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL throw new InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.'); } - parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, array_merge(array( + parent::__construct($tokenStorage, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, $failureHandler, array_merge(array( 'username_parameter' => '_username', 'password_parameter' => '_password', 'csrf_parameter' => '_csrf_token', diff --git a/Http/Firewall/X509AuthenticationListener.php b/Http/Firewall/X509AuthenticationListener.php index 9c07be1..326c9af 100644 --- a/Http/Firewall/X509AuthenticationListener.php +++ b/Http/Firewall/X509AuthenticationListener.php @@ -11,8 +11,8 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Psr\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Exception\BadCredentialsException; @@ -28,9 +28,9 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener private $userKey; private $credentialKey; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { - parent::__construct($securityContext, $authenticationManager, $providerKey, $logger, $dispatcher); + parent::__construct($tokenStorage, $authenticationManager, $providerKey, $logger, $dispatcher); $this->userKey = $userKey; $this->credentialKey = $credentialKey; diff --git a/Http/Logout/LogoutUrlGenerator.php b/Http/Logout/LogoutUrlGenerator.php new file mode 100644 index 0000000..298c224 --- /dev/null +++ b/Http/Logout/LogoutUrlGenerator.php @@ -0,0 +1,139 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Logout; + +use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderAdapter; +use Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface; +use Symfony\Component\HttpFoundation\RequestStack; +use Symfony\Component\Routing\Generator\UrlGeneratorInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface; + +/** + * Provides generator functions for the logout URL. + * + * @author Fabien Potencier <fabien@symfony.com> + * @author Jeremy Mikola <jmikola@gmail.com> + */ +class LogoutUrlGenerator +{ + private $requestStack; + private $router; + private $tokenStorage; + private $listeners = array(); + + public function __construct(RequestStack $requestStack = null, UrlGeneratorInterface $router = null, TokenStorageInterface $tokenStorage = null) + { + $this->requestStack = $requestStack; + $this->router = $router; + $this->tokenStorage = $tokenStorage; + } + + /** + * Registers a firewall's LogoutListener, allowing its URL to be generated. + * + * @param string $key The firewall key + * @param string $logoutPath The path that starts the logout process + * @param string $csrfTokenId The ID of the CSRF token + * @param string $csrfParameter The CSRF token parameter name + * @param CsrfTokenManagerInterface $csrfTokenManager A CsrfTokenManagerInterface instance + */ + public function registerListener($key, $logoutPath, $csrfTokenId, $csrfParameter, $csrfTokenManager = null) + { + if ($csrfTokenManager instanceof CsrfProviderInterface) { + $csrfTokenManager = new CsrfProviderAdapter($csrfTokenManager); + } elseif (null !== $csrfTokenManager && !$csrfTokenManager instanceof CsrfTokenManagerInterface) { + throw new \InvalidArgumentException('The CSRF token manager should be an instance of CsrfProviderInterface or CsrfTokenManagerInterface.'); + } + + $this->listeners[$key] = array($logoutPath, $csrfTokenId, $csrfParameter, $csrfTokenManager); + } + + /** + * Generates the absolute logout path for the firewall. + * + * @param string|null $key The firewall key or null to use the current firewall key + * + * @return string The logout path + */ + public function getLogoutPath($key = null) + { + return $this->generateLogoutUrl($key, UrlGeneratorInterface::ABSOLUTE_PATH); + } + + /** + * Generates the absolute logout URL for the firewall. + * + * @param string|null $key The firewall key or null to use the current firewall key + * + * @return string The logout URL + */ + public function getLogoutUrl($key = null) + { + return $this->generateLogoutUrl($key, UrlGeneratorInterface::ABSOLUTE_URL); + } + + /** + * Generates the logout URL for the firewall. + * + * @param string|null $key The firewall key or null to use the current firewall key + * @param bool|string $referenceType The type of reference (one of the constants in UrlGeneratorInterface) + * + * @return string The logout URL + * + * @throws \InvalidArgumentException if no LogoutListener is registered for the key or the key could not be found automatically. + */ + private function generateLogoutUrl($key, $referenceType) + { + // Fetch the current provider key from token, if possible + if (null === $key && null !== $this->tokenStorage) { + $token = $this->tokenStorage->getToken(); + if (null !== $token && method_exists($token, 'getProviderKey')) { + $key = $token->getProviderKey(); + } + } + + if (null === $key) { + throw new \InvalidArgumentException('Unable to find the current firewall LogoutListener, please provide the provider key manually.'); + } + + if (!array_key_exists($key, $this->listeners)) { + throw new \InvalidArgumentException(sprintf('No LogoutListener found for firewall key "%s".', $key)); + } + + list($logoutPath, $csrfTokenId, $csrfParameter, $csrfTokenManager) = $this->listeners[$key]; + + $parameters = null !== $csrfTokenManager ? array($csrfParameter => (string) $csrfTokenManager->getToken($csrfTokenId)) : array(); + + if ('/' === $logoutPath[0]) { + if (!$this->requestStack) { + throw new \LogicException('Unable to generate the logout URL without a RequestStack.'); + } + + $request = $this->requestStack->getCurrentRequest(); + + $url = UrlGeneratorInterface::ABSOLUTE_URL === $referenceType ? $request->getUriForPath($logoutPath) : $request->getBasePath().$logoutPath; + + if (!empty($parameters)) { + $url .= '?'.http_build_query($parameters); + } + } else { + if (!