diff options
Diffstat (limited to 'Http')
| -rw-r--r-- | Http/EntryPoint/RetryAuthenticationEntryPoint.php | 1 | ||||
| -rw-r--r-- | Http/Firewall.php | 1 | ||||
| -rw-r--r-- | Http/Firewall/AbstractAuthenticationListener.php | 2 | ||||
| -rw-r--r-- | Http/Firewall/ContextListener.php | 12 | ||||
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 1 | ||||
| -rw-r--r-- | Http/Firewall/LogoutListener.php | 20 | ||||
| -rw-r--r-- | Http/Firewall/RememberMeListener.php | 1 | ||||
| -rw-r--r-- | Http/Firewall/SwitchUserListener.php | 1 | ||||
| -rw-r--r-- | Http/FirewallMapInterface.php | 1 | ||||
| -rw-r--r-- | Http/Logout/CookieClearingLogoutHandler.php | 3 | ||||
| -rw-r--r-- | Http/Logout/LogoutSuccessHandlerInterface.php | 1 | ||||
| -rw-r--r-- | Http/RememberMe/AbstractRememberMeServices.php | 5 | ||||
| -rw-r--r-- | Http/RememberMe/RememberMeServicesInterface.php | 1 | ||||
| -rw-r--r-- | Http/RememberMe/TokenBasedRememberMeServices.php | 2 |
14 files changed, 42 insertions, 10 deletions
diff --git a/Http/EntryPoint/RetryAuthenticationEntryPoint.php b/Http/EntryPoint/RetryAuthenticationEntryPoint.php index 12ba538..532601a 100644 --- a/Http/EntryPoint/RetryAuthenticationEntryPoint.php +++ b/Http/EntryPoint/RetryAuthenticationEntryPoint.php @@ -13,7 +13,6 @@ namespace Symfony\Component\Security\Http\EntryPoint; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; diff --git a/Http/Firewall.php b/Http/Firewall.php index 9d05f86..91eb6a9 100644 --- a/Http/Firewall.php +++ b/Http/Firewall.php @@ -13,7 +13,6 @@ namespace Symfony\Component\Security\Http; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpFoundation\Request; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php index 9f91a39..99f92b8 100644 --- a/Http/Firewall/AbstractAuthenticationListener.php +++ b/Http/Firewall/AbstractAuthenticationListener.php @@ -144,7 +144,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $this->sessionStrategy->onAuthentication($request, $returnValue); $response = $this->onSuccess($event, $request, $returnValue); - } else if ($returnValue instanceof Response) { + } elseif ($returnValue instanceof Response) { $response = $returnValue; } else { throw new \RuntimeException('attemptAuthentication() must either return a Response, an implementation of TokenInterface, or null.'); diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 5f94e43..96b8f07 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -11,7 +11,6 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; @@ -23,6 +22,7 @@ use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\User\UserInterface; +use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** @@ -44,6 +44,12 @@ class ContextListener implements ListenerInterface throw new \InvalidArgumentException('$contextKey must not be empty.'); } + foreach ($userProviders as $userProvider) { + if (!$userProvider instanceof UserProviderInterface) { + throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "Symfony\Component\Security\Core\User\UserProviderInterface".', get_class($userProvider))); + } + } + $this->context = $context; $this->userProviders = $userProviders; $this->contextKey = $contextKey; @@ -93,6 +99,10 @@ class ContextListener implements ListenerInterface return; } + if (!$event->getRequest()->hasSession()) { + return; + } + if (null !== $this->logger) { $this->logger->debug('Write SecurityContext in the session'); } diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 62f48cf..674c648 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -15,7 +15,6 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; -use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AuthenticationException; diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php index 63ad673..bb90b6a 100644 --- a/Http/Firewall/LogoutListener.php +++ b/Http/Firewall/LogoutListener.php @@ -16,8 +16,8 @@ use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface; use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Http\HttpUtils; +use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpKernel\Event\GetResponseEvent; /** @@ -72,7 +72,7 @@ class LogoutListener implements ListenerInterface { $request = $event->getRequest(); - if (!$this->httpUtils->checkRequestPath($request, $this->logoutPath)) { + if (!