summaryrefslogtreecommitdiffstats
path: root/Http
diff options
context:
space:
mode:
Diffstat (limited to 'Http')
-rw-r--r--Http/Firewall/AbstractAuthenticationListener.php2
-rw-r--r--Http/Firewall/ContextListener.php21
-rw-r--r--Http/Firewall/ExceptionListener.php4
-rw-r--r--Http/Firewall/LogoutListener.php1
-rw-r--r--Http/HttpUtils.php23
-rw-r--r--Http/Logout/CookieClearingLogoutHandler.php1
-rw-r--r--Http/Logout/LogoutHandlerInterface.php1
-rw-r--r--Http/Logout/SessionLogoutHandler.php1
-rw-r--r--Http/RememberMe/AbstractRememberMeServices.php5
-rw-r--r--Http/RememberMe/PersistentTokenBasedRememberMeServices.php1
-rw-r--r--Http/RememberMe/RememberMeServicesInterface.php2
-rw-r--r--Http/Session/SessionAuthenticationStrategyInterface.php2
12 files changed, 16 insertions, 48 deletions
diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php
index 5270e8d..9f91a39 100644
--- a/Http/Firewall/AbstractAuthenticationListener.php
+++ b/Http/Firewall/AbstractAuthenticationListener.php
@@ -273,7 +273,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
return $targetUrl;
}
- if ($this->options['use_referer'] && $targetUrl = $request->headers->get('Referer')) {
+ if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
return $targetUrl;
}
diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php
index e86824d..452bf1d 100644
--- a/Http/Firewall/ContextListener.php
+++ b/Http/Firewall/ContextListener.php
@@ -22,6 +22,7 @@ use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
/**
@@ -43,6 +44,12 @@ class ContextListener implements ListenerInterface
throw new \InvalidArgumentException('$contextKey must not be empty.');
}
+ foreach ($userProviders as $userProvider) {
+ if (!$userProvider instanceof UserProviderInterface) {
+ throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "Symfony\Component\Security\Core\User\UserProviderInterface".', get_class($userProvider)));
+ }
+ }
+
$this->context = $context;
$this->userProviders = $userProviders;
$this->contextKey = $contextKey;
@@ -96,19 +103,19 @@ class ContextListener implements ListenerInterface
return;
}
- if (null === $token = $this->context->getToken()) {
- return;
+ if (null !== $this->logger) {
+ $this->logger->debug('Write SecurityContext in the session');
}
- if (null === $token || $token instanceof AnonymousToken) {
+ if (null === $session = $event->getRequest()->getSession()) {
return;
}
- if (null !== $this->logger) {
- $this->logger->debug('Write SecurityContext in the session');
+ if ((null === $token = $this->context->getToken()) || ($token instanceof AnonymousToken)) {
+ $session->remove('_security_'.$this->contextKey);
+ } else {
+ $session->set('_security_'.$this->contextKey, serialize($token));
}
-
- $event->getRequest()->getSession()->set('_security_'.$this->contextKey, serialize($token));
}
/**
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
index 1535b9b..674c648 100644
--- a/Http/Firewall/ExceptionListener.php
+++ b/Http/Firewall/ExceptionListener.php
@@ -15,7 +15,6 @@ use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
@@ -160,10 +159,9 @@ class ExceptionListener
$this->setTargetPath($request);
- if ($authException instanceof AccountStatusException && ($token = $this->context->getToken()) instanceof UsernamePasswordToken) {
+ if ($authException instanceof AccountStatusException) {
// remove the security token to prevent infinite redirect loops
$this->context->setToken(null);
- $request->getSession()->remove('_security_' . $token->getProviderKey());
}
return $this->authenticationEntryPoint->start($request, $authException);
diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php
index cd8f9f6..01ff145 100644
--- a/Http/Firewall/LogoutListener.php
+++ b/Http/Firewall/LogoutListener.php
@@ -56,7 +56,6 @@ class LogoutListener implements ListenerInterface
* Adds a logout handler
*
* @param LogoutHandlerInterface $handler
- * @return void
*/
public function addHandler(LogoutHandlerInterface $handler)
{
diff --git a/Http/HttpUtils.php b/Http/HttpUtils.php
index cac130e..f62f84d 100644
--- a/Http/HttpUtils.php
+++ b/Http/HttpUtils.php
@@ -52,7 +52,6 @@ class HttpUtils
if ('/' === $path[0]) {
$path = $request->getUriForPath($path);
} elseif (0 !== strpos($path, 'http')) {
- $this->resetLocale($request);
$path = $this->generateUrl($path, true);
}
@@ -70,7 +69,6 @@ class HttpUtils
public function createRequest(Request $request, $path)
{
if ($path && '/' !== $path[0] && 0 !== strpos($path, 'http')) {
- $this->resetLocale($request);
$path = $this->generateUrl($path, true);
}
if (0 !== strpos($path, 'http')) {
@@ -120,27 +118,6 @@ class HttpUtils
return $path === $request->getPathInfo();
}
- // hack (don't have a better solution for now)