$this->router) { + throw new \LogicException('Unable to generate the logout URL without a Router.'); + } + + $url = $this->router->generate($logoutPath, $parameters, $referenceType); + } + + return $url; + } +} diff --git a/Http/README.md b/Http/README.md index e19af42..35437f2 100644 --- a/Http/README.md +++ b/Http/README.md @@ -11,7 +11,7 @@ Resources Documentation: -http://symfony.com/doc/2.6/book/security.html +http://symfony.com/doc/2.7/book/security.html Tests ----- diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index 659510a..047d624 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -137,7 +137,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface } } catch (AuthenticationException $invalid) { if (null !== $this->logger) { - $this->logger->debug('Remember-Me authentication failed: '.$invalid->getMessage()); + $this->logger->debug('Remember-Me authentication failed.', array('exception' => $invalid)); } } @@ -282,7 +282,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface protected function cancelCookie(Request $request) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Clearing remember-me cookie "%s"', $this->options['name'])); + $this->logger->debug('Clearing remember-me cookie.', array('name' => $this->options['name'])); } $request->attributes->set(self::COOKIE_ATTR_NAME, new Cookie($this->options['name'], null, 1, $this->options['path'], $this->options['domain'])); @@ -304,7 +304,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface $parameter = $request->get($this->options['remember_me_parameter'], null, true); if (null === $parameter && null !== $this->logger) { - $this->logger->debug(sprintf('Did not send remember-me cookie (remember-me parameter "%s" was not sent).', $this->options['remember_me_parameter'])); + $this->logger->debug('Did not send remember-me cookie.', array('parameter' => $this->options['remember_me_parameter'])); } return $parameter === 'true' || $parameter === 'on' || $parameter === '1' || $parameter === 'yes'; diff --git a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php index e065660..fd06e23 100644 --- a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php +++ b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php @@ -105,7 +105,10 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas public function testRedirectIsLogged() { - $this->logger->expects($this->once())->method('debug')->with('Redirecting to /login'); + $this->logger + ->expects($this->once()) + ->method('debug') + ->with('Authentication failure, redirect triggered.', array('failure_path' => '/login')); $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, array(), $this->logger); $handler->onAuthenticationFailure($this->request, $this->exception); @@ -119,7 +122,10 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas ->method('createRequest')->with($this->request, '/login') ->will($this->returnValue($this->getRequest())); - $this->logger->expects($this->once())->method('debug')->with('Forwarding to /login'); + $this->logger + ->expects($this->once()) + ->method('debug') + ->with('Authentication failure, forward triggered.', array('failure_path' => '/login')); $handler = new DefaultAuthenticationFailureHandler($this->httpKernel, $this->httpUtils, $options, $this->logger); $handler->onAuthenticationFailure($this->request, $this->exception); diff --git a/Http/Tests/Firewall/AbstractPreAuthenticatedListenerTest.php b/Http/Tests/Firewall/AbstractPreAuthenticatedListenerTest.php index 6e34532..61f086a 100644 --- a/Http/Tests/Firewall/AbstractPreAuthenticatedListenerTest.php +++ b/Http/Tests/Firewall/AbstractPreAuthenticatedListenerTest.php @@ -26,13 +26,13 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo($token)) @@ -47,7 +47,7 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase ; $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', )); @@ -72,13 +72,13 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase $request = new Request(array(), array(), array(), array(), array(), array()); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -93,7 +93,7 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase ; $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', )); @@ -120,13 +120,13 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase $request = new Request(array(), array(), array(), array(), array(), array()); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -141,7 +141,7 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase ; $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', )); @@ -168,8 +168,8 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase $token = new PreAuthenticatedToken('TheUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) @@ -182,7 +182,7 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase ; $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', )); @@ -209,13 +209,13 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase $token = new PreAuthenticatedToken('AnotherUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo(null)) @@ -231,7 +231,7 @@ class AbstractPreAuthenticatedListenerTest extends \PHPUnit_Framework_TestCase ; $listener = $this->getMockForAbstractClass('Symfony\Component\Security\Http\Firewall\AbstractPreAuthenticatedListener', array( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', )); diff --git a/Http/Tests/Firewall/AccessListenerTest.php b/Http/Tests/Firewall/AccessListenerTest.php index f9b0f3c..af9d565 100644 --- a/Http/Tests/Firewall/AccessListenerTest.php +++ b/Http/Tests/Firewall/AccessListenerTest.php @@ -37,8 +37,8 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue(true)) ; - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) @@ -53,7 +53,7 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new AccessListener( - $context, + $tokenStorage, $accessDecisionManager, $accessMap, $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') @@ -103,13 +103,13 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($authenticatedToken)) ; - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($notAuthenticatedToken)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo($authenticatedToken)) @@ -124,7 +124,7 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new AccessListener( - $context, + $tokenStorage, $accessDecisionManager, $accessMap, $authManager @@ -158,15 +158,15 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase ->method('isAuthenticated') ; - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) ; $listener = new AccessListener( - $context, + $tokenStorage, $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'), $accessMap, $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') @@ -185,17 +185,17 @@ class AccessListenerTest extends \PHPUnit_Framework_TestCase /** * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException */ - public function testHandleWhenTheSecurityContextHasNoToken() + public function testHandleWhenTheSecurityTokenStorageHasNoToken() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) ; $listener = new AccessListener( - $context, + $tokenStorage, $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'), $this->getMock('Symfony\Component\Security\Http\AccessMapInterface'), $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface') diff --git a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php index 3bc4eb6..dcd672b 100644 --- a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php +++ b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php @@ -16,15 +16,15 @@ use Symfony\Component\Security\Http\Firewall\AnonymousAuthenticationListener; class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase { - public function testHandleWithContextHavingAToken() + public function testHandleWithTokenStorageHavingAToken() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -35,14 +35,14 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ->method('authenticate') ; - $listener = new AnonymousAuthenticationListener($context, 'TheKey', null, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } - public function testHandleWithContextHavingNoToken() + public function testHandleWithTokenStorageHavingNoToken() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) @@ -61,28 +61,28 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($anonymousToken)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($anonymousToken) ; - $listener = new AnonymousAuthenticationListener($context, 'TheKey', null, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } public function testHandledEventIsLogged() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $logger = $this->getMock('Psr\Log\LoggerInterface'); $logger->expects($this->once()) ->method('info') - ->with('Populated SecurityContext with an anonymous Token') + ->with('Populated the TokenStorage with an anonymous Token.') ; $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new AnonymousAuthenticationListener($context, 'TheKey', $logger, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', $logger, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } } diff --git a/Http/Tests/Firewall/BasicAuthenticationListenerTest.php b/Http/Tests/Firewall/BasicAuthenticationListenerTest.php index 0ef993f..8901cb2 100644 --- a/Http/Tests/Firewall/BasicAuthenticationListenerTest.php +++ b/Http/Tests/Firewall/BasicAuthenticationListenerTest.php @@ -29,13 +29,13 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo($token)) @@ -50,7 +50,7 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new BasicAuthenticationListener( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') @@ -75,13 +75,13 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue(null)) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -97,7 +97,7 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new BasicAuthenticationListener( - $context, + $tokenStorage, new AuthenticationProviderManager(array($this->getMock('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface'))), 'TheProviderKey', $authenticationEntryPoint @@ -122,14 +122,14 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase { $request = new Request(); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->never()) ->method('getToken') ; $listener = new BasicAuthenticationListener( - $context, + $tokenStorage, $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), 'TheProviderKey', $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') @@ -151,8 +151,8 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $token = new UsernamePasswordToken('TheUsername', 'ThePassword', 'TheProviderKey', array('ROLE_FOO')); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) @@ -165,7 +165,7 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new BasicAuthenticationListener( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') @@ -188,7 +188,7 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase public function testItRequiresProviderKey() { new BasicAuthenticationListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), + $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'), $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'), '', $this->getMock('Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface') @@ -204,13 +204,13 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $token = new PreAuthenticatedToken('TheUser', 'TheCredentials', 'TheProviderKey', array('ROLE_FOO')); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage ->expects($this->any()) ->method('getToken') ->will($this->returnValue($token)) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -226,7 +226,7 @@ class BasicAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ; $listener = new BasicAuthenticationListener( - $context, + $tokenStorage, new AuthenticationProviderManager(array($this->getMock('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface'))), 'TheProviderKey', $authenticationEntryPoint diff --git a/Http/Tests/Firewall/ContextListenerTest.php b/Http/Tests/Firewall/ContextListenerTest.php index 00ec418..ae1199a 100644 --- a/Http/Tests/Firewall/ContextListenerTest.php +++ b/Http/Tests/Firewall/ContextListenerTest.php @@ -20,25 +20,11 @@ use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\KernelEvents; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; -use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Http\Firewall\ContextListener; use Symfony\Component\EventDispatcher\EventDispatcher; class ContextListenerTest extends \PHPUnit_Framework_TestCase { - protected function setUp() - { - $this->securityContext = new SecurityContext( - new TokenStorage(), - $this->getMock('Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface') - ); - } - - protected function tearDown() - { - unset($this->securityContext); - } - /** * @expectedException \InvalidArgumentException * @expectedExceptionMessage $contextKey must not be empty @@ -46,7 +32,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase public function testItRequiresContextKey() { new ContextListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), + $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'), array(), '' ); @@ -59,7 +45,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase public function testUserProvidersNeedToImplementAnInterface() { new ContextListener( - $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), + $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'), array(new \stdClass()), 'key123' ); @@ -101,7 +87,8 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase public function testOnKernelResponseWithoutSession() { - $this->securityContext->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit')); + $tokenStorage = new TokenStorage(); + $tokenStorage->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit')); $request = new Request(); $session = new Session(new MockArraySessionStorage()); $request->setSession($session); @@ -113,7 +100,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase new Response() ); - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); + $listener = new ContextListener($tokenStorage, array(), 'session', null, new EventDispatcher()); $listener->onKernelResponse($event); $this->assertTrue($session->isStarted()); @@ -132,7 +119,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase new Response() ); - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); + $listener = new ContextListener(new TokenStorage(), array(), 'session', null, new EventDispatcher()); $listener->onKernelResponse($event); $this->assertFalse($session->isStarted()); @@ -143,7 +130,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase */ public function testInvalidTokenInSession($token) { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') ->disableOriginalConstructor() ->getMock(); @@ -163,11 +150,11 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase ->method('get') ->with('_security_key123') ->will($this->returnValue($token)); - $context->expects($this->once()) + $tokenStorage->expects($this->once()) ->method('setToken') ->with(null); - $listener = new ContextListener($context, array(), 'key123'); + $listener = new ContextListener($tokenStorage, array(), 'key123'); $listener->handle($event); } @@ -182,13 +169,13 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase public function testHandleAddsKernelResponseListener() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\GetResponseEvent') ->disableOriginalConstructor() ->getMock(); - $listener = new ContextListener($context, array(), 'key123', null, $dispatcher); + $listener = new ContextListener($tokenStorage, array(), 'key123', null, $dispatcher); $event->expects($this->any()) ->method('isMasterRequest') @@ -206,13 +193,13 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase public function testOnKernelResponseListenerRemovesItself() { - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); $event = $this->getMockBuilder('Symfony\Component\HttpKernel\Event\FilterResponseEvent') ->disableOriginalConstructor() ->getMock(); - $listener = new ContextListener($context, array(), 'key123', null, $dispatcher); + $listener = new ContextListener($tokenStorage, array(), 'key123', null, $dispatcher); $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); $request->expects($this->any()) @@ -243,10 +230,10 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase ->getMock(); $event->expects($this->any())->method('getRequest')->will($this->returnValue($request)); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context->expects($this->once())->method('setToken')->with(null); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage->expects($this->once())->method('setToken')->with(null); - $listener = new ContextListener($context, array(), 'key123'); + $listener = new ContextListener($tokenStorage, array(), 'key123'); $listener->handle($event); } @@ -258,7 +245,8 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase $session->set('_security_session', $original); } - $this->securityContext->setToken($newToken); + $tokenStorage = new TokenStorage(); + $tokenStorage->setToken($newToken); $request = new Request(); $request->setSession($session); @@ -271,7 +259,7 @@ class ContextListenerTest extends \PHPUnit_Framework_TestCase new Response() ); - $listener = new ContextListener($this->securityContext, array(), 'session', null, new EventDispatcher()); + $listener = new ContextListener($tokenStorage, array(), 'session', null, new EventDispatcher()); $listener->onKernelResponse($event); return $session; diff --git a/Http/Tests/Firewall/ExceptionListenerTest.php b/Http/Tests/Firewall/ExceptionListenerTest.php index 6b99471..3d409e5 100644 --- a/Http/Tests/Firewall/ExceptionListenerTest.php +++ b/Http/Tests/Firewall/ExceptionListenerTest.php @@ -16,9 +16,9 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Http\Firewall\ExceptionListener; @@ -123,10 +123,10 @@ class ExceptionListenerTest extends \PHPUnit_Framework_TestCase { $event = $this->createEvent($exception); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $context->expects($this->once())->method('getToken')->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $tokenStorage->expects($this->once())->method('getToken')->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))); - $listener = $this->createExceptionListener($context, $this->createTrustResolver(false), null, $this->createEntryPoint()); + $listener = $this->createExceptionListener($tokenStorage, $this->createTrustResolver(false), null, $this->createEntryPoint()); $listener->onKernelException($event); $this->assertEquals('OK', $event->getResponse()->getContent()); @@ -169,10 +169,10 @@ class ExceptionListenerTest extends \PHPUnit_Framework_TestCase return new GetResponseForExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception); } - private function createExceptionListener(SecurityContextInterface $context = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null) + private function createExceptionListener(TokenStorageInterface $tokenStorage = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null) { return new ExceptionListener( - $context ?: $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'), + $tokenStorage ?: $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'), $trustResolver ?: $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface'), $httpUtils ?: $this->getMock('Symfony\Component\Security\Http\HttpUtils'), 'key', diff --git a/Http/Tests/Firewall/LogoutListenerTest.php b/Http/Tests/Firewall/LogoutListenerTest.php index 041febc..15c996e 100644 --- a/Http/Tests/Firewall/LogoutListenerTest.php +++ b/Http/Tests/Firewall/LogoutListenerTest.php @@ -19,7 +19,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase { public function testHandleUnmatchedPath() { - list($listener, $context, $httpUtils, $options) = $this->getListener(); + list($listener, $tokenStorage, $httpUtils, $options) = $this->getListener(); list($event, $request) = $this->getGetResponseEvent(); @@ -39,7 +39,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase $successHandler = $this->getSuccessHandler(); $tokenManager = $this->getTokenManager(); - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler, $tokenManager); + list($listener, $tokenStorage, $httpUtils, $options) = $this->getListener($successHandler, $tokenManager); list($event, $request) = $this->getGetResponseEvent(); @@ -59,7 +59,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase ->with($request) ->will($this->returnValue($response = new Response())); - $context->expects($this->once()) + $tokenStorage->expects($this->once()) ->method('getToken') ->will($this->returnValue($token = $this->getToken())); @@ -68,7 +68,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase ->method('logout') ->with($request, $response, $token); - $context->expects($this->once()) + $tokenStorage->expects($this->once()) ->method('setToken') ->with(null); @@ -85,7 +85,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase { $successHandler = $this->getSuccessHandler(); - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler); + list($listener, $tokenStorage, $httpUtils, $options) = $this->getListener($successHandler); list($event, $request) = $this->getGetResponseEvent(); @@ -99,7 +99,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase ->with($request) ->will($this->returnValue($response = new Response())); - $context->expects($this->once()) + $tokenStorage->expects($this->once()) ->method('getToken') ->will($this->returnValue($token = $this->getToken())); @@ -108,7 +108,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase ->method('logout') ->with($request, $response, $token); - $context->expects($this->once()) + $tokenStorage->expects($this->once()) ->method('setToken') ->with(null); @@ -128,7 +128,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase { $successHandler = $this->getSuccessHandler(); - list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler); + list($listener, $tokenStorage, $httpUtils, $options) = $this->getListener($successHandler); list($event, $request) = $this->getGetResponseEvent(); @@ -152,7 +152,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase { $tokenManager = $this->getTokenManager(); - list($listener, $context, $httpUtils, $options) = $this->getListener(null, $tokenManager); + list($listener, $tokenStorage, $httpUtils, $options) = $this->getListener(null, $tokenManager); list($event, $request) = $this->getGetResponseEvent(); @@ -175,11 +175,9 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase return $this->getMock('Symfony\Component\Security\Csrf\CsrfTokenManagerInterface'); } - private function getContext() + private function getTokenStorage() { - return $this->getMockBuilder('Symfony\Component\Security\Core\SecurityContext') - ->disableOriginalConstructor() - ->getMock(); + return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); } private function getGetResponseEvent() @@ -210,7 +208,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase private function getListener($successHandler = null, $tokenManager = null) { $listener = new LogoutListener( - $context = $this->getContext(), + $tokenStorage = $this->getTokenStorage(), $httpUtils = $this->getHttpUtils(), $successHandler ?: $this->getSuccessHandler(), $options = array( @@ -222,7 +220,7 @@ class LogoutListenerTest extends \PHPUnit_Framework_TestCase $tokenManager ); - return array($listener, $context, $httpUtils, $options); + return array($listener, $tokenStorage, $httpUtils, $options); } private function getSuccessHandler() diff --git a/Http/Tests/Firewall/RememberMeListenerTest.php b/Http/Tests/Firewall/RememberMeListenerTest.php index 12ced6b..ec1c35d 100644 --- a/Http/Tests/Firewall/RememberMeListenerTest.php +++ b/Http/Tests/Firewall/RememberMeListenerTest.php @@ -18,17 +18,17 @@ use Symfony\Component\Security\Http\SecurityEvents; class RememberMeListenerTest extends \PHPUnit_Framework_TestCase { - public function testOnCoreSecurityDoesNotTryToPopulateNonEmptySecurityContext() + public function testOnCoreSecurityDoesNotTryToPopulateNonEmptyTokenStorage() { - list($listener, $context) = $this->getListener(); + list($listener, $tokenStorage) = $this->getListener(); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue($this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'))) ; - $context + $tokenStorage ->expects($this->never()) ->method('setToken') ; @@ -38,9 +38,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase public function testOnCoreSecurityDoesNothingWhenNoCookieIsSet() { - list($listener, $context, $service) = $this->getListener(); + list($listener, $tokenStorage, $service) = $this->getListener(); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue(null)) @@ -64,9 +64,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase public function testOnCoreSecurityIgnoresAuthenticationExceptionThrownByAuthenticationManagerImplementation() { - list($listener, $context, $service, $manager) = $this->getListener(); + list($listener, $tokenStorage, $service, $manager) = $this->getListener(); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue(null)) @@ -106,9 +106,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase */ public function testOnCoreSecurityIgnoresAuthenticationOptionallyRethrowsExceptionThrownAuthenticationManagerImplementation() { - list($listener, $context, $service, $manager,) = $this->getListener(false, false); + list($listener, $tokenStorage, $service, $manager,) = $this->getListener(false, false); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue(null)) @@ -144,9 +144,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase public function testOnCoreSecurity() { - list($listener, $context, $service, $manager) = $this->getListener(); + list($listener, $tokenStorage, $service, $manager) = $this->getListener(); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue(null)) @@ -159,7 +159,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($token)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo($token)) @@ -183,9 +183,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase public function testOnCoreSecurityInteractiveLoginEventIsDispatchedIfDispatcherIsPresent() { - list($listener, $context, $service, $manager, , $dispatcher) = $this->getListener(true); + list($listener, $tokenStorage, $service, $manager, , $dispatcher) = $this->getListener(true); - $context + $tokenStorage ->expects($this->once()) ->method('getToken') ->will($this->returnValue(null)) @@ -198,7 +198,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($token)) ; - $context + $tokenStorage ->expects($this->once()) ->method('setToken') ->with($this->equalTo($token)) @@ -243,7 +243,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase protected function getListener($withDispatcher = false, $catchExceptions = true) { $listener = new RememberMeListener( - $context = $this->getContext(), + $tokenStorage = $this->getTokenStorage(), $service = $this->getService(), $manager = $this->getManager(), $logger = $this->getLogger(), @@ -251,7 +251,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase $catchExceptions ); - return array($listener, $context, $service, $manager, $logger, $dispatcher); + return array($listener, $tokenStorage, $service, $manager, $logger, $dispatcher); } protected function getLogger() @@ -269,9 +269,9 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase return $this->getMock('Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface'); } - protected function getContext() + protected function getTokenStorage() { - return $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); } protected function getDispatcher() diff --git a/Http/Tests/Firewall/RemoteUserAuthenticationListenerTest.php b/Http/Tests/Firewall/RemoteUserAuthenticationListenerTest.php index 6e6b979..dad7aad 100644 --- a/Http/Tests/Firewall/RemoteUserAuthenticationListenerTest.php +++ b/Http/Tests/Firewall/RemoteUserAuthenticationListenerTest.php @@ -24,12 +24,12 @@ class RemoteUserAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $request = new Request(array(), array(), array(), array(), array(), $serverVars); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); $listener = new RemoteUserAuthenticationListener( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey' ); @@ -48,12 +48,12 @@ class RemoteUserAuthenticationListenerTest extends \PHPUnit_Framework_TestCase { $request = new Request(array(), array(), array(), array(), array(), array()); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); $listener = new RemoteUserAuthenticationListener( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey' ); @@ -71,12 +71,12 @@ class RemoteUserAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $request = new Request(array(), array(), array(), array(), array(), array( 'TheUserKey' => 'TheUser', )); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); $listener = new RemoteUserAuthenticationListener( - $context, + $tokenStorage, $authenticationManager, 'TheProviderKey', 'TheUserKey' diff --git a/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php b/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php new file mode 100644 index 0000000..0a1286c --- /dev/null +++ b/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php @@ -0,0 +1,128 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Tests\Firewall; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; +use Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener; +use Symfony\Component\Security\Http\SecurityEvents; + +class SimplePreAuthenticationListenerTest extends \PHPUnit_Framework_TestCase +{ + private $authenticationManager; + private $dispatcher; + private $event; + private $logger; + private $request; + private $tokenStorage; + private $token; + + public function testHandle() + { + $this->tokenStorage + ->expects($this->once()) + ->method('setToken') + ->with($this->equalTo($this->token)) + ; + + $this->authenticationManager + ->expects($this->once()) + ->method('authenticate') + ->with($this->equalTo($this->token)) + ->will($this->returnValue($this->token)) + ; + + $simpleAuthenticator = $this->getMock('Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface'); + $simpleAuthenticator + ->expects($this->once()) + ->method('createToken') + ->with($this->equalTo($this->request), $this->equalTo('secured_area')) + ->will($this->returnValue($this->token)) + ; + + $loginEvent = new InteractiveLoginEvent($this->request, $this->token); + + $this->dispatcher + ->expects($this->once()) + ->method('dispatch') + ->with($this->equalTo(SecurityEvents::INTERACTIVE_LOGIN), $this->equalTo($loginEvent)) + ; + + $listener = new SimplePreAuthenticationListener($this->tokenStorage, $this->authenticationManager, 'secured_area', $simpleAuthenticator, $this->logger, $this->dispatcher); + + $listener->handle($this->event); + } + + public function testHandlecatchAuthenticationException() + { + $exception = new AuthenticationException('Authentication failed.'); + + $this->authenticationManager + ->expects($this->once()) + ->method('authenticate') + ->with($this->equalTo($this->token)) + ->will($this->throwException($exception)) + ; + + $this->tokenStorage->expects($this->once()) + ->method('setToken') + ->with($this->equalTo(null)) + ; + + $simpleAuthenticator = $this->getMock('Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface'); + $simpleAuthenticator + ->expects($this->once()) + ->method('createToken') + ->with($this->equalTo($this->request), $this->equalTo('secured_area')) + ->will($this->returnValue($this->token)) + ; + + $listener = new SimplePreAuthenticationListener($this->tokenStorage, $this->authenticationManager, 'secured_area', $simpleAuthenticator, $this->logger, $this->dispatcher); + + $listener->handle($this->event); + } + + protected function setUp() + { + $this->authenticationManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager') + ->disableOriginalConstructor() + ->getMock() + ; + + $this->dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + + $this->request = new Request(array(), array(), array(), array(), array(), array()); + + $this->event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); + $this->event + ->expects($this->any()) + ->method('getRequest') + ->will($this->returnValue($this->request)) + ; + + $this->logger = $this->getMock('Psr\Log\LoggerInterface'); + $this->tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); + $this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + } + + protected function tearDown() + { + $this->authenticationManager = null; + $this->dispatcher = null; + $this->event = null; + $this->logger = null; + $this->request = null; + $this->tokenStorage = null; + $this->token = null; + } +} diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php index 9fb4e50..3b6442d 100644 --- a/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -15,7 +15,7 @@ use Symfony\Component\Security\Http\Firewall\SwitchUserListener; class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase { - private $securityContext; + private $tokenStorage; private $userProvider; @@ -29,7 +29,7 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase protected function setUp() { - $this->securityContext = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $this->tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $this->userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface'); $this->userChecker = $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'); $this->accessDecisionManager = $this->getMock('Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface'); @@ -45,7 +45,7 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase */ public function testProviderKeyIsRequired() { - new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, '', $this->accessDecisionManager); + new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, '', $this->accessDecisionManager); } public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest() @@ -53,9 +53,9 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue(null)); $this->event->expects($this->never())->method('setResponse'); - $this->securityContext->expects($this->never())->method('setToken'); + $this->tokenStorage->expects($this->never())->method('setToken'); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } @@ -66,10 +66,10 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase { $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); + $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('_exit')); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } @@ -81,7 +81,7 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase ->getMock(); $role->expects($this->any())->method('getSource')->will($this->returnValue($originalToken)); - $this->securityContext->expects($this->any()) + $this->tokenStorage->expects($this->any()) ->method('getToken') ->will($this->returnValue($this->getToken(array($role)))); @@ -91,12 +91,12 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $this->request->query->expects($this->any())->method('all')->will($this->returnValue(array())); $this->request->server->expects($this->once())->method('set')->with('QUERY_STRING', ''); - $this->securityContext->expects($this->once()) + $this->tokenStorage->expects($this->once()) ->method('setToken')->with($originalToken); $this->event->expects($this->once()) ->method('setResponse')->with($this->isInstanceOf('Symfony\Component\HttpFoundation\RedirectResponse')); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } @@ -107,14 +107,14 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase { $token = $this->getToken(array($this->getMock('Symfony\Component\Security\Core\Role\RoleInterface'))); - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); + $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); $this->accessDecisionManager->expects($this->once()) ->method('decide')->with($token, array('ROLE_ALLOWED_TO_SWITCH')) ->will($this->returnValue(false)); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } @@ -124,7 +124,7 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); $user->expects($this->any())->method('getRoles')->will($this->returnValue(array())); - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); + $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); $this->request->query->expects($this->once())->method('remove', '_switch_user'); $this->request->query->expects($this->any())->method('all')->will($this->returnValue(array())); @@ -141,10 +141,10 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($user)); $this->userChecker->expects($this->once()) ->method('checkPostAuth')->with($user); - $this->securityContext->expects($this->once()) + $this->tokenStorage->expects($this->once()) ->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken')); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } @@ -154,7 +154,7 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); $user->expects($this->any())->method('getRoles')->will($this->returnValue(array())); - $this->securityContext->expects($this->any())->method('getToken')->will($this->returnValue($token)); + $this->tokenStorage->expects($this->any())->method('getToken')->will($this->returnValue($token)); $this->request->expects($this->any())->method('get')->with('_switch_user')->will($this->returnValue('kuba')); $this->request->query->expects($this->once())->method('remove', '_switch_user'); $this->request->query->expects($this->any())->method('all')->will($this->returnValue(array('page' => 3, 'section' => 2))); @@ -170,10 +170,10 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue($user)); $this->userChecker->expects($this->once()) ->method('checkPostAuth')->with($user); - $this->securityContext->expects($this->once()) + $this->tokenStorage->expects($this->once()) ->method('setToken')->with($this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken')); - $listener = new SwitchUserListener($this->securityContext, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager); $listener->handle($this->event); } diff --git a/Http/Tests/Firewall/X509AuthenticationListenerTest.php b/Http/Tests/Firewall/X509AuthenticationListenerTest.php index 7f2da3e..66690d9 100644 --- a/Http/Tests/Firewall/X509AuthenticationListenerTest.php +++ b/Http/Tests/Firewall/X509AuthenticationListenerTest.php @@ -31,11 +31,11 @@ class X509AuthenticationListenerTest extends \PHPUnit_Framework_TestCase $request = new Request(array(), array(), array(), array(), array(), $serverVars); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); + $listener = new X509AuthenticationListener($tokenStorage, $authenticationManager, 'TheProviderKey'); $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); $method->setAccessible(true); @@ -60,11 +60,11 @@ class X509AuthenticationListenerTest extends \PHPUnit_Framework_TestCase $credentials = 'CN=Sample certificate DN/emailAddress='.$emailAddress; $request = new Request(array(), array(), array(), array(), array(), array('SSL_CLIENT_S_DN' => $credentials)); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); + $listener = new X509AuthenticationListener($tokenStorage, $authenticationManager, 'TheProviderKey'); $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); $method->setAccessible(true); @@ -88,11 +88,11 @@ class X509AuthenticationListenerTest extends \PHPUnit_Framework_TestCase { $request = new Request(array(), array(), array(), array(), array(), array()); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey'); + $listener = new X509AuthenticationListener($tokenStorage, $authenticationManager, 'TheProviderKey'); $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); $method->setAccessible(true); @@ -108,11 +108,11 @@ class X509AuthenticationListenerTest extends \PHPUnit_Framework_TestCase 'TheUserKey' => 'TheUser', 'TheCredentialsKey' => 'TheCredentials', )); - $context = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); + $tokenStorage = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface'); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new X509AuthenticationListener($context, $authenticationManager, 'TheProviderKey', 'TheUserKey', 'TheCredentialsKey'); + $listener = new X509AuthenticationListener($tokenStorage, $authenticationManager, 'TheProviderKey', 'TheUserKey', 'TheCredentialsKey'); $method = new \ReflectionMethod($listener, 'getPreAuthenticatedData'); $method->setAccessible(true); diff --git a/Http/composer.json b/Http/composer.json index 6c6dfe3..80a0387 100644 --- a/Http/composer.json +++ b/Http/composer.json @@ -16,16 +16,16 @@ } ], "require": { - "php": ">=5.3.3", - "symfony/security-core": "~2.6", - "symfony/event-dispatcher": "~2.1", - "symfony/http-foundation": "~2.4", - "symfony/http-kernel": "~2.4" + "php": ">=5.3.9", + "symfony/security-core": "~2.6|~3.0.0", + "symfony/event-dispatcher": "~2.1|~3.0.0", + "symfony/http-foundation": "~2.4|~3.0.0", + "symfony/http-kernel": "~2.4|~3.0.0" }, "require-dev": { - "symfony/phpunit-bridge": "~2.7", - "symfony/routing": "~2.2", - "symfony/security-csrf": "~2.4", + "symfony/phpunit-bridge": "~2.7|~3.0.0", + "symfony/routing": "~2.2|~3.0.0", + "symfony/security-csrf": "~2.4|~3.0.0", "psr/log": "~1.0" }, "suggest": { @@ -39,7 +39,7 @@ "minimum-stability": "dev", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.7-dev" } } } diff --git a/Http/phpunit.xml.dist b/Http/phpunit.xml.dist index 7393814..49b36f2 100644 --- a/Http/phpunit.xml.dist +++ b/Http/phpunit.xml.dist @@ -14,6 +14,7 @@ <php> <ini name="error_reporting" value="-1" /> </php> + <testsuites> <testsuite name="Symfony Security Component HTTP Test Suite"> <directory>./Tests/</directory> @@ -11,7 +11,7 @@ Resources Documentation: -http://symfony.com/doc/2.6/book/security.html +http://symfony.com/doc/2.7/book/security.html Tests ----- diff --git a/composer.json b/composer.json index 81e8582..af7fad7 100644 --- a/composer.json +++ b/composer.json @@ -16,10 +16,10 @@ } ], "require": { - "php": ">=5.3.3", - "symfony/event-dispatcher": "~2.2", - "symfony/http-foundation": "~2.1", - "symfony/http-kernel": "~2.4" + "php": ">=5.3.9", + "symfony/event-dispatcher": "~2.2|~3.0.0", + "symfony/http-foundation": "~2.1|~3.0.0", + "symfony/http-kernel": "~2.4|~3.0.0" }, "replace": { "symfony/security-acl": "self.version", @@ -28,16 +28,16 @@ "symfony/security-http": "self.version" }, "require-dev": { - "symfony/phpunit-bridge": "~2.7", - "symfony/intl": "~2.3", - "symfony/routing": "~2.2", - "symfony/translation": "~2.0,>=2.0.5", - "symfony/validator": "~2.5,>=2.5.5", + "symfony/phpunit-bridge": "~2.7|~3.0.0", + "symfony/intl": "~2.3|~3.0.0", + "symfony/routing": "~2.2|~3.0.0", + "symfony/translation": "~2.0,>=2.0.5|~3.0.0", + "symfony/validator": "~2.5,>=2.5.5|~3.0.0", "doctrine/common": "~2.2", "doctrine/dbal": "~2.2", "psr/log": "~1.0", "ircmaxell/password-compat": "~1.0", - "symfony/expression-language": "~2.6" + "symfony/expression-language": "~2.6|~3.0.0" }, "suggest": { "symfony/class-loader": "For using the ACL generateSql script", @@ -55,7 +55,7 @@ "minimum-stability": "dev", "extra": { "branch-alias": { - "dev-master": "2.6-dev" + "dev-master": "2.7-dev" } } } diff --git a/phpunit.xml.dist b/phpunit.xml.dist index e80320d..7747b37 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -9,6 +9,7 @@ <php> <ini name="error_reporting" value="-1" /> </php> + <testsuites> <testsuite name="Symfony Security Component Test Suite"> <directory>./Acl/Tests/</directory> |