summaryrefslogtreecommitdiffstats
path: root/Http/RememberMe
diff options
context:
space:
mode:
Diffstat (limited to 'Http/RememberMe')
-rw-r--r--Http/RememberMe/AbstractRememberMeServices.php6
-rw-r--r--Http/RememberMe/PersistentTokenBasedRememberMeServices.php3
-rw-r--r--Http/RememberMe/RememberMeServicesInterface.php4
-rw-r--r--Http/RememberMe/ResponseListener.php3
-rw-r--r--Http/RememberMe/TokenBasedRememberMeServices.php4
5 files changed, 9 insertions, 11 deletions
diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php
index be22a1d..cd8640d 100644
--- a/Http/RememberMe/AbstractRememberMeServices.php
+++ b/Http/RememberMe/AbstractRememberMeServices.php
@@ -140,7 +140,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
}
} catch (AuthenticationException $e) {
if (null !== $this->logger) {
- $this->logger->debug('Remember-Me authentication failed: '.$e->getMessage());
+ $this->logger->debug('Remember-Me authentication failed.', array('exception' => $e));
}
}
@@ -293,7 +293,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
protected function cancelCookie(Request $request)
{
if (null !== $this->logger) {
- $this->logger->debug(sprintf('Clearing remember-me cookie "%s"', $this->options['name']));
+ $this->logger->debug('Clearing remember-me cookie.', array('name' => $this->options['name']));
}
$request->attributes->set(self::COOKIE_ATTR_NAME, new Cookie($this->options['name'], null, 1, $this->options['path'], $this->options['domain'], $this->options['secure'], $this->options['httponly']));
@@ -315,7 +315,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
$parameter = $request->get($this->options['remember_me_parameter'], null, true);
if (null === $parameter && null !== $this->logger) {
- $this->logger->debug(sprintf('Did not send remember-me cookie (remember-me parameter "%s" was not sent).', $this->options['remember_me_parameter']));
+ $this->logger->debug('Did not send remember-me cookie.', array('parameter' => $this->options['remember_me_parameter']));
}
return $parameter === 'true' || $parameter === 'on' || $parameter === '1' || $parameter === 'yes';
diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
index 0fffbfe..cbbbb23 100644
--- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
+++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
@@ -45,7 +45,7 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
* @param LoggerInterface $logger
* @param SecureRandomInterface $secureRandom
*/
- public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom)
+ public function __construct(array $userProviders, $key, $providerKey, array $options, LoggerInterface $logger = null, SecureRandomInterface $secureRandom)
{
parent::__construct($userProviders, $key, $providerKey, $options, $logger);
@@ -99,7 +99,6 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
throw new AuthenticationException('The cookie has expired.');
}
- $series = $persistentToken->getSeries();
$tokenValue = base64_encode($this->secureRandom->nextBytes(64));
$this->tokenProvider->updateToken($series, $tokenValue, new \DateTime());
$request->attributes->set(self::COOKIE_ATTR_NAME,
diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php
index 7adb827..5750a8c 100644
--- a/Http/RememberMe/RememberMeServicesInterface.php
+++ b/Http/RememberMe/RememberMeServicesInterface.php
@@ -36,8 +36,8 @@ interface RememberMeServicesInterface
const COOKIE_ATTR_NAME = '_security_remember_me_cookie';
/**
- * This method will be called whenever the SecurityContext does not contain
- * an TokenInterface object and the framework wishes to provide an implementation
+ * This method will be called whenever the TokenStorage does not contain
+ * a TokenInterface object and the framework wishes to provide an implementation
* with an opportunity to authenticate the request using remember-me capabilities.
*
* No attempt whatsoever is made to determine whether the browser has requested
diff --git a/Http/RememberMe/ResponseListener.php b/Http/RememberMe/ResponseListener.php
index ec5f006..4149fb6 100644
--- a/Http/RememberMe/ResponseListener.php
+++ b/Http/RememberMe/ResponseListener.php
@@ -13,7 +13,6 @@ namespace Symfony\Component\Security\Http\RememberMe;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;
-use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
/**
@@ -28,7 +27,7 @@ class ResponseListener implements EventSubscriberInterface
*/
public function onKernelResponse(FilterResponseEvent $event)
{
- if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) {
+ if (!$event->isMasterRequest()) {
return;
}
diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php
index 1aea5fd..d68ada5 100644
--- a/Http/RememberMe/TokenBasedRememberMeServices.php
+++ b/Http/RememberMe/TokenBasedRememberMeServices.php
@@ -54,7 +54,7 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
throw new \RuntimeException(sprintf('The UserProviderInterface implementation must return an instance of UserInterface, but returned "%s".', get_class($user)));
}
- if (!StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
+ if (true !== StringUtils::equals($this->generateCookieHash($class, $username, $expires, $user->getPassword()), $hash)) {
throw new AuthenticationException('The cookie\'s hash is invalid.');
}
@@ -121,6 +121,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
*/
protected function generateCookieHash($class, $username, $expires, $password)
{
- return hash('sha256', $class.$username.$expires.$password.$this->getKey());
+ return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey());
}
}
generated by cgit v1.1 at 2025-05-26 01:08:06 +0000