diff options
Diffstat (limited to 'Http/RememberMe/AbstractRememberMeServices.php')
| -rw-r--r-- | Http/RememberMe/AbstractRememberMeServices.php | 27 |
1 files changed, 20 insertions, 7 deletions
diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index d61a6ce..ae61dd7 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -22,7 +22,7 @@ use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Cookie; -use Symfony\Component\HttpKernel\Log\LoggerInterface; +use Psr\Log\LoggerInterface; /** * Base class implementing the RememberMeServicesInterface @@ -47,6 +47,8 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * @param string $providerKey * @param array $options * @param LoggerInterface $logger + * + * @throws \InvalidArgumentException */ public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null) { @@ -89,9 +91,11 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * * @param Request $request * - * @return TokenInterface + * @return TokenInterface|null + * + * @throws CookieTheftException */ - public final function autoLogin(Request $request) + final public function autoLogin(Request $request) { if (null === $cookie = $request->cookies->get($this->options['name'])) { return; @@ -125,7 +129,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface } } catch (UnsupportedUserException $unSupported) { if (null !== $this->logger) { - $this->logger->warn('User class for remember-me cookie not supported.'); + $this->logger->warning('User class for remember-me cookie not supported.'); } } catch (AuthenticationException $invalid) { if (null !== $this->logger) { @@ -156,7 +160,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * * @param Request $request */ - public final function loginFail(Request $request) + final public function loginFail(Request $request) { $this->cancelCookie($request); $this->onLoginFail($request); @@ -170,8 +174,11 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * @param Response $response * @param TokenInterface $token The token that resulted in a successful authentication */ - public final function loginSuccess(Request $request, Response $response, TokenInterface $token) + final public function loginSuccess(Request $request, Response $response, TokenInterface $token) { + // Make sure any old remember-me cookies are cancelled + $this->cancelCookie($request); + if (!$token->getUser() instanceof UserInterface) { if (null !== $this->logger) { $this->logger->debug('Remember-me ignores token since it does not contain a UserInterface implementation.'); @@ -192,6 +199,12 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface $this->logger->debug('Remember-me was requested; setting cookie.'); } + // Remove attribute from request that sets a NULL cookie. + // It was set by $this->cancelCookie() + // (cancelCookie does other things too for some RememberMeServices + // so we should still call it at the start of this method) + $request->attributes->remove(self::COOKIE_ATTR_NAME); + $this->onLoginSuccess($request, $response, $token); } @@ -221,7 +234,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface */ abstract protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token); - protected final function getUserProvider($class) + final protected function getUserProvider($class) { foreach ($this->userProviders as $provider) { if ($provider->supportsClass($class)) { |