$this->requiresLogout($request)) { return; } @@ -97,4 +97,20 @@ class LogoutListener implements ListenerInterface $event->setResponse($response); } + + /** + * Whether this request is asking for logout. + * + * The default implementation only processed requests to a specific path, + * but a subclass could change this to logout requests where + * certain parameters is present. + * + * @param Request $request + * + * @return Boolean + */ + protected function requiresLogout(Request $request) + { + return $this->httpUtils->checkRequestPath($request, $this->logoutPath); + } } diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 1b3fb9e..5531012 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -4,7 +4,6 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\SecurityContext; diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 8e45508..9780860 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -19,7 +19,6 @@ use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Role\SwitchUserRole; diff --git a/Http/FirewallMapInterface.php b/Http/FirewallMapInterface.php index 99bac06..0630a86 100644 --- a/Http/FirewallMapInterface.php +++ b/Http/FirewallMapInterface.php @@ -31,6 +31,7 @@ interface FirewallMapInterface * must be null. * * @param Request $request + * * @return array of the format array(array(AuthenticationListener), ExceptionListener) */ function getListeners(Request $request); diff --git a/Http/Logout/CookieClearingLogoutHandler.php b/Http/Logout/CookieClearingLogoutHandler.php index dd3d293..6838be5 100644 --- a/Http/Logout/CookieClearingLogoutHandler.php +++ b/Http/Logout/CookieClearingLogoutHandler.php @@ -25,7 +25,8 @@ class CookieClearingLogoutHandler implements LogoutHandlerInterface private $cookies; /** - * Constructor + * Constructor. + * * @param array $cookies An array of cookie names to unset */ public function __construct(array $cookies) diff --git a/Http/Logout/LogoutSuccessHandlerInterface.php b/Http/Logout/LogoutSuccessHandlerInterface.php index 8080cf5..5c6c2b6 100644 --- a/Http/Logout/LogoutSuccessHandlerInterface.php +++ b/Http/Logout/LogoutSuccessHandlerInterface.php @@ -30,6 +30,7 @@ interface LogoutSuccessHandlerInterface * Creates a Response object to send upon a successful logout. * * @param Request $request + * * @return Response never null */ function onLogoutSuccess(Request $request); diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index 556fb6a..2bf8734 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -88,6 +88,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * cookie was set, decodes it, and hands it to subclasses for further processing. * * @param Request $request + * * @return TokenInterface */ public final function autoLogin(Request $request) @@ -200,6 +201,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * * @param array $cookieParts * @param Request $request + * * @return TokenInterface */ abstract protected function processAutoLoginCookie(array $cookieParts, Request $request); @@ -234,6 +236,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Decodes the raw cookie value * * @param string $rawCookie + * * @return array */ protected function decodeCookie($rawCookie) @@ -245,6 +248,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Encodes the cookie parts * * @param array $cookieParts + * * @return string */ protected function encodeCookie(array $cookieParts) @@ -270,6 +274,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Checks whether remember-me capabilities where requested * * @param Request $request + * * @return Boolean */ protected function isRememberMeRequested(Request $request) diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php index c01b8f6..0497c69 100644 --- a/Http/RememberMe/RememberMeServicesInterface.php +++ b/Http/RememberMe/RememberMeServicesInterface.php @@ -48,6 +48,7 @@ interface RememberMeServicesInterface * result in a call to loginFail() and therefore an invalidation of the cookie. * * @param Request $request + * * @return TokenInterface */ function autoLogin(Request $request); diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php index bc23d31..44140f7 100644 --- a/Http/RememberMe/TokenBasedRememberMeServices.php +++ b/Http/RememberMe/TokenBasedRememberMeServices.php @@ -140,7 +140,9 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices * @param string $username The username * @param integer $expires The unixtime when the cookie expires * @param string $password The encoded password + * * @throws \RuntimeException when the private key is empty + * * @return string */ protected function generateCookieHash($class, $username, $expires, $password) |