diff options
Diffstat (limited to 'Http')
28 files changed, 300 insertions, 200 deletions
diff --git a/Http/Authentication/AuthenticationFailureHandlerInterface.php b/Http/Authentication/AuthenticationFailureHandlerInterface.php index 8defef6..b35c232 100644 --- a/Http/Authentication/AuthenticationFailureHandlerInterface.php +++ b/Http/Authentication/AuthenticationFailureHandlerInterface.php @@ -2,8 +2,8 @@ namespace Symfony\Component\Security\Http\Authentication; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\HttpFoundation\Request; /** @@ -22,12 +22,12 @@ interface AuthenticationFailureHandlerInterface * called by authentication listeners inheriting from * AbstractAuthenticationListener. * - * @param EventInterface $event the "core.security" event, this event always + * @param GetResponseEventArgs $eventArgs the "onCoreSecurity" event, this event always * has the kernel as target * @param Request $request * @param AuthenticationException $exception * * @return Response the response to return */ - function onAuthenticationFailure(EventInterface $event, Request $request, AuthenticationException $exception); + function onAuthenticationFailure(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $exception); }
\ No newline at end of file diff --git a/Http/Authentication/AuthenticationSuccessHandlerInterface.php b/Http/Authentication/AuthenticationSuccessHandlerInterface.php index 235eb94..30b5e26 100644 --- a/Http/Authentication/AuthenticationSuccessHandlerInterface.php +++ b/Http/Authentication/AuthenticationSuccessHandlerInterface.php @@ -2,7 +2,7 @@ namespace Symfony\Component\Security\Http\Authentication; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\HttpFoundation\Request; @@ -22,12 +22,12 @@ interface AuthenticationSuccessHandlerInterface * is called by authentication listeners inheriting from * AbstractAuthenticationListener. * - * @param EventInterface $event the "core.security" event, this event always + * @param GetResponseEventArgs $eventArgs the "onCoreSecurity" event, this event always * has the kernel as target * @param Request $request * @param TokenInterface $token * * @return Response the response to return */ - function onAuthenticationSuccess(EventInterface $event, Request $request, TokenInterface $token); + function onAuthenticationSuccess(GetResponseEventArgs $eventArgs, Request $request, TokenInterface $token); }
\ No newline at end of file diff --git a/Http/Authorization/AccessDeniedHandlerInterface.php b/Http/Authorization/AccessDeniedHandlerInterface.php index 7a1bcf4..b2fb9ee 100644 --- a/Http/Authorization/AccessDeniedHandlerInterface.php +++ b/Http/Authorization/AccessDeniedHandlerInterface.php @@ -3,7 +3,7 @@ namespace Symfony\Component\Security\Http\Authorization; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\ExceptionEventArgs; use Symfony\Component\Security\Core\Exception\AccessDeniedException; /** @@ -17,11 +17,11 @@ interface AccessDeniedHandlerInterface /** * Handles an access denied failure. * - * @param EventInterface $event + * @param ExceptionEventArgs $eventArgs * @param Request $request * @param AccessDeniedException $accessDeniedException * * @return Response may return null */ - function handle(EventInterface $event, Request $request, AccessDeniedException $accessDeniedException); + function handle(ExceptionEventArgs $eventArgs, Request $request, AccessDeniedException $accessDeniedException); }
\ No newline at end of file diff --git a/Http/EntryPoint/AuthenticationEntryPointInterface.php b/Http/EntryPoint/AuthenticationEntryPointInterface.php index 6bf01c3..7d75cbc 100644 --- a/Http/EntryPoint/AuthenticationEntryPointInterface.php +++ b/Http/EntryPoint/AuthenticationEntryPointInterface.php @@ -11,7 +11,7 @@ namespace Symfony\Component\Security\Http\EntryPoint; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\HttpFoundation\Request; @@ -26,9 +26,9 @@ interface AuthenticationEntryPointInterface /** * Starts the authentication scheme. * - * @param EventInterface $event The "core.security" event + * @param GetResponseEventArgs $eventArgs The "onCoreSecurity" event * @param object $request The request that resulted in an AuthenticationException * @param AuthenticationException $authException The exception that started the authentication process */ - function start(EventInterface $event, Request $request, AuthenticationException $authException = null); + function start(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $authException = null); } diff --git a/Http/EntryPoint/BasicAuthenticationEntryPoint.php b/Http/EntryPoint/BasicAuthenticationEntryPoint.php index 8f82426..984fbec 100644 --- a/Http/EntryPoint/BasicAuthenticationEntryPoint.php +++ b/Http/EntryPoint/BasicAuthenticationEntryPoint.php @@ -11,11 +11,11 @@ namespace Symfony\Component\Security\Http\EntryPoint; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; /** * BasicAuthenticationEntryPoint starts an HTTP Basic authentication. @@ -31,7 +31,7 @@ class BasicAuthenticationEntryPoint implements AuthenticationEntryPointInterface $this->realmName = $realmName; } - public function start(EventInterface $event, Request $request, AuthenticationException $authException = null) + public function start(GetResponseEventArgs $event, Request $request, AuthenticationException $authException = null) { $response = new Response(); $response->headers->set('WWW-Authenticate', sprintf('Basic realm="%s"', $this->realmName)); diff --git a/Http/EntryPoint/DigestAuthenticationEntryPoint.php b/Http/EntryPoint/DigestAuthenticationEntryPoint.php index a4488ab..578a3e8 100644 --- a/Http/EntryPoint/DigestAuthenticationEntryPoint.php +++ b/Http/EntryPoint/DigestAuthenticationEntryPoint.php @@ -11,13 +11,13 @@ namespace Symfony\Component\Security\Http\EntryPoint; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\Security\Core\Exception\NonceExpiredException; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Log\LoggerInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; /** * DigestAuthenticationEntryPoint starts an HTTP Digest authentication. @@ -39,7 +39,7 @@ class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterfac $this->logger = $logger; } - public function start(EventInterface $event, Request $request, AuthenticationException $authException = null) + public function start(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $authException = null) { $expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000; $signatureValue = md5($expiryTime.':'.$this->key); diff --git a/Http/EntryPoint/FormAuthenticationEntryPoint.php b/Http/EntryPoint/FormAuthenticationEntryPoint.php index e43eca4..f45f9ea 100644 --- a/Http/EntryPoint/FormAuthenticationEntryPoint.php +++ b/Http/EntryPoint/FormAuthenticationEntryPoint.php @@ -11,13 +11,13 @@ namespace Symfony\Component\Security\Http\EntryPoint; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; /** * FormAuthenticationEntryPoint starts an authentication via a login form. @@ -44,10 +44,10 @@ class FormAuthenticationEntryPoint implements AuthenticationEntryPointInterface /** * {@inheritdoc} */ - public function start(EventInterface $event, Request $request, AuthenticationException $authException = null) + public function start(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $authException = null) { if ($this->useForward) { - return $event->getSubject()->handle(Request::create($this->loginPath), HttpKernelInterface::SUB_REQUEST); + return $event->getKernel()->handle(Request::create($this->loginPath), HttpKernelInterface::SUB_REQUEST); } return new RedirectResponse(0 !== strpos($this->loginPath, 'http') ? $request->getUriForPath($this->loginPath) : $this->loginPath, 302); diff --git a/Http/EntryPoint/RetryAuthenticationEntryPoint.php b/Http/EntryPoint/RetryAuthenticationEntryPoint.php index 48959bf..1fb6cc1 100644 --- a/Http/EntryPoint/RetryAuthenticationEntryPoint.php +++ b/Http/EntryPoint/RetryAuthenticationEntryPoint.php @@ -11,12 +11,12 @@ namespace Symfony\Component\Security\Http\EntryPoint; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; /** * RetryAuthenticationEntryPoint redirects URL based on the configured scheme. @@ -36,7 +36,7 @@ class RetryAuthenticationEntryPoint implements AuthenticationEntryPointInterface $this->httpsPort = $httpsPort; } - public function start(EventInterface $event, Request $request, AuthenticationException $authException = null) + public function start(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $authException = null) { $scheme = $request->isSecure() ? 'http' : 'https'; if ('http' === $scheme && 80 != $this->httpPort) { diff --git a/Http/Event/InteractiveLoginEventArgs.php b/Http/Event/InteractiveLoginEventArgs.php new file mode 100644 index 0000000..7ca4f4e --- /dev/null +++ b/Http/Event/InteractiveLoginEventArgs.php @@ -0,0 +1,38 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien.potencier@symfony-project.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Event; + +use Symfony\Component\HttpFoundation\Request; +use Doctrine\Common\EventArgs; + +class InteractiveLoginEventArgs extends EventArgs +{ + private $request; + + private $authenticationToken; + + public function __construct(Request $request, $authenticationToken) + { + $this->request = $request; + $this->authenticationToken = $authenticationToken; + } + + public function getRequest() + { + return $this->request; + } + + public function getAuthenticationToken() + { + return $this->authenticationToken; + } +}
\ No newline at end of file diff --git a/Http/Event/SwitchUserEventArgs.php b/Http/Event/SwitchUserEventArgs.php new file mode 100644 index 0000000..c88a500 --- /dev/null +++ b/Http/Event/SwitchUserEventArgs.php @@ -0,0 +1,39 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien.potencier@symfony-project.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http\Event; + +use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\Security\Core\User\UserInterface; +use Doctrine\Common\EventArgs; + +class SwitchUserEventArgs extends EventArgs +{ + private $request; + + private $targetUser; + + public function __construct(Request $request, UserInterface $targetUser) + { + $this->request = $request; + $this->targetUser = $targetUser; + } + + public function getRequest() + { + return $this->request; + } + + public function getTargetUser() + { + return $this->targetUser; + } +}
\ No newline at end of file diff --git a/Http/Events.php b/Http/Events.php new file mode 100644 index 0000000..ac4a1ca --- /dev/null +++ b/Http/Events.php @@ -0,0 +1,19 @@ +<?php + +/* + * This file is part of the Symfony package. + * + * (c) Fabien Potencier <fabien.potencier@symfony-project.com> + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Component\Security\Http; + +final class Events +{ + const onSecurityInteractiveLogin = 'onSecurityInteractiveLogin'; + + const onSecuritySwitchUser = 'onSecuritySwitchUser'; +}