- private function resetLocale(Request $request)
- {
- $context = $this->router->getContext();
- if ($context->getParameter('_locale')) {
- return;
- }
-
- try {
- $parameters = $this->router->match($request->getPathInfo());
-
- if (isset($parameters['_locale'])) {
- $context->setParameter('_locale', $parameters['_locale']);
- } elseif ($session = $request->getSession()) {
- $context->setParameter('_locale', $session->getLocale());
- }
- } catch (\Exception $e) {
- // let's hope user doesn't use the locale in the path
- }
- }
-
private function generateUrl($route, $absolute = false)
{
if (null === $this->router) {
diff --git a/Http/Logout/CookieClearingLogoutHandler.php b/Http/Logout/CookieClearingLogoutHandler.php
index 65b45f2..dd3d293 100644
--- a/Http/Logout/CookieClearingLogoutHandler.php
+++ b/Http/Logout/CookieClearingLogoutHandler.php
@@ -39,7 +39,6 @@ class CookieClearingLogoutHandler implements LogoutHandlerInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
public function logout(Request $request, Response $response, TokenInterface $token)
{
diff --git a/Http/Logout/LogoutHandlerInterface.php b/Http/Logout/LogoutHandlerInterface.php
index 6d5c519..71be388 100644
--- a/Http/Logout/LogoutHandlerInterface.php
+++ b/Http/Logout/LogoutHandlerInterface.php
@@ -30,7 +30,6 @@ interface LogoutHandlerInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
function logout(Request $request, Response $response, TokenInterface $token);
}
diff --git a/Http/Logout/SessionLogoutHandler.php b/Http/Logout/SessionLogoutHandler.php
index 9fd49d1..e91cf17 100644
--- a/Http/Logout/SessionLogoutHandler.php
+++ b/Http/Logout/SessionLogoutHandler.php
@@ -28,7 +28,6 @@ class SessionLogoutHandler implements LogoutHandlerInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
public function logout(Request $request, Response $response, TokenInterface $token)
{
diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php
index 22e9cd5..556fb6a 100644
--- a/Http/RememberMe/AbstractRememberMeServices.php
+++ b/Http/RememberMe/AbstractRememberMeServices.php
@@ -143,7 +143,6 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
public function logout(Request $request, Response $response, TokenInterface $token)
{
@@ -155,7 +154,6 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
* an attempted authentication fails.
*
* @param Request $request
- * @return void
*/
public final function loginFail(Request $request)
{
@@ -170,7 +168,6 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token The token that resulted in a successful authentication
- * @return void
*/
public final function loginSuccess(Request $request, Response $response, TokenInterface $token)
{
@@ -219,7 +216,6 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
abstract protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token);
@@ -260,7 +256,6 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
* Deletes the remember-me cookie
*
* @param Request $request
- * @return void
*/
protected function cancelCookie(Request $request)
{
diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
index 91105db..b87c9e4 100644
--- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
+++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php
@@ -35,7 +35,6 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices
* Sets the token provider
*
* @param TokenProviderInterface $tokenProvider
- * @return void
*/
public function setTokenProvider(TokenProviderInterface $tokenProvider)
{
diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php
index c6b0ada..c01b8f6 100644
--- a/Http/RememberMe/RememberMeServicesInterface.php
+++ b/Http/RememberMe/RememberMeServicesInterface.php
@@ -59,7 +59,6 @@ interface RememberMeServicesInterface
* This method needs to take care of invalidating the cookie.
*
* @param Request $request
- * @return void
*/
function loginFail(Request $request);
@@ -77,7 +76,6 @@ interface RememberMeServicesInterface
* @param Request $request
* @param Response $response
* @param TokenInterface $token
- * @return void
*/
function loginSuccess(Request $request, Response $response, TokenInterface $token);
}
diff --git a/Http/Session/SessionAuthenticationStrategyInterface.php b/Http/Session/SessionAuthenticationStrategyInterface.php
index 54924ac..5bc6b80 100644
--- a/Http/Session/SessionAuthenticationStrategyInterface.php
+++ b/Http/Session/SessionAuthenticationStrategyInterface.php
@@ -32,8 +32,6 @@ interface SessionAuthenticationStrategyInterface
*
* @param Request $request
* @param TokenInterface $token
- *
- * @return void
*/
function onAuthentication(Request $request, TokenInterface $token);
}
generated by cgit v1.1 at 2025-05-18 02:38:27 +0000