diff options
Diffstat (limited to 'Http')
29 files changed, 140 insertions, 60 deletions
diff --git a/Http/Authentication/AuthenticationFailureHandlerInterface.php b/Http/Authentication/AuthenticationFailureHandlerInterface.php index 5b619bc..d5d0067 100644 --- a/Http/Authentication/AuthenticationFailureHandlerInterface.php +++ b/Http/Authentication/AuthenticationFailureHandlerInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Authentication; use Symfony\Component\Security\Core\Exception\AuthenticationException; @@ -27,4 +36,4 @@ interface AuthenticationFailureHandlerInterface * @return Response the response to return */ function onAuthenticationFailure(Request $request, AuthenticationException $exception); -}
\ No newline at end of file +} diff --git a/Http/Authentication/AuthenticationSuccessHandlerInterface.php b/Http/Authentication/AuthenticationSuccessHandlerInterface.php index 4cdd976..3d7c561 100644 --- a/Http/Authentication/AuthenticationSuccessHandlerInterface.php +++ b/Http/Authentication/AuthenticationSuccessHandlerInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Authentication; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; @@ -27,4 +36,4 @@ interface AuthenticationSuccessHandlerInterface * @return Response the response to return */ function onAuthenticationSuccess(Request $request, TokenInterface $token); -}
\ No newline at end of file +} diff --git a/Http/Authorization/AccessDeniedHandlerInterface.php b/Http/Authorization/AccessDeniedHandlerInterface.php index 42ac266..798e611 100644 --- a/Http/Authorization/AccessDeniedHandlerInterface.php +++ b/Http/Authorization/AccessDeniedHandlerInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Authorization; use Symfony\Component\HttpFoundation\Request; diff --git a/Http/EntryPoint/FormAuthenticationEntryPoint.php b/Http/EntryPoint/FormAuthenticationEntryPoint.php index 12f077f..6301606 100644 --- a/Http/EntryPoint/FormAuthenticationEntryPoint.php +++ b/Http/EntryPoint/FormAuthenticationEntryPoint.php @@ -48,10 +48,13 @@ class FormAuthenticationEntryPoint implements AuthenticationEntryPointInterface */ public function start(Request $request, AuthenticationException $authException = null) { + $path = str_replace('{_locale}', $request->getSession()->getLocale(), $this->loginPath); if ($this->useForward) { - return $this->httpKernel->handle(Request::create($this->loginPath), HttpKernelInterface::SUB_REQUEST); + $subRequest = Request::create($path, 'get', array(), $request->cookies->all(), array(), $request->server->all()); + + return $this->httpKernel->handle($subRequest, HttpKernelInterface::SUB_REQUEST); } - return new RedirectResponse(0 !== strpos($this->loginPath, 'http') ? $request->getUriForPath($this->loginPath) : $this->loginPath, 302); + return new RedirectResponse(0 !== strpos($path, 'http') ? $request->getUriForPath($path) : $path, 302); } } diff --git a/Http/Event/InteractiveLoginEvent.php b/Http/Event/InteractiveLoginEvent.php index 1d16cb6..f242501 100644 --- a/Http/Event/InteractiveLoginEvent.php +++ b/Http/Event/InteractiveLoginEvent.php @@ -36,4 +36,4 @@ class InteractiveLoginEvent extends Event { return $this->authenticationToken; } -}
\ No newline at end of file +} diff --git a/Http/Event/SwitchUserEvent.php b/Http/Event/SwitchUserEvent.php index 03ca003..4a7dcaf 100644 --- a/Http/Event/SwitchUserEvent.php +++ b/Http/Event/SwitchUserEvent.php @@ -36,4 +36,4 @@ class SwitchUserEvent extends Event { return $this->targetUser; } -}
\ No newline at end of file +} diff --git a/Http/Firewall/AbstractAuthenticationListener.php b/Http/Firewall/AbstractAuthenticationListener.php index 028e968..bf61057 100644 --- a/Http/Firewall/AbstractAuthenticationListener.php +++ b/Http/Firewall/AbstractAuthenticationListener.php @@ -18,9 +18,10 @@ use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; +use Symfony\Component\Security\Core\Exception\SessionUnavailableException; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\HttpKernelInterface; -use Symfony\Component\HttpKernel\Events as KernelEvents; +use Symfony\Component\HttpKernel\CoreEvents; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; @@ -28,7 +29,7 @@ use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; -use Symfony\Component\Security\Http\Events; +use Symfony\Component\Security\Http\SecurityEvents; /** * The AbstractAuthenticationListener is the preferred base class for all @@ -63,11 +64,16 @@ abstract class AbstractAuthenticationListener implements ListenerInterface /** * Constructor. * - * @param SecurityContextInterface $securityContext A SecurityContext instance - * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance - * @param array $options An array of options for the processing of a successful, or failed authentication attempt - * @param LoggerInterface $logger A LoggerInterface instance - * @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance + * @param SecurityContextInterface $securityContext A SecurityContext instance + * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance + * @param SessionAuthenticationStrategyInterface $sessionStrategy + * @param string $providerKey + * @param array $options An array of options for the processing of a + * successful, or failed authentication attempt + * @param AuthenticationSuccessHandlerInterface $successHandler + * @param AuthenticationFailureHandlerInterface $failureHandler + * @param LoggerInterface $logger A LoggerInterface instance + * @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance */ public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null) { @@ -123,6 +129,14 @@ abstract class AbstractAuthenticationListener implements ListenerInterface return; } + if (!$request->hasSession()) { + throw new \RuntimeException('This authentication method requires a session.'); + } + + if (!$request->hasPreviousSession()) { + throw new SessionUnavailableException('Your session has timed-out, or you have disabled cookies.'); + } + if ($returnValue instanceof TokenInterface) { $this->sessionStrategy->onAuthentication($request, $returnValue); @@ -152,7 +166,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface */ protected function requiresAuthentication(Request $request) { - return $this->options['check_path'] === $request->getPathInfo(); + return str_replace('{_locale}', $request->getSession()->getLocale(), $this->options['check_path']) === $request->getPathInfo(); } /** @@ -182,24 +196,26 @@ abstract class AbstractAuthenticationListener implements ListenerInterface $this->options['failure_path'] = $this->options['login_path']; } + $path = str_replace('{_locale}', $request->getSession()->getLocale(), $this->options['failure_path']); + if ($this->options['failure_forward']) { if (null !== $this->logger) { - $this->logger->debug(sprintf('Forwarding to %s', $this->options['failure_path'])); + $this->logger->debug(sprintf('Forwarding to %s', $path)); } - $subRequest = Request::create($this->options['failure_path']); + $subRequest = Request::create($path, 'get', array(), $request->cookies->all(), array(), $request->server->all()); $subRequest->attributes->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed); return $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST); } if (null !== $this->logger) { - $this->logger->debug(sprintf('Redirecting to %s', $this->options['failure_path'])); + $this->logger->debug(sprintf('Redirecting to %s', $path)); } $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $failed); - return new RedirectResponse(0 !== strpos($this->options['failure_path'], 'http') ? $request->getUriForPath($this->options['failure_path']) : $this->options['failure_path'], 302); + return new RedirectResponse(0 !== strpos($path, 'http') ? $request->getUriForPath($path) : $path, 302); } private function onSuccess(GetResponseEvent $event, Request $request, TokenInterface $token) @@ -219,13 +235,13 @@ abstract class AbstractAuthenticationListener implements ListenerInterface if (null !== $this->dispatcher) { $loginEvent = new InteractiveLoginEvent($request, $token); - $this->dispatcher->dispatch(Events::onSecurityInteractiveLogin, $loginEvent); + $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); } if (null !== $this->successHandler) { $response = $this->successHandler->onAuthenticationSuccess($request, $token); } else { - $path = $this->determineTargetUrl($request); + $path = str_replace('{_locale}', $session->getLocale(), $this->determineTargetUrl($request)); $response = new RedirectResponse(0 !== strpos($path, 'http') ? $request->getUriForPath($path) : $path, 302); } diff --git a/Http/Firewall/AbstractPreAuthenticatedListener.php b/Http/Firewall/AbstractPreAuthenticatedListener.php index 9cd5a49..332e3f8 100644 --- a/Http/Firewall/AbstractPreAuthenticatedListener.php +++ b/Http/Firewall/AbstractPreAuthenticatedListener.php @@ -16,9 +16,9 @@ use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterfac use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; -use Symfony\Component\Security\Http\Events; +use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events as KernelEvents; +use Symfony\Component\HttpKernel\CoreEvents; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -82,7 +82,7 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface if (null !== $this->dispatcher) { $loginEvent = new InteractiveLoginEvent($request, $token); - $this->dispatcher->dispatch(Events::onSecurityInteractiveLogin, $loginEvent); + $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); } } catch (AuthenticationException $failed) { $this->securityContext->setToken(null); diff --git a/Http/Firewall/AccessListener.php b/Http/Firewall/AccessListener.php index bbcