diff options
Diffstat (limited to 'Http')
20 files changed, 178 insertions, 68 deletions
diff --git a/Http/Authentication/SimpleFormAuthenticatorInterface.php b/Http/Authentication/SimpleFormAuthenticatorInterface.php new file mode 100644 index 0000000..112688c --- /dev/null +++ b/Http/Authentication/SimpleFormAuthenticatorInterface.php @@ -0,0 +1,21 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface as BaseSimpleFormAuthenticatorInterface; + +/** + * @author Jordi Boggiano <j.boggiano@seld.be> + */ +interface SimpleFormAuthenticatorInterface extends BaseSimpleFormAuthenticatorInterface +{ +} diff --git a/Http/Authentication/SimplePreAuthenticatorInterface.php b/Http/Authentication/SimplePreAuthenticatorInterface.php new file mode 100644 index 0000000..afa8049 --- /dev/null +++ b/Http/Authentication/SimplePreAuthenticatorInterface.php @@ -0,0 +1,21 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Authentication; + +use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface as BaseSimplePreAuthenticatorInterface; + +/** + * @author Jordi Boggiano <j.boggiano@seld.be> + */ +interface SimplePreAuthenticatorInterface extends BaseSimplePreAuthenticatorInterface +{ +} diff --git a/Http/Firewall/AbstractPreAuthenticatedListener.php b/Http/Firewall/AbstractPreAuthenticatedListener.php index 5ed8aa7..b793310 100644 --- a/Http/Firewall/AbstractPreAuthenticatedListener.php +++ b/Http/Firewall/AbstractPreAuthenticatedListener.php @@ -58,8 +58,8 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface try { list($user, $credentials) = $this->getPreAuthenticatedData($request); - } catch (BadCredentialsException $exception) { - $this->clearToken($exception); + } catch (BadCredentialsException $e) { + $this->clearToken($e); return; } @@ -90,8 +90,8 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface $loginEvent = new InteractiveLoginEvent($request, $token); $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); } - } catch (AuthenticationException $failed) { - $this->clearToken($failed); + } catch (AuthenticationException $e) { + $this->clearToken($e); } } diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index 11ae8f9..ebe96ea 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -73,21 +73,21 @@ class BasicAuthenticationListener implements ListenerInterface try { $token = $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $request->headers->get('PHP_AUTH_PW'), $this->providerKey)); $this->tokenStorage->setToken($token); - } catch (AuthenticationException $failed) { + } catch (AuthenticationException $e) { $token = $this->tokenStorage->getToken(); if ($token instanceof UsernamePasswordToken && $this->providerKey === $token->getProviderKey()) { $this->tokenStorage->setToken(null); } if (null !== $this->logger) { - $this->logger->info('Basic authentication failed for user.', array('username' => $username, 'exception' => $failed)); + $this->logger->info('Basic authentication failed for user.', array('username' => $username, 'exception' => $e)); } if ($this->ignoreFailure) { return; } - $event->setResponse($this->authenticationEntryPoint->start($request, $failed)); + $event->setResponse($this->authenticationEntryPoint->start($request, $e)); } } } diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 013586c..9ac37cd 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -101,7 +101,7 @@ class ContextListener implements ListenerInterface } /** - * Writes the SecurityContext to the session. + * Writes the security token into the session. * * @param FilterResponseEvent $event A FilterResponseEvent instance */ @@ -121,10 +121,6 @@ class ContextListener implements ListenerInterface $request = $event->getRequest(); $session = $request->getSession(); - if (null === $session) { - return; - } - if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) { if ($request->hasPreviousSession()) { $session->remove($this->sessionKey); @@ -164,11 +160,11 @@ class ContextListener implements ListenerInterface } return $token; - } catch (UnsupportedUserException $unsupported) { + } catch (UnsupportedUserException $e) { // let's try the next user provider - } catch (UsernameNotFoundException $notFound) { + } catch (UsernameNotFoundException $e) { if (null !== $this->logger) { - $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $notFound->getUsername(), 'provider' => get_class($provider))); + $this->logger->warning('Username could not be found in the selected user provider.', array('username' => $e->getUsername(), 'provider' => get_class($provider))); } return; diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index c5aaca3..9a6fbfe 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -93,7 +93,7 @@ class DigestAuthenticationListener implements ListenerInterface } $serverDigestMd5 = $digestAuth->calculateServerDigest($user->getPassword(), $request->getMethod()); - } catch (UsernameNotFoundException $notFound) { + } catch (UsernameNotFoundException $e) { $this->fail($event, $request, new BadCredentialsException(sprintf('Username %s not found.', $digestAuth->getUsername()))); return; diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 6d1f27d..a1cae2a 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -47,8 +47,9 @@ class ExceptionListener private $errorPage; private $logger; private $httpUtils; + private $stateless; - public function __construct(TokenStorageInterface $tokenStorage, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null) + public function __construct(TokenStorageInterface $tokenStorage, AuthenticationTrustResolverInterface $trustResolver, HttpUtils $httpUtils, $providerKey, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null, LoggerInterface $logger = null, $stateless = false) { $this->tokenStorage = $tokenStorage; $this->accessDeniedHandler = $accessDeniedHandler; @@ -58,6 +59,7 @@ class ExceptionListener $this->authenticationTrustResolver = $trustResolver; $this->errorPage = $errorPage; $this->logger = $logger; + $this->stateless = $stateless; } /** @@ -185,7 +187,9 @@ class ExceptionListener $this->logger->debug('Calling Authentication entry point.'); } - $this->setTargetPath($request); + if (!