diff options
| -rw-r--r-- | CHANGELOG.md | 5 | ||||
| -rw-r--r-- | Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php | 175 | ||||
| -rw-r--r-- | Http/Firewall/SimplePreAuthenticationListener.php | 23 | ||||
| -rw-r--r-- | Http/Session/SessionAuthenticationStrategy.php | 2 | ||||
| -rw-r--r-- | Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php | 136 | ||||
| -rw-r--r-- | Http/Tests/Session/SessionAuthenticationStrategyTest.php | 2 |
6 files changed, 160 insertions, 183 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index c08d5cc..677c185 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ CHANGELOG ========= +2.7.0 +----- + +* Added the triggering of the `Symfony\Component\Security\Http\SecurityEvents::INTERACTIVE_LOGIN` in `Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener` + 2.6.0 ----- diff --git a/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php b/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php deleted file mode 100644 index ef93e25..0000000 --- a/Core/Tests/Validator/Constraints/UserPasswordValidatorTest.php +++ /dev/null @@ -1,175 +0,0 @@ -<?php - -/* - * This file is part of the Symfony package. - * - * (c) Fabien Potencier <fabien@symfony.com> - * - * For the full copyright and license information, please view the LICENSE - * file that was distributed with this source code. - */ - -namespace Symfony\Component\Security\Core\Tests\Validator\Constraints; - -use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface; -use Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface; -use Symfony\Component\Security\Core\SecurityContextInterface; -use Symfony\Component\Security\Core\Validator\Constraints\UserPassword; -use Symfony\Component\Security\Core\Validator\Constraints\UserPasswordValidator; -use Symfony\Component\Validator\Tests\Constraints\AbstractConstraintValidatorTest; -use Symfony\Component\Validator\Validation; - -/** - * @author Bernhard Schussek <bschussek@gmail.com> - */ -class UserPasswordValidatorTest extends AbstractConstraintValidatorTest -{ - const PASSWORD = 's3Cr3t'; - - const SALT = '^S4lt$'; - - /** - * @var SecurityContextInterface - */ - protected $securityContext; - - /** - * @var PasswordEncoderInterface - */ - protected $encoder; - - /** - * @var EncoderFactoryInterface - */ - protected $encoderFactory; - - protected function getApiVersion() - { - return Validation::API_VERSION_2_5; - } - - protected function createValidator() - { - return new UserPasswordValidator($this->securityContext, $this->encoderFactory); - } - - protected function setUp() - { - $user = $this->createUser(); - $this->securityContext = $this->createSecurityContext($user); - $this->encoder = $this->createPasswordEncoder(); - $this->encoderFactory = $this->createEncoderFactory($this->encoder); - - parent::setUp(); - } - - public function testPasswordIsValid() - { - $constraint = new UserPassword(array( - 'message' => 'myMessage', - )); - - $this->encoder->expects($this->once()) - ->method('isPasswordValid') - ->with(static::PASSWORD, 'secret', static::SALT) - ->will($this->returnValue(true)); - - $this->validator->validate('secret', $constraint); - - $this->assertNoViolation(); - } - - public function testPasswordIsNotValid() - { - $constraint = new UserPassword(array( - 'message' => 'myMessage', - )); - - $this->encoder->expects($this->once()) - ->method('isPasswordValid') - ->with(static::PASSWORD, 'secret', static::SALT) - ->will($this->returnValue(false)); - - $this->validator->validate('secret', $constraint); - - $this->buildViolation('myMessage') - ->assertRaised(); - } - - /** - * @expectedException \Symfony\Component\Validator\Exception\ConstraintDefinitionException - */ - public function testUserIsNotValid() - { - $user = $this->getMock('Foo\Bar\User'); - - $this->securityContext = $this->createSecurityContext($user); - $this->validator = $this->createValidator(); - $this->validator->initialize($this->context); - - $this->validator->validate('secret', new UserPassword()); - } - - protected function createUser() - { - $mock = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); - - $mock - ->expects($this->any()) - ->method('getPassword') - ->will($this->returnValue(static::PASSWORD)) - ; - - $mock - ->expects($this->any()) - ->method('getSalt') - ->will($this->returnValue(static::SALT)) - ; - - return $mock; - } - - protected function createPasswordEncoder($isPasswordValid = true) - { - return $this->getMock('Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface'); - } - - protected function createEncoderFactory($encoder = null) - { - $mock = $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'); - - $mock - ->expects($this->any()) - ->method('getEncoder') - ->will($this->returnValue($encoder)) - ; - - return $mock; - } - - protected function createSecurityContext($user = null) - { - $token = $this->createAuthenticationToken($user); - - $mock = $this->getMock('Symfony\Component\Security\Core\SecurityContextInterface'); - $mock - ->expects($this->any()) - ->method('getToken') - ->will($this->returnValue($token)) - ; - - return $mock; - } - - protected function createAuthenticationToken($user = null) - { - $mock = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); - $mock - ->expects($this->any()) - ->method('getUser') - ->will($this->returnValue($user)) - ; - - return $mock; - } -} diff --git a/Http/Firewall/SimplePreAuthenticationListener.php b/Http/Firewall/SimplePreAuthenticationListener.php index e80cc98..5d954f3 100644 --- a/Http/Firewall/SimplePreAuthenticationListener.php +++ b/Http/Firewall/SimplePreAuthenticationListener.php @@ -21,6 +21,9 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; +use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; +use Symfony\Component\Security\Http\SecurityEvents; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** * SimplePreAuthenticationListener implements simple proxying to an authenticator. @@ -34,17 +37,19 @@ class SimplePreAuthenticationListener implements ListenerInterface private $providerKey; private $simpleAuthenticator; private $logger; + private $dispatcher; /** * Constructor. * - * @param SecurityContextInterface $securityContext A SecurityContext instance - * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance - * @param string $providerKey - * @param SimplePreAuthenticatorInterface $simpleAuthenticator A SimplePreAuthenticatorInterface instance - * @param LoggerInterface $logger A LoggerInterface instance + * @param SecurityContextInterface $securityContext A SecurityContext instance + * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance + * @param string $providerKey + * @param SimplePreAuthenticatorInterface $simpleAuthenticator A SimplePreAuthenticatorInterface instance + * @param LoggerInterface $logger A LoggerInterface instance + * @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); @@ -55,6 +60,7 @@ class SimplePreAuthenticationListener implements ListenerInterface $this->providerKey = $providerKey; $this->simpleAuthenticator = $simpleAuthenticator; $this->logger = $logger; + $this->dispatcher = $dispatcher; } /** @@ -84,6 +90,11 @@ class SimplePreAuthenticationListener implements ListenerInterface $token = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($token); + + if (null !== $this->dispatcher) { + $loginEvent = new InteractiveLoginEvent($request, $token); + $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); + } } catch (AuthenticationException $e) { $this->securityContext->setToken(null); diff --git a/Http/Session/SessionAuthenticationStrategy.php b/Http/Session/SessionAuthenticationStrategy.php index 0e688c7..dd258a0 100644 --- a/Http/Session/SessionAuthenticationStrategy.php +++ b/Http/Session/SessionAuthenticationStrategy.php @@ -47,7 +47,7 @@ class SessionAuthenticationStrategy implements SessionAuthenticationStrategyInte return; case self::MIGRATE: - $request->getSession()->migrate(); + $request->getSession()->migrate(true); return; diff --git a/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php b/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php new file mode 100644 index 0000000..b4a4a34 --- /dev/null +++ b/Http/Tests/Firewall/SimplePreAuthenticationListenerTest.php @@ -0,0 +1,136 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Tests\Firewall; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; +use Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener; +use Symfony\Component\Security\Http\SecurityEvents; + +class SimplePreAuthenticationListenerTest extends \PHPUnit_Framework_TestCase +{ + private $authenticationManager; + private $dispatcher; + private $event; + private $logger; + private $request; + private $securityContext; + private $token; + + public function testHandle() + { + $this->securityContext + ->expects($this->once()) + ->method('setToken') + ->with($this->equalTo($this->token)) + ; + + $this->authenticationManager + ->expects($this->once()) + ->method('authenticate') + ->with($this->equalTo($this->token)) + ->will($this->returnValue($this->token)) + ; + + $simpleAuthenticator = $this->getMock('Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface'); + $simpleAuthenticator + ->expects($this->once()) + ->method('createToken') + ->with($this->equalTo($this->request), $this->equalTo('secured_area')) + ->will($this->returnValue($this->token)) + ; + + $loginEvent = new InteractiveLoginEvent($this->request, $this->token); + + $this->dispatcher + ->expects($this->once()) + ->method('dispatch') + ->with($this->equalTo(SecurityEvents::INTERACTIVE_LOGIN), $this->equalTo($loginEvent)) + ; + + $listener = new SimplePreAuthenticationListener($this->securityContext, $this->authenticationManager, 'secured_area', $simpleAuthenticator, $this->logger, $this->dispatcher); + + $listener->handle($this->event); + } + + public function testHandlecatchAuthenticationException() + { + $exception = new AuthenticationException('Authentication failed.'); + + $this->authenticationManager + ->expects($this->once()) + ->method('authenticate') + ->with($this->equalTo($this->token)) + ->will($this->throwException($exception)) + ; + + $this->securityContext->expects($this->once()) + ->method('setToken') + ->with($this->equalTo(null)) + ; + + $simpleAuthenticator = $this->getMock('Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface'); + $simpleAuthenticator + ->expects($this->once()) + ->method('createToken') + ->with($this->equalTo($this->request), $this->equalTo('secured_area')) + ->will($this->returnValue($this->token)) + ; + + $listener = new SimplePreAuthenticationListener($this->securityContext, $this->authenticationManager, 'secured_area', $simpleAuthenticator, $this->logger, $this->dispatcher); + + $listener->handle($this->event); + } + + public function setUp() + { + $this->authenticationManager = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager') + ->disableOriginalConstructor() + ->getMock() + ; + + $this->dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + + $this->request = new Request(array(), array(), array(), array(), array(), array()); + + $this->event = $this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false); + $this->event + ->expects($this->any()) + ->method('getRequest') + ->will($this->returnValue($this->request)) + ; + + $this->logger = $this->getMockBuilder('Symfony\Bridge\Monolog\Logger') + ->disableOriginalConstructor() + ->getMock() + ; + + $this->securityContext = $this->getMockBuilder('Symfony\Component\Security\Core\SecurityContext') + ->disableOriginalConstructor() + ->getMock() + ; + + $this->token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); + } + + public function tearDown() + { + $this->authenticationManager = null; + $this->dispatcher = null; + $this->event = null; + $this->logger = null; + $this->request = null; + $this->securityContext = null; + $this->token = null; + } +} diff --git a/Http/Tests/Session/SessionAuthenticationStrategyTest.php b/Http/Tests/Session/SessionAuthenticationStrategyTest.php index 7be9054..a1f960f 100644 --- a/Http/Tests/Session/SessionAuthenticationStrategyTest.php +++ b/Http/Tests/Session/SessionAuthenticationStrategyTest.php @@ -40,7 +40,7 @@ class SessionAuthenticationStrategyTest extends \PHPUnit_Framework_TestCase public function testSessionIsMigrated() { $session = $this->getMock('Symfony\Component\HttpFoundation\Session\SessionInterface'); - $session->expects($this->once())->method('migrate'); + $session->expects($this->once())->method('migrate')->with($this->equalTo(true)); $strategy = new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE); $strategy->onAuthentication($this->getRequest($session), $this->getToken()); |