summaryrefslogtreecommitdiffstats
path: root/Http/Firewall
diff options
context:
space:
mode:
Diffstat (limited to 'Http/Firewall')
-rw-r--r--Http/Firewall/ContextListener.php5
-rw-r--r--Http/Firewall/ExceptionListener.php9
-rw-r--r--Http/Firewall/ListenerInterface.php1
-rw-r--r--Http/Firewall/LogoutListener.php2
-rw-r--r--Http/Firewall/RememberMeListener.php5
-rw-r--r--Http/Firewall/SwitchUserListener.php1
6 files changed, 13 insertions, 10 deletions
diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php
index 6fb77e9..d282452 100644
--- a/Http/Firewall/ContextListener.php
+++ b/Http/Firewall/ContextListener.php
@@ -11,7 +11,6 @@
namespace Symfony\Component\Security\Http\Firewall;
-use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
@@ -93,6 +92,10 @@ class ContextListener implements ListenerInterface
return;
}
+ if (!$event->getRequest()->hasSession()) {
+ return;
+ }
+
if (null === $token = $this->context->getToken()) {
return;
}
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
index 9bbccca..1535b9b 100644
--- a/Http/Firewall/ExceptionListener.php
+++ b/Http/Firewall/ExceptionListener.php
@@ -15,10 +15,11 @@ use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
+use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
-use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\HttpFoundation\Request;
@@ -159,6 +160,12 @@ class ExceptionListener
$this->setTargetPath($request);
+ if ($authException instanceof AccountStatusException && ($token = $this->context->getToken()) instanceof UsernamePasswordToken) {
+ // remove the security token to prevent infinite redirect loops
+ $this->context->setToken(null);
+ $request->getSession()->remove('_security_' . $token->getProviderKey());
+ }
+
return $this->authenticationEntryPoint->start($request, $authException);
}
diff --git a/Http/Firewall/ListenerInterface.php b/Http/Firewall/ListenerInterface.php
index 822f641..ccde86e 100644
--- a/Http/Firewall/ListenerInterface.php
+++ b/Http/Firewall/ListenerInterface.php
@@ -12,7 +12,6 @@
namespace Symfony\Component\Security\Http\Firewall;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
-use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
* Interface that must be implemented by firewall listeners
diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php
index 06454a3..4bfa7e1 100644
--- a/Http/Firewall/LogoutListener.php
+++ b/Http/Firewall/LogoutListener.php
@@ -17,7 +17,6 @@ use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
/**
@@ -57,6 +56,7 @@ class LogoutListener implements ListenerInterface
* Adds a logout handler
*
* @param LogoutHandlerInterface $handler
+ *
* @return void
*/
public function addHandler(LogoutHandlerInterface $handler)
diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php
index 0b3bc78..5531012 100644
--- a/Http/Firewall/RememberMeListener.php
+++ b/Http/Firewall/RememberMeListener.php
@@ -2,15 +2,10 @@
namespace Symfony\Component\Security\Http\Firewall;
-use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
-use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
-use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\Security\Core\Exception\CookieTheftException;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php
index 8e45508..9780860 100644
--- a/Http/Firewall/SwitchUserListener.php
+++ b/Http/Firewall/SwitchUserListener.php
@@ -19,7 +19,6 @@ use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface
use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
-use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\Role\SwitchUserRole;
generated by cgit v1.1 at 2025-05-28 19:38:54 +0000