4 files changed, 31 insertions, 36 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2389ac3..797462b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,3 +20,6 @@ CHANGELOG
  * `ObjectIdentity::fromDomainObject`, `UserSecurityIdentity::fromAccount` and
    `UserSecurityIdentity::fromToken` now return correct identities for proxies
    objects (e.g. Doctrine proxies)
+ * [BC BREAK] moved the default authentication success and failure handling to
+   seperate classes. The order of arguments in the constructor of the
+   `AbstractAuthenticationListener` has changed.
diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php
index 71a0057..61d77a8 100644
--- a/Http/Authentication/DefaultAuthenticationFailureHandler.php
+++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php
@@ -24,36 +24,23 @@ use Symfony\Component\Security\Http\HttpUtils;
  * Can be optionally be extended from by the developer to alter the behaviour
  * while keeping the default behaviour.
  *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  * @author Alexander <iam.asm89@gmail.com>
  */
 class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandlerInterface
 {
-    /**
-     * @var HttpKernel
-     */
-    private $httpKernel;
-
-    /**
-     * @var HttpUtils
-     */
+    protected $httpKernel;
     protected $httpUtils;
-
-    /**
-     * @var LoggerInterface
-     */
-    private $logger;
-
-    /**
-     * @var array
-     */
+    protected $logger;
     protected $options;
 
     /**
      * Constructor.
      *
-     * @param HttpKernelInterface $httpKernel Kernel
-     * @param HttpUtils           $httpUtils  HttpUtils
-     * @param array               $options    Options for processing a successful authentication attempt.
+     * @param HttpKernelInterface $httpKernel
+     * @param HttpUtils           $httpUtils
+     * @param array               $options    Options for processing a failed authentication attempt.
      * @param LoggerInterface     $logger     Optional logger
      */
     public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options, LoggerInterface $logger = null)
@@ -63,9 +50,9 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle
         $this->logger     = $logger;
 
         $this->options = array_merge(array(
-            'failure_path'                   => null,
-            'failure_forward'                => false,
-            'login_path'                     => '/login',
+            'failure_path'    => null,
+            'failure_forward' => false,
+            'login_path'      => '/login',
         ), $options);
     }
 
diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php
index 8139786..88dcf68 100644
--- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php
+++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php
@@ -21,24 +21,19 @@ use Symfony\Component\Security\Http\HttpUtils;
  * Can be optionally be extended from by the developer to alter the behaviour
  * while keeping the default behaviour.
  *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
  * @author Alexander <iam.asm89@gmail.com>
  */
 class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
 {
-    /**
-     * @var HttpUtils
-     */
     protected $httpUtils;
-
-    /**
-     * @var array
-     */
     protected $options;
 
     /**
      * Constructor.
      *
-     * @param HttpUtils $httpUtils HttpUtils
+     * @param HttpUtils $httpUtils
      * @param array     $options   Options for processing a successful authentication attempt.
      */
     public function __construct(HttpUtils $httpUtils, array $options)
diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php
index 377639c..3324ba9 100644
--- a/Http/Firewall/AbstractAuthenticationListener.php
+++ b/Http/Firewall/AbstractAuthenticationListener.php
@@ -70,12 +70,12 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
      * @param SessionAuthenticationStrategyInterface $sessionStrategy
      * @param HttpUtils                              $httpUtils             An HttpUtilsInterface instance
      * @param string                                 $providerKey
+     * @param AuthenticationSuccessHandlerInterface  $successHandler
+     * @param AuthenticationFailureHandlerInterface  $failureHandler
      * @param array                                  $options               An array of options for the processing of a
      *                                                                      successful, or failed authentication attempt
-     * @param AuthenticationSuccessHandlerInterface $successHandler
-     * @param AuthenticationFailureHandlerInterface $failureHandler
-     * @param LoggerInterface                       $logger         A LoggerInterface instance
-     * @param EventDispatcherInterface              $dispatcher     An EventDispatcherInterface instance
+     * @param LoggerInterface                        $logger                A LoggerInterface instance
+     * @param EventDispatcherInterface               $dispatcher            An EventDispatcherInterface instance
      */
     public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, AuthenticationFailureHandlerInterface $failureHandler, array $options = array(), LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
     {
@@ -184,7 +184,13 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
 
         $this->securityContext->setToken(null);
 
-        return $this->failureHandler->onAuthenticationFailure($request, $failed);
+        $response = $this->failureHandler->onAuthenticationFailure($request, $failed);
+
+        if (!$response instanceof Response) {
+            throw new \RuntimeException('Authentication Failure Handler did not return a Response.');
+        }
+
+        return $response;
     }
 
     private function onSuccess(GetResponseEvent $event, Request $request, TokenInterface $token)
@@ -206,6 +212,10 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
 
         $response = $this->successHandler->onAuthenticationSuccess($request, $token);
 
+        if (!$response instanceof Response) {
+            throw new \RuntimeException('Authentication Success Handler did not return a Response.');
+        }
+
         if (null !== $this->rememberMeServices) {
             $this->rememberMeServices->loginSuccess($request, $response, $token);
         }