\ No newline at end of file diff --git a/Http/Firewall.php b/Http/Firewall.php index bd77f6d..bff88b9 100644 --- a/Http/Firewall.php +++ b/Http/Firewall.php @@ -11,11 +11,11 @@ namespace Symfony\Component\Security\Http; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; -use Symfony\Component\EventDispatcher\Event; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\HttpKernel\Events; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; use Symfony\Component\HttpFoundation\Request; +use Doctrine\Common\EventManager; /** * Firewall uses a FirewallMap to register security listeners for the given @@ -25,48 +25,49 @@ use Symfony\Component\HttpFoundation\Request; * (a Basic authentication for the /api, and a web based authentication for * everything else for instance). * - * The handle method must be connected to the core.request event. - * * @author Fabien Potencier <fabien@symfony.com> */ class Firewall { private $map; + private $evm; + private $currentListeners; /** * Constructor. * * @param FirewallMap $map A FirewallMap instance */ - public function __construct(FirewallMapInterface $map, EventDispatcherInterface $dispatcher) + public function __construct(FirewallMapInterface $map, EventManager $evm) { $this->map = $map; - $this->dispatcher = $dispatcher; + $this->evm = $evm; + $this->currentListeners = array(); } /** * Handles security. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs An GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreRequest(GetResponseEventArgs $eventArgs) { - if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { + if (HttpKernelInterface::MASTER_REQUEST !== $eventArgs->getRequestType()) { return; } // register listeners for this firewall - list($listeners, $exception) = $this->map->getListeners($event->get('request')); + list($listeners, $exception) = $this->map->getListeners($eventArgs->getRequest()); if (null !== $exception) { - $exception->register($this->dispatcher); + $exception->register($this->evm); } // initiate the listener chain foreach ($listeners as $listener) { - $response = $listener->handle($event); + $response = $listener->handle($eventArgs); - if ($event->isProcessed()) { - return $response; + if ($eventArgs->hasResponse()) { + break; } } } diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php index 2108980..f00d5e8 100644 --- a/Http/Firewall/AbstractAuthenticationListener.php +++ b/Http/Firewall/AbstractAuthenticationListener.php @@ -11,22 +11,22 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\Event; use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; -use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\HttpKernel\Events as KernelEvents; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Doctrine\Common\EventManager; /** * The AbstractAuthenticationListener is the preferred base class for all @@ -53,7 +53,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface protected $providerKey; private $securityContext; private $sessionStrategy; - private $eventDispatcher; + private $evm; private $successHandler; private $failureHandler; private $rememberMeServices; @@ -66,7 +66,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface * @param array $options An array of options for the processing of a successful, or failed authentication attempt * @param LoggerInterface $logger A LoggerInterface instance */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventManager $evm = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); @@ -89,7 +89,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface 'failure_forward' => false, ), $options); $this->logger = $logger; - $this->eventDispatcher = $eventDispatcher; + $this->evm = $evm; } /** @@ -107,9 +107,9 @@ abstract class AbstractAuthenticationListener implements ListenerInterface * * @param Event $event An Event instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (!$this->requiresAuthentication($request)) { return; @@ -123,19 +123,17 @@ abstract class AbstractAuthenticationListener implements ListenerInterface if ($returnValue instanceof TokenInterface) { $this->sessionStrategy->onAuthentication($request, $returnValue); - $response = $this->onSuccess($event, $request, $returnValue); + $response = $this->onSuccess($eventArgs, $request, $returnValue); } else if ($returnValue instanceof Response) { $response = $returnValue; } else { throw new \RuntimeException('attemptAuthentication() must either return a Response, an implementation of TokenInterface, or null.'); } - } catch (AuthenticationException $failed) { - $response = $this->onFailure($event, $request, $failed); + } catch (AuthenticationException $e) { + $response = $this->onFailure($eventArgs, $request, $e); } - $event->setProcessed(); - - return $response; + $eventArgs->setResponse($response); } /** @@ -165,7 +163,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface */ abstract protected function attemptAuthentication(Request $request); - private function onFailure($event, Request $request, AuthenticationException $failed) + private function onFailure(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $failed) { if (null !== $this->logger) { $this->logger->debug(sprintf('Authentication request failed: %s', $failed->getMessage())); @@ -174,7 +172,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $this->securityContext->setToken(null); if (null !== $this->failureHandler) { - return $this->failureHandler->onAuthenticationFailure($event, $request, $failed); + return $this->failureHandler->onAuthenticationFailure($eventArgs, $request, $failed); } if (null === $this->options['failure_path']) { @@ -189,7 +187,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $subRequest = Request::create($this->options['failure_path']); $subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed); - return $event->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST); + return $eventArgs->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST); } if (null !== $this->logger) { @@ -201,7 +199,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface return new RedirectResponse(0 !== strpos($this->options['failure_path'], 'http') ? $request->getUriForPath($this->options['failure_path']) : $this->options['failure_path'], 302); } - private function onSuccess(EventInterface $event, Request $request, TokenInterface $token) + private function onSuccess(GetResponseEventArgs $eventArgs, Request $request, TokenInterface $token) { if (null !== $this->logger) { $this->logger->debug('User has been authenticated successfully'); @@ -213,12 +211,13 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR); $session->remove(SecurityContextInterface::LAST_USERNAME); - if (null !== $this->eventDispatcher) { - $this->eventDispatcher->notify(new Event($this, 'security.interactive_login', array('request' => $request, 'token' => $token))); + if (null !== $this->evm) { + $loginEventArgs = new InteractiveLoginEventArgs($request, $token); + $this->evm->dispatchEvent(Events::onSecurityInteractiveLogin, $loginEventArgs); } if (null !== $this->successHandler) { - $response = $this->successHandler->onAuthenticationSuccess($event, $request, $token); + $response = $this->successHandler->onAuthenticationSuccess($eventArgs, $request, $token); } else { $path = $this->determineTargetUrl($request); $response = new RedirectResponse(0 !== strpos($path, 'http') ? $request->getUriForPath($path) : $path, 302); diff --git a/Http/Firewall/AbstractPreAuthenticatedListener.php b/Http/Firewall/AbstractPreAuthenticatedListener.php index 72808f5..0177ab7 100644 --- a/Http/Firewall/AbstractPreAuthenticatedListener.php +++ b/Http/Firewall/AbstractPreAuthenticatedListener.php @@ -11,15 +11,17 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\Event; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; -use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Http\Event\InteractiveLoginEventArgs; +use Symfony\Component\Security\Http\Events; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events as KernelEvents; +use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; +use Doctrine\Common\EventManager; /** * AbstractPreAuthenticatedListener is the base class for all listener that @@ -34,25 +36,25 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface private $securityContext; private $authenticationManager; private $providerKey; - private $eventDispatcher; + private $evm; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, LoggerInterface $logger = null, EventManager $evm = null) { $this->securityContext = $securityContext; $this->authenticationManager = $authenticationManager; $this->providerKey = $providerKey; $this->logger = $logger; - $this->eventDispatcher = $eventDispatcher; + $this->evm = $evm; } /** * Handles X509 authentication. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (null !== $this->logger) { $this->logger->debug(sprintf('Checking secure context token: %s', $this->securityContext->getToken())); @@ -78,8 +80,9 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface } $this->securityContext->setToken($token); - if (null !== $this->eventDispatcher) { - $this->eventDispatcher->notify(new Event($this, 'security.interactive_login', array('request' => $request, 'token' => $token))); + if (null !== $this->evm) { + $loginEventArgs = new InteractiveLoginEventArgs($request, $token); + $this->evm->notify(Events::onSecurityInteractiveLogin, $loginEventArgs); } } catch (AuthenticationException $failed) { $this->securityContext->setToken(null); diff --git a/Http/Firewall/AccessListener.php b/Http/Firewall/AccessListener.php index a4faeb5..acbb255 100644 --- a/Http/Firewall/AccessListener.php +++ b/Http/Firewall/AccessListener.php @@ -16,8 +16,8 @@ use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface use Symfony\Component\Security\Http\AccessMap; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; @@ -46,15 +46,15 @@ class AccessListener implements ListenerInterface /** * Handles access authorization. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { if (null === $token = $this->context->getToken()) { throw new AuthenticationCredentialsNotFoundException('A Token was not found in the SecurityContext.'); } - $request = $event->get('request'); + $request = $eventArgs->getRequest(); list($attributes, $channel) = $this->map->getPatterns($request); diff --git a/Http/Firewall/AnonymousAuthenticationListener.php b/Http/Firewall/AnonymousAuthenticationListener.php index 47ca58f..bbdef5d 100644 --- a/Http/Firewall/AnonymousAuthenticationListener.php +++ b/Http/Firewall/AnonymousAuthenticationListener.php @@ -13,8 +13,8 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; /** @@ -39,9 +39,9 @@ class AnonymousAuthenticationListener implements ListenerInterface /** * Handles anonymous authentication. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { if (null !== $this->context->getToken()) { return; diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index b9a764a..87d10b8 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -15,8 +15,8 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; @@ -51,11 +51,11 @@ class BasicAuthenticationListener implements ListenerInterface /** * Handles basic authentication. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (false === $username = $request->server->get('PHP_AUTH_USER', false)) { return; diff --git a/Http/Firewall/ChannelListener.php b/Http/Firewall/ChannelListener.php index 92a9c3b..e2b3423 100644 --- a/Http/Firewall/ChannelListener.php +++ b/Http/Firewall/ChannelListener.php @@ -14,8 +14,8 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Http\AccessMap; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; /** * ChannelListener switches the HTTP protocol based on the access control @@ -39,11 +39,11 @@ class ChannelListener implements ListenerInterface /** * Handles channel management. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); list($attributes, $channel) = $this->map->getPatterns($request); @@ -52,9 +52,11 @@ class ChannelListener implements ListenerInterface $this->logger->debug('Redirecting to HTTPS'); } - $event->setProcessed(); + $response = $this->authenticationEntryPoint->start($eventArgs, $request); - return $this->authenticationEntryPoint->start($event, $request); + $eventArgs->setResponse($response); + + return; } if ('http' === $channel && $request->isSecure()) { @@ -62,9 +64,9 @@ class ChannelListener implements ListenerInterface $this->logger->debug('Redirecting to HTTP'); } - $event->setProcessed(); + $response = $this->authenticationEntryPoint->start($eventArgs, $request); - return $this->authenticationEntryPoint->start($event, $request); + $eventArgs->setResponse($response); } } } diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 548876a..72dab1e 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -11,17 +11,19 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\EventInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Event\FilterResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Core\User\UserInterface; +use Doctrine\Common\EventManager; /** * ContextListener manages the SecurityContext persistence through a session. @@ -36,7 +38,7 @@ class ContextListener implements ListenerInterface private $logger; private $userProviders; - public function __construct(SecurityContext $context, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContext $context, array $userProviders, $contextKey, LoggerInterface $logger = null, EventManager $evm = null) { if (empty($contextKey)) { throw new \InvalidArgumentException('$contextKey must not be empty.'); @@ -46,19 +48,19 @@ class ContextListener implements ListenerInterface $this->userProviders = $userProviders; $this->contextKey = $contextKey; - if (null !== $eventDispatcher) { - $eventDispatcher->connect('core.response', array($this, 'write'), 0); + if (null !== $evm) { + $evm->connect(Events::onCoreResponse, $this); } } /** * Reads the SecurityContext from the session. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); $session = $request->hasSession() ? $request->getSession() : null; @@ -82,29 +84,27 @@ class ContextListener implements ListenerInterface /** * Writes the SecurityContext to the session. * - * @param EventInterface $event An EventInterface instance + * @param FilterResponseEventArgs $eventArgs A FilterResponseEventArgs instance */ - public function write(EventInterface $event, Response $response) + public function filterCoreResponse(FilterResponseEventArgs $eventArgs) { - if (HttpKernelInterface::MASTER_REQUEST !== $event->get('request_type')) { - return $response; + if (HttpKernelInterface::MASTER_REQUEST !== $eventArgs->getRequestType()) { + return; } if (null === $token = $this->context->getToken()) { - return $response; + return; } if (null === $token || $token instanceof AnonymousToken) { - return $response; + return; } if (null !== $this->logger) { $this->logger->debug('Write SecurityContext in the session'); } - $event->get('request')->getSession()->set('_security_'.$this->contextKey, serialize($token)); - - return $response; + $eventArgs->getRequest()->getSession()->set('_security_'.$this->contextKey, serialize($token)); } /** diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index c64cf1c..70b32be 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -15,8 +15,8 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Exception\AuthenticationServiceException; @@ -54,11 +54,11 @@ class DigestAuthenticationListener implements ListenerInterface /** * Handles digest authentication. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (!$header = $request->server->get('PHP_AUTH_DIGEST')) { return; @@ -79,7 +79,7 @@ class DigestAuthenticationListener implements ListenerInterface try { $digestAuth->validateAndDecode($this->authenticationEntryPoint->getKey(), $this->authenticationEntryPoint->getRealmName()); } catch (BadCredentialsException $e) { - $this->fail($event, $request, $e); + $this->fail($eventArgs, $request, $e); return; } @@ -93,7 +93,7 @@ class DigestAuthenticationListener implements ListenerInterface $serverDigestMd5 = $digestAuth->calculateServerDigest($user->getPassword(), $request->getMethod()); } catch (UsernameNotFoundException $notFound) { - $this->fail($event, $request, new BadCredentialsException(sprintf('Username %s not found.', $digestAuth->getUsername()))); + $this->fail($eventArgs, $request, new BadCredentialsException(sprintf('Username %s not found.', $digestAuth->getUsername()))); return; } @@ -103,13 +103,13 @@ class DigestAuthenticationListener implements ListenerInterface $this->logger->debug(sprintf("Expected response: '%s' but received: '%s'; is AuthenticationDao returning clear text passwords?", $serverDigestMd5, $digestAuth->getResponse())); } - $this->fail($event, $request, new BadCredentialsException('Incorrect response')); + $this->fail($eventArgs, $request, new BadCredentialsException('Incorrect response')); return; } if ($digestAuth->isNonceExpired()) { - $this->fail($event, $request, new NonceExpiredException('Nonce has expired/timed out.')); + $this->fail($eventArgs, $request, new NonceExpiredException('Nonce has expired/timed out.')); return; } @@ -121,7 +121,7 @@ class DigestAuthenticationListener implements ListenerInterface $this->securityContext->setToken(new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey)); } - private function fail(EventInterface $event, Request $request, AuthenticationException $authException) + private function fail(GetResponseEventArgs $eventArgs, Request $request, AuthenticationException $authException) { $this->securityContext->setToken(null); @@ -129,7 +129,7 @@ class DigestAuthenticationListener implements ListenerInterface $this->logger->debug($authException); } - $this->authenticationEntryPoint->start($event, $request, $authException); + $this->authenticationEntryPoint->start($eventArgs, $request, $authException); } } diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 7d1b892..e88b84f 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -17,14 +17,14 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\HttpKernelInterface; +use Symfony\Component\HttpKernel\Events; +use Doctrine\Common\EventManager; /** * ExceptionListener catches authentication exception and converts them to @@ -52,25 +52,24 @@ class ExceptionListener } /** - * Registers a core.exception listener to take care of security exceptions. + * Registers a onCoreException listener to take care of security exceptions. * - * @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance - * @param integer $priority The priority + * @param EventManager $evm An EventManager instance */ - public function register(EventDispatcherInterface $dispatcher) + public function register(EventManager $evm) { - $dispatcher->connect('core.exception', array($this, 'handleException'), 0); + $evm->connect(Events::onCoreException, $this); } /** * Handles security related exceptions. * - * @param EventInterface $event An EventInterface instance + * @param ExceptionEventArgs $event An ExceptionEventArgs instance */ - public function handleException(EventInterface $event) + public function onCoreException(ExceptionEventArgs $eventArgs) { - $exception = $event->get('exception'); - $request = $event->get('request'); + $exception = $eventArgs->getException(); + $request = $eventArgs->getRequest(); if ($exception instanceof AuthenticationException) { if (null !== $this->logger) { @@ -78,9 +77,9 @@ class ExceptionListener } try { - $response = $this->startAuthentication($event, $request, $exception); + $response = $this->startAuthentication($eventArgs, $request, $exception); } catch (\Exception $e) { - $event->set('exception', $e); + $eventArgs->set('exception', $e); return; } @@ -92,9 +91,9 @@ class ExceptionListener } try { - $response = $this->startAuthentication($event, $request, new InsufficientAuthenticationException('Full authentication is required to access this resource.', $token, 0, $exception)); + $response = $this->startAuthentication($eventArgs, $request, new InsufficientAuthenticationException('Full authentication is required to access this resource.', $token, 0, $exception)); } catch (\Exception $e) { - $event->set('exception', $e); + $eventArgs->set('exception', $e); return; } @@ -105,7 +104,7 @@ class ExceptionListener try { if (null !== $this->accessDeniedHandler) { - $response = $this->accessDeniedHandler->handle($event, $request, $exception); + $response = $this->accessDeniedHandler->handle($eventArgs, $request, $exception); if (!$response instanceof Response) { return; @@ -118,7 +117,7 @@ class ExceptionListener $subRequest = Request::create($this->errorPage); $subRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $exception); - $response = $event->getSubject()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true); + $response = $eventArgs->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true); $response->setStatusCode(403); } } catch (\Exception $e) { @@ -126,7 +125,7 @@ class ExceptionListener $this->logger->err(sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage())); } - $event->set('exception', new \RuntimeException('Exception thrown when handling an exception.', 0, $e)); + $eventArgs->setException(new \RuntimeException('Exception thrown when handling an exception.', 0, $e)); return; } @@ -135,12 +134,10 @@ class ExceptionListener return; } - $event->setProcessed(); - - return $response; + $eventArgs->setResponse($response); } - private function startAuthentication(EventInterface $event, Request $request, AuthenticationException $authException) + private function startAuthentication(ExceptionEventArgs $eventArgs, Request $request, AuthenticationException $authException) { $this->context->setToken(null); @@ -157,6 +154,6 @@ class ExceptionListener $request->getSession()->set('_security.target_path', $request->getUri()); } - return $this->authenticationEntryPoint->start($event, $request, $authException); + return $this->authenticationEntryPoint->start($eventArgs, $request, $authException); } } diff --git a/Http/Firewall/ListenerInterface.php b/Http/Firewall/ListenerInterface.php index 44d2902..bfc7478 100644 --- a/Http/Firewall/ListenerInterface.php +++ b/Http/Firewall/ListenerInterface.php @@ -11,9 +11,8 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\EventInterface; - -use Symfony\Component\EventDispatcher\EventDispatcherInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Doctrine\Common\EventManager; /** * Interface that must be implemented by firewall listeners @@ -25,7 +24,7 @@ interface ListenerInterface /** * This interface must be implemented by firewall listeners. * - * @param EventInterface $dispatcher + * @param GetResponseEventArgs $eventArgs */ - function handle(EventInterface $event); + function onCoreSecurity(GetResponseEventArgs $eventArgs); }
\ No newline at end of file diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php index bdb92bc..d2b18cf 100644 --- a/Http/Firewall/LogoutListener.php +++ b/Http/Firewall/LogoutListener.php @@ -15,10 +15,10 @@ use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface; use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; use Symfony\Component\Security\Core\SecurityContextInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; +use Symfony\Component\Kernel\Event\GetResponseEventArgs; +use Symfony\Component\Kernel\Events; /** * LogoutListener logout users. @@ -63,18 +63,18 @@ class LogoutListener implements ListenerInterface /** * Performs the logout if requested * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if ($this->logoutPath !== $request->getPathInfo()) { return; } if (null !== $this->successHandler) { - $response = $this->successHandler->onLogoutSuccess($event, $request); + $response = $this->successHandler->onLogoutSuccess($eventArgs, $request); if (!$response instanceof Response) { throw new \RuntimeException('Logout Success Handler did not return a Response.'); @@ -92,8 +92,6 @@ class LogoutListener implements ListenerInterface $this->securityContext->setToken(null); - $event->setProcessed(); - - return $response; + $event->setResponse($response); } } diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 725755d..af5fc83 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -2,18 +2,21 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\Event; -use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; -use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Event\FilterResponseEventArgs; +use Symfony\Component\HttpKernel\Events as KernelEvents; use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; +use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; +use Symfony\Component\Security\Http\Event\InteractiveLoginEventArgs; +use Symfony\Component\Security\Http\Events; +use Doctrine\Common\EventManager; /* * This file is part of the Symfony framework. @@ -35,7 +38,7 @@ class RememberMeListener implements ListenerInterface private $rememberMeServices; private $authenticationManager; private $logger; - private $eventDispatcher; + private $evm; /** * Constructor @@ -45,27 +48,27 @@ class RememberMeListener implements ListenerInterface * @param AuthenticationManagerInterface $authenticationManager * @param LoggerInterface $logger */ - public function __construct(SecurityContext $securityContext, RememberMeServicesInterface $rememberMeServices, AuthenticationManagerInterface $authenticationManager, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContext $securityContext, RememberMeServicesInterface $rememberMeServices, AuthenticationManagerInterface $authenticationManager, LoggerInterface $logger = null, EventManager $evm = null) { $this->securityContext = $securityContext; $this->rememberMeServices = $rememberMeServices; $this->authenticationManager = $authenticationManager; $this->logger = $logger; - $this->eventDispatcher = $eventDispatcher; + $this->evm = $evm; } /** * Handles remember-me cookie based authentication. * - * @param Event $event An Event instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { if (null !== $this->securityContext->getToken()) { return; } - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (null === $token = $this->rememberMeServices->autoLogin($request)) { return; } @@ -74,8 +77,9 @@ class RememberMeListener implements ListenerInterface $token = $this->authenticationManager->authenticate($token); $this->securityContext->setToken($token); - if (null !== $this->eventDispatcher) { - $this->eventDispatcher->notify(new Event($this, 'security.interactive_login', array('request' => $request, 'token' => $token))); + if (null !== $this->evm) { + $loginEventArgs = new InteractiveLoginEventArgs($request, $token); + $this->evm->dispatchEvent(Events::onSecurityInteractiveLogin, $loginEventArgs); } if (null !== $this->logger) { diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index e1925bd..11671ef 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -11,14 +11,13 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\Event; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserCheckerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; +use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; @@ -27,6 +26,9 @@ use Symfony\Component\Security\Core\Role\SwitchUserRole; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Http\Event\SwitchUserEventArgs; +use Symfony\Component\Security\Http\Events; +use Doctrine\Common\EventManager; /** * SwitchUserListener allows a user to impersonate another one temporarily @@ -44,12 +46,12 @@ class SwitchUserListener implements ListenerInterface private $usernameParameter; private $role; private $logger; - private $eventDispatcher; + private $evm; /** * Constructor. */ - public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, UserCheckerInterface $userChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH', EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContextInterface $securityContext, UserProviderInterface $provider, UserCheckerInterface $userChecker, $providerKey, AccessDecisionManagerInterface $accessDecisionManager, LoggerInterface $logger = null, $usernameParameter = '_switch_user', $role = 'ROLE_ALLOWED_TO_SWITCH', EventManager $evm = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); @@ -63,17 +65,17 @@ class SwitchUserListener implements ListenerInterface $this->usernameParameter = $usernameParameter; $this->role = $role; $this->logger = $logger; - $this->eventDispatcher = $eventDispatcher; + $this->evm = $evm; } /** * Handles digest authentication. * - * @param EventInterface $event An EventInterface instance + * @param GetResponseEventArgs $eventArgs A GetResponseEventArgs instance */ - public function handle(EventInterface $event) + public function onCoreSecurity(GetResponseEventArgs $eventArgs) { - $request = $event->get('request'); + $request = $eventArgs->getRequest(); if (!$request->get($this->usernameParameter)) { return; @@ -94,9 +96,7 @@ class SwitchUserListener implements ListenerInterface $request->server->set('QUERY_STRING', ''); $response = new RedirectResponse($request->getUri(), 302); - $event->setProcessed(); - - return $response; + $event->setResponse($response); } /** @@ -129,8 +129,9 @@ class SwitchUserListener implements ListenerInterface $token = new UsernamePasswordToken($user, $user->getPassword(), $this->providerKey, $roles); - if (null !== $this->eventDispatcher) { - $this->eventDispatcher->notify(new Event($this, 'security.switch_user', array('request' => $request, 'target_user' => $token->getUser()))); + if (null !== $this->evm) { + $switchEventArgs = new SwitchUserEventArgs($request, $token->getUser()); + $this->evm->dispatchEvent(Events::onSecuritySwitchUser, $switchEventArgs); } return $token; @@ -149,8 +150,9 @@ class SwitchUserListener implements ListenerInterface throw new AuthenticationCredentialsNotFoundException(sprintf('Could not find original Token object.')); } - if (null !== $this->eventDispatcher) { - $this->eventDispatcher->notify(new Event($this, 'security.switch_user', array('request' => $request, 'target_user' => $original->getUser()))); + if (null !== $this->evm) { + $switchEventArgs = new SwitchUserEventArgs($request, $original->getUser()); + $this->evm->notify(Events::onSecuritySwitchUser, $switchEventArgs); } return $original; diff --git a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php index 2402105..7f60daa 100644 --- a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php +++ b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php @@ -11,8 +11,6 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; - use Symfony\Component\Form\CsrfProvider\CsrfProviderInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Log\LoggerInterface; @@ -23,6 +21,7 @@ use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterfac use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException; use Symfony\Component\Security\Core\SecurityContextInterface; +use Doctrine\Common\EventManager; /** * UsernamePasswordFormAuthenticationListener is the default implementation of @@ -37,7 +36,7 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL /** * {@inheritdoc} */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null, CsrfProviderInterface $csrfProvider = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventManager $evm = null, CsrfProviderInterface $csrfProvider = null) { parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $providerKey, array_merge(array( 'username_parameter' => '_username', @@ -45,7 +44,7 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL 'csrf_parameter' => '_csrf_token', 'csrf_page_id' => 'form_login', 'post_only' => true, - ), $options), $successHandler, $failureHandler, $logger, $eventDispatcher); + ), $options), $successHandler, $failureHandler, $logger, $evm); $this->csrfProvider = $csrfProvider; } diff --git a/Http/Firewall/X509AuthenticationListener.php b/Http/Firewall/X509AuthenticationListener.php index 22b62dc..509f541 100644 --- a/Http/Firewall/X509AuthenticationListener.php +++ b/Http/Firewall/X509AuthenticationListener.php @@ -11,12 +11,12 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Exception\BadCredentialsException; +use Doctrine\Common\EventManager; /** * X509 authentication listener. @@ -28,9 +28,9 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener protected $userKey; protected $credentialKey; - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null, EventDispatcherInterface $eventDispatcher = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, $userKey = 'SSL_CLIENT_S_DN_Email', $credentialKey = 'SSL_CLIENT_S_DN', LoggerInterface $logger = null, EventManager $evm = null) { - parent::__construct($securityContext, $authenticationManager, $providerKey, $logger, $eventDispatcher); + parent::__construct($securityContext, $authenticationManager, $providerKey, $logger, $evm); $this->userKey = $userKey; $this->credentialKey = $credentialKey; diff --git a/Http/Logout/LogoutSuccessHandlerInterface.php b/Http/Logout/LogoutSuccessHandlerInterface.php index 346784b..9338256 100644 --- a/Http/Logout/LogoutSuccessHandlerInterface.php +++ b/Http/Logout/LogoutSuccessHandlerInterface.php @@ -3,7 +3,7 @@ namespace Symfony\Component\Security\Http\Logout; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\EventDispatcher\EventInterface; +use Symfony\Component\HttpKernel\Event\GetResponseEventArgs; /** * LogoutSuccesshandlerInterface. @@ -21,9 +21,9 @@ interface LogoutSuccessHandlerInterface /** * Creates a Response object to send upon a successful logout. * - * @param EventInterface $event + * @param GetResponseEventArgs $eventArgs * @param Request $request * @return Response never null */ - function onLogoutSuccess(EventInterface $event, Request $request); + function onLogoutSuccess(GetResponseEventArgs $eventArgs, Request $request); }
\ No newline at end of file |