$this->stateless) { + $this->setTargetPath($request); + } if ($authException instanceof AccountStatusException) { // remove the security token to prevent infinite redirect loops diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index e34627c..f5ec8c7 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -83,19 +83,19 @@ class RememberMeListener implements ListenerInterface if (null !== $this->logger) { $this->logger->debug('Populated the token storage with a remember-me token.'); } - } catch (AuthenticationException $failed) { + } catch (AuthenticationException $e) { if (null !== $this->logger) { $this->logger->warning( 'The token storage was not populated with remember-me token as the' .' AuthenticationManager rejected the AuthenticationToken returned' - .' by the RememberMeServices.', array('exception' => $failed) + .' by the RememberMeServices.', array('exception' => $e) ); } $this->rememberMeServices->loginFail($request); if (!$this->catchExceptions) { - throw $failed; + throw $e; } } } diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 5fc56e7..7c068fe 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -115,9 +115,9 @@ class SwitchUserListener implements ListenerInterface if (false !== $originalToken) { if ($token->getUsername() === $request->get($this->usernameParameter)) { return $token; - } else { - throw new \LogicException(sprintf('You are already switched to "%s" user.', $token->getUsername())); } + + throw new \LogicException(sprintf('You are already switched to "%s" user.', $token->getUsername())); } if (false === $this->accessDecisionManager->decide($token, array($this->role))) { @@ -162,7 +162,8 @@ class SwitchUserListener implements ListenerInterface } if (null !== $this->dispatcher) { - $switchEvent = new SwitchUserEvent($request, $original->getUser()); + $user = $this->provider->refreshUser($original->getUser()); + $switchEvent = new SwitchUserEvent($request, $user); $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); } diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index 5df82fa..16810bd 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -36,24 +36,24 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface protected $logger; protected $options; private $providerKey; - private $key; + private $secret; private $userProviders; /** * Constructor. * * @param array $userProviders - * @param string $key + * @param string $secret * @param string $providerKey * @param array $options * @param LoggerInterface $logger * * @throws \InvalidArgumentException */ - public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null) + public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null) { - if (empty($key)) { - throw new \InvalidArgumentException('$key must not be empty.'); + if (empty($secret)) { + throw new \InvalidArgumentException('$secret must not be empty.'); } if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); @@ -63,7 +63,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface } $this->userProviders = $userProviders; - $this->key = $key; + $this->secret = $secret; $this->providerKey = $providerKey; $this->options = $options; $this->logger = $logger; @@ -81,11 +81,21 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface } /** - * @return string + * @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead. */ public function getKey() { - return $this->key; + @trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED); + + return $this->getSecret(); + } + + /** + * @return string + */ + public function getSecret() + { + return $this->secret; } /** @@ -122,22 +132,22 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface $this->logger->info('Remember-me cookie accepted.'); } - return new RememberMeToken($user, $this->providerKey, $this->key); - } catch (CookieTheftException $theft) { + return new RememberMeToken($user, $this->providerKey, $this->secret); + } catch (CookieTheftException $e) { $this->cancelCookie($request); - throw $theft; - } catch (UsernameNotFoundException $notFound) { + throw $e; + } catch (UsernameNotFoundException $e) { if (null !== $this->logger) { $this->logger->info('User for remember-me cookie not found.'); } - } catch (UnsupportedUserException $unSupported) { + } catch (UnsupportedUserException $e) { if (null !== $this->logger) { $this->logger->warning('User class for remember-me cookie not supported.'); } - } catch (AuthenticationException $invalid) { + } catch (AuthenticationException $e) { if (null !== $this->logger) { - $this->logger->debug('Remember-Me authentication failed.', array('exception' => $invalid)); + $this->logger->debug('Remember-Me authentication failed.', array('exception' => $e)); } } diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php index 4fb7e09..3e465d6 100644 --- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php +++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php @@ -38,15 +38,15 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices * Constructor. * * @param array $userProviders - * @param string $key + * @param string $secret * @param string $providerKey * @param array $options * @param LoggerInterface $logger * @param SecureRandomInterface $secureRandom */ - public function __construct(array $userProviders, $key, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom) + public function __construct(array $userProviders, $secret, $providerKey, array $options = array(), LoggerInterface $logger = null, SecureRandomInterface $secureRandom) { - parent::__construct($userProviders, $key, $providerKey, $options, $logger); + parent::__construct($userProviders, $secret, $providerKey, $options, $logger); $this->secureRandom = $secureRandom; } diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php index 7adb827..5750a8c 100644 --- a/Http/RememberMe/RememberMeServicesInterface.php +++ b/Http/RememberMe/RememberMeServicesInterface.php @@ -36,8 +36,8 @@ interface RememberMeServicesInterface const COOKIE_ATTR_NAME = '_security_remember_me_cookie'; /** - * This method will be called whenever the SecurityContext does not contain - * an TokenInterface object and the framework wishes to provide an implementation + * This method will be called whenever the TokenStorage does not contain + * a TokenInterface object and the framework wishes to provide an implementation * with an opportunity to authenticate the request using remember-me capabilities. * * No attempt whatsoever is made to determine whether the browser has requested diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php index 65bac0a..f6107ec 100644 --- a/Http/RememberMe/TokenBasedRememberMeServices.php +++ b/Http/RememberMe/TokenBasedRememberMeServices.php @@ -42,12 +42,12 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices } try { $user = $this->getUserProvider($class)->loadUserByUsername($username); - } catch (\Exception $ex) { - if (!$ex instanceof AuthenticationException) { - $ex = new AuthenticationException($ex->getMessage(), $ex->getCode(), $ex); + } catch (\Exception $e) { + if (!$e instanceof AuthenticationException) { + $e = new AuthenticationException($e->getMessage(), $e->getCode(), $e); } - throw $ex; + throw $e; } if (!$user instanceof UserInterface) { @@ -121,6 +121,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices */ protected function generateCookieHash($class, $username, $expires, $password) { - return hash_hmac('sha256', $class.$username.$expires.$password, $this->getKey()); + return hash_hmac('sha256', $class.$username.$expires.$password, $this->getSecret()); } } diff --git a/Http/Session/SessionAuthenticationStrategyInterface.php b/Http/Session/SessionAuthenticationStrategyInterface.php index 9cb95d8..dd0c381 100644 --- a/Http/Session/SessionAuthenticationStrategyInterface.php +++ b/Http/Session/SessionAuthenticationStrategyInterface.php @@ -27,7 +27,7 @@ interface SessionAuthenticationStrategyInterface /** * This performs any necessary changes to the session. * - * This method is called before the SecurityContext is populated with a + * This method is called before the TokenStorage is populated with a * Token, and only by classes inheriting from AbstractAuthenticationListener. * * @param Request $request diff --git a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php index dcd672b..d99b562 100644 --- a/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php +++ b/Http/Tests/Firewall/AnonymousAuthenticationListenerTest.php @@ -35,7 +35,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ->method('authenticate') ; - $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', null, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } @@ -48,16 +48,15 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ->will($this->returnValue(null)) ; - $anonymousToken = new AnonymousToken('TheKey', 'anon.', array()); + $anonymousToken = new AnonymousToken('TheSecret', 'anon.', array()); $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); $authenticationManager ->expects($this->once()) ->method('authenticate') - ->with(self::logicalAnd( - $this->isInstanceOf('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken'), - $this->attributeEqualTo('key', 'TheKey') - )) + ->with($this->callback(function ($token) { + return 'TheSecret' === $token->getSecret(); + })) ->will($this->returnValue($anonymousToken)) ; @@ -67,7 +66,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase ->with($anonymousToken) ; - $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', null, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', null, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } @@ -82,7 +81,7 @@ class AnonymousAuthenticationListenerTest extends \PHPUnit_Framework_TestCase $authenticationManager = $this->getMock('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface'); - $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheKey', $logger, $authenticationManager); + $listener = new AnonymousAuthenticationListener($tokenStorage, 'TheSecret', $logger, $authenticationManager); $listener->handle($this->getMock('Symfony\Component\HttpKernel\Event\GetResponseEvent', array(), array(), '', false)); } } diff --git a/Http/Tests/Firewall/SwitchUserListenerTest.php b/Http/Tests/Firewall/SwitchUserListenerTest.php index 3b6442d..f43b564 100644 --- a/Http/Tests/Firewall/SwitchUserListenerTest.php +++ b/Http/Tests/Firewall/SwitchUserListenerTest.php @@ -11,7 +11,9 @@ namespace Symfony\Component\Security\Http\Tests\Firewall; +use Symfony\Component\Security\Http\Event\SwitchUserEvent; use Symfony\Component\Security\Http\Firewall\SwitchUserListener; +use Symfony\Component\Security\Http\SecurityEvents; class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase { @@ -100,6 +102,62 @@ class SwitchUserListenerTest extends \PHPUnit_Framework_TestCase $listener->handle($this->event); } + public function testExitUserDispatchesEventWithRefreshedUser() + { + $originalUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + $refreshedUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface'); + $this + ->userProvider + ->expects($this->any()) + ->method('refreshUser') + ->with($originalUser) + ->willReturn($refreshedUser); + $originalToken = $this->getToken(); + $originalToken + ->expects($this->any()) + ->method('getUser') + ->willReturn($originalUser); + $role = $this + ->getMockBuilder('Symfony\Component\Security\Core\Role\SwitchUserRole') + ->disableOriginalConstructor() + ->getMock(); + $role->expects($this->any())->method('getSource')->willReturn($originalToken); + $this + ->tokenStorage + ->expects($this->any()) + ->method('getToken') + ->willReturn($this->getToken(array($role))); + $this + ->request + ->expects($this->any()) + ->method('get') + ->with('_switch_user') + ->willReturn('_exit'); + $this + ->request + ->expects($this->any()) + ->method('getUri') + ->willReturn('/'); + $this + ->request + ->query + ->expects($this->any()) + ->method('all') + ->will($this->returnValue(array())); + + $dispatcher = $this->getMock('Symfony\Component\EventDispatcher\EventDispatcherInterface'); + $dispatcher + ->expects($this->once()) + ->method('dispatch') + ->with(SecurityEvents::SWITCH_USER, $this->callback(function (SwitchUserEvent $event) use ($refreshedUser) { + return $event->getTargetUser() === $refreshedUser; + })) + ; + + $listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', $dispatcher); + $listener->handle($this->event); + } + /** * @expectedException \Symfony\Component\Security\Core\Exception\AccessDeniedException */ diff --git a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php index 2225b6c..5a6a839 100644 --- a/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/AbstractRememberMeServicesTest.php @@ -25,10 +25,10 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $this->assertEquals('foo', $service->getRememberMeParameter()); } - public function testGetKey() + public function testGetSecret() { $service = $this->getService(); - $this->assertEquals('fookey', $service->getKey()); + $this->assertEquals('foosecret', $service->getSecret()); } public function testAutoLoginReturnsNullWhenNoCookie() @@ -78,7 +78,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase $returnedToken = $service->autoLogin($request); $this->assertSame($user, $returnedToken->getUser()); - $this->assertSame('fookey', $returnedToken->getKey()); + $this->assertSame('foosecret', $returnedToken->getSecret()); $this->assertSame('fookey', $returnedToken->getProviderKey()); } @@ -268,7 +268,7 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase } return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array( - array($userProvider), 'fookey', 'fookey', $options, $logger, + array($userProvider), 'foosecret', 'fookey', $options, $logger, )); } diff --git a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php index 6aee1b1..889211c 100644 --- a/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php @@ -115,7 +115,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test try { $service->autoLogin($request); $this->fail('Expected CookieTheftException was not thrown.'); - } catch (CookieTheftException $theft) { + } catch (CookieTheftException $e) { } $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); @@ -174,7 +174,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken); $this->assertSame($user, $returnedToken->getUser()); - $this->assertEquals('fookey', $returnedToken->getKey()); + $this->assertEquals('foosecret', $returnedToken->getSecret()); $this->assertTrue($request->attributes->has(RememberMeServicesInterface::COOKIE_ATTR_NAME)); } @@ -311,7 +311,7 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test $userProvider = $this->getProvider(); } - return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed')); + return new PersistentTokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed')); } protected function getProvider() diff --git a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php index 8383cec..2a892c3 100644 --- a/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php +++ b/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php @@ -140,7 +140,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase $this->assertInstanceOf('Symfony\Component\Security\Core\Authentication\Token\RememberMeToken', $returnedToken); $this->assertSame($user, $returnedToken->getUser()); - $this->assertEquals('fookey', $returnedToken->getKey()); + $this->assertEquals('foosecret', $returnedToken->getSecret()); } public function provideUsernamesForAutoLogin() @@ -264,7 +264,7 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase $userProvider = $this->getProvider(); } - $service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger); + $service = new TokenBasedRememberMeServices(array($userProvider), 'foosecret', 'fookey', $options, $logger); return $service; } diff --git a/Http/composer.json b/Http/composer.json index 1c49504..98bd8cd 100644 --- a/Http/composer.json +++ b/Http/composer.json @@ -17,7 +17,7 @@ ], "require": { "php": ">=5.3.9", - "symfony/security-core": "~2.6|~3.0.0", + "symfony/security-core": "~2.8|~3.0.0", "symfony/event-dispatcher": "~2.1|~3.0.0", "symfony/http-foundation": "~2.4|~3.0.0", "symfony/http-kernel": "~2.4|~3.0.0" |