diff options
Diffstat (limited to 'Http')
16 files changed, 93 insertions, 17 deletions
diff --git a/Http/Authentication/AuthenticationUtils.php b/Http/Authentication/AuthenticationUtils.php index 4d5c71a..c6397e8 100644 --- a/Http/Authentication/AuthenticationUtils.php +++ b/Http/Authentication/AuthenticationUtils.php @@ -65,7 +65,13 @@ class AuthenticationUtils */ public function getLastUsername() { - $session = $this->getRequest()->getSession(); + $request = $this->getRequest(); + + if ($request->attributes->has(Security::LAST_USERNAME)) { + return $request->attributes->get(Security::LAST_USERNAME); + } + + $session = $request->getSession(); return null === $session ? '' : $session->get(Security::LAST_USERNAME); } diff --git a/Http/Authentication/DefaultAuthenticationFailureHandler.php b/Http/Authentication/DefaultAuthenticationFailureHandler.php index f8004d6..830c00a 100644 --- a/Http/Authentication/DefaultAuthenticationFailureHandler.php +++ b/Http/Authentication/DefaultAuthenticationFailureHandler.php @@ -46,7 +46,7 @@ class DefaultAuthenticationFailureHandler implements AuthenticationFailureHandle * * @param HttpKernelInterface $httpKernel * @param HttpUtils $httpUtils - * @param array $options Options for processing a failed authentication attempt. + * @param array $options Options for processing a failed authentication attempt * @param LoggerInterface $logger Optional logger */ public function __construct(HttpKernelInterface $httpKernel, HttpUtils $httpUtils, array $options = array(), LoggerInterface $logger = null) diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php index 5fa7071..b6a7df5 100644 --- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php +++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php @@ -39,7 +39,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle * Constructor. * * @param HttpUtils $httpUtils - * @param array $options Options for processing a successful authentication attempt. + * @param array $options Options for processing a successful authentication attempt */ public function __construct(HttpUtils $httpUtils, array $options = array()) { diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index ebe96ea..5bbf13d 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -56,7 +56,7 @@ class BasicAuthenticationListener implements ListenerInterface { $request = $event->getRequest(); - if (false === $username = $request->headers->get('PHP_AUTH_USER', false)) { + if (null === $username = $request->headers->get('PHP_AUTH_USER')) { return; } diff --git a/Http/Firewall/SimpleFormAuthenticationListener.php b/Http/Firewall/SimpleFormAuthenticationListener.php index 4733b6a..8123e0e 100644 --- a/Http/Firewall/SimpleFormAuthenticationListener.php +++ b/Http/Firewall/SimpleFormAuthenticationListener.php @@ -24,6 +24,7 @@ use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerI use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Security; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; @@ -116,6 +117,10 @@ class SimpleFormAuthenticationListener extends AbstractAuthenticationListener $password = $request->get($this->options['password_parameter'], null, true); } + if (strlen($username) > Security::MAX_USERNAME_LENGTH) { + throw new BadCredentialsException('Invalid username.'); + } + $request->getSession()->set(Security::LAST_USERNAME, $username); $token = $this->simpleAuthenticator->createToken($request, $username, $password, $this->providerKey); diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 7c068fe..7de83d2 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\Exception\AccessDeniedException; +use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; @@ -161,7 +162,7 @@ class SwitchUserListener implements ListenerInterface throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.'); } - if (null !== $this->dispatcher) { + if (null !== $this->dispatcher && $original->getUser() instanceof UserInterface) { $user = $this->provider->refreshUser($original->getUser()); $switchEvent = new SwitchUserEvent($request, $user); $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); diff --git a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php index 07ab85a..ba4329b 100644 --- a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php +++ b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php @@ -24,6 +24,7 @@ use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; +use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Exception\InvalidArgumentException; use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\Security; @@ -91,6 +92,10 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL $password = $request->get($this->options['password_parameter'], null, true); } + if (strlen($username) > Security::MAX_USERNAME_LENGTH) { + throw new BadCredentialsException('Invalid username.'); + } + $request->getSession()->set(Security::LAST_USERNAME, $username); return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey)); diff --git a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php index 82b5533..252b124 100644 --- a/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php +++ b/Http/Tests/Authentication/DefaultAuthenticationFailureHandlerTest.php @@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Http\Tests\Authentication; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler; use Symfony\Component\Security\Core\Security; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\HttpKernelInterface; class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCase @@ -52,7 +53,7 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas ->method('createRequest')->with($this->request, '/login') ->will($this->returnValue($subRequest)); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $this->httpKernel->expects($this->once()) ->method('handle')->with($subRequest, HttpKernelInterface::SUB_REQUEST) ->will($this->returnValue($response)); @@ -65,7 +66,7 @@ class DefaultAuthenticationFailureHandlerTest extends \PHPUnit_Framework_TestCas public function testRedirect() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $this->httpUtils->expects($this->once()) ->method('createRedirectResponse')->with($this->request, '/login') ->will($this->returnValue($response)); diff --git a/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php b/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php index 4d1847d..ae9f02b 100644 --- a/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php +++ b/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\Authentication; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; class DefaultAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCase @@ -157,8 +158,7 @@ class DefaultAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCas private function expectRedirectResponse($path) { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); - + $response = new Response(); $this->httpUtils->expects($this->once()) ->method('createRedirectResponse') ->with($this->request, $path) diff --git a/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php b/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php index 6e79b07..8a31886 100644 --- a/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php +++ b/Http/Tests/Authentication/SimpleAuthenticationHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; @@ -41,7 +42,7 @@ class SimpleAuthenticationHandlerTest extends \PHPUnit_Framework_TestCase // No methods are invoked on the exception; we just assert on its class $this->authenticationException = new AuthenticationException(); - $this->response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $this->response = new Response(); } public function testOnAuthenticationSuccessFallsBackToDefaultHandlerIfSimpleIsNotASuccessHandler() diff --git a/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php b/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php index 3acb9c2..75a6be4 100644 --- a/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php +++ b/Http/Tests/EntryPoint/FormAuthenticationEntryPointTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\EntryPoint; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\EntryPoint\FormAuthenticationEntryPoint; use Symfony\Component\HttpKernel\HttpKernelInterface; @@ -19,7 +20,7 @@ class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase public function testStart() { $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $httpKernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); @@ -39,7 +40,7 @@ class FormAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase { $request = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); $subRequest = $this->getMock('Symfony\Component\HttpFoundation\Request', array(), array(), '', false, false); - $response = new \Symfony\Component\HttpFoundation\Response('', 200); + $response = new Response('', 200); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); $httpUtils diff --git a/Http/Tests/Firewall/RememberMeListenerTest.php b/Http/Tests/Firewall/RememberMeListenerTest.php index 7309042..cd2f1b8 100644 --- a/Http/Tests/Firewall/RememberMeListenerTest.php +++ b/Http/Tests/Firewall/RememberMeListenerTest.php @@ -101,7 +101,7 @@ class RememberMeListenerTest extends \PHPUnit_Framework_TestCase } /** - * @expectedException Symfony\Component\Security\Core\Exception\AuthenticationException + * @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException * @expectedExceptionMessage Authentication failed. */ public function testOnCoreSecurityIgnoresAuthenticationOptionallyRethrowsExceptionThrownAuthenticationManagerImplementation() diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php index f43b564..28d73e0 100644 --- a/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -158,6 +158,59 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($this->event); } + public function testExitUserDoesNotDispatchEventWithStringUser() + { + $originalUser = 'anon.'; + $this + ->userProvider + ->expects($this->never()) + ->method('refreshUser'); + $originalToken = $this->getToken(); + $originalToken + ->expects($this->any()) + ->method('getUser') + ->willReturn($originalUser); + $role = $this + ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') + ->disableOriginalConstructor() + ->getMock(); + $role + ->expects($this->any()) + ->method('getSource') + ->willReturn($originalToken); + $this + ->tokenStorage + ->expects($this->any()) + ->method('getToken') + ->willReturn($this->getToken(array($role))); + $this + ->request + ->expects($this->any()) + ->method('get') + ->with('_switch_user') + ->willReturn('_exit'); + $this + ->request + ->query + ->expects($this->any()) + ->method('all') + ->will($this->returnValue(array())); + $this + ->request + ->expects($this->any()) + ->method('getUri') + ->willReturn('/'); + + $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + $dispatcher + ->expects($this->never()) + ->method('dispatch') + ; + + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); + $listener->handle($this->event); + } + /** * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ diff --git a/Http/Tests/FirewallTest.php b/Http/Tests/FirewallTest.php index 9994737..1e0c1ef 100644 --- a/Http/Tests/FirewallTest.php +++ b/Http/Tests/FirewallTest.php @@ -11,9 +11,10 @@ namespace Symfony\Component\Security\Http\Tests; -use Symfony\Component\Security\Http\Firewall; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\Security\Http\Firewall; class FirewallTest extends \PHPUnit_Framework_TestCase { @@ -46,7 +47,7 @@ class FirewallTest extends \PHPUnit_Framework_TestCase public function testOnKernelRequestStopsWhenThereIsAResponse() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $first = $this->getMock('Symfony\Component\Security\Http\Firewall\ListenerInterface'); $first diff --git a/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php b/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php index 381a48e..8a94e53 100644 --- a/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php +++ b/Http/Tests/Logout/DefaultLogoutSuccessHandlerTest.php @@ -11,6 +11,7 @@ namespace Symfony\Component\Security\Http\Tests\Logout; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Logout\DefaultLogoutSuccessHandler; class DefaultLogoutSuccessHandlerTest extends \PHPUnit_Framework_TestCase @@ -18,7 +19,7 @@ class DefaultLogoutSuccessHandlerTest extends \PHPUnit_Framework_TestCase public function testLogout() { $request = $this->getMock('Symfony\Component\HttpFoundation\Request'); - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $httpUtils = $this->getMock('Symfony\Component\Security\Http\HttpUtils'); $httpUtils->expects($this->once()) diff --git a/Http/Tests/RememberMe/ResponseListenerTest.php b/Http/Tests/RememberMe/ResponseListenerTest.php index 78de8e4..23f7df7 100644 --- a/Http/Tests/RememberMe/ResponseListenerTest.php +++ b/Http/Tests/RememberMe/ResponseListenerTest.php @@ -15,6 +15,7 @@ use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\Security\Http\RememberMe\ResponseListener; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpKernel\KernelEvents; @@ -81,7 +82,7 @@ class ResponseListenerTest extends \PHPUnit_Framework_TestCase private function getResponse() { - $response = $this->getMock('Symfony\Component\HttpFoundation\Response'); + $response = new Response(); $response->headers = $this->getMock('Symfony\Component\HttpFoundation\ResponseHeaderBag'); return $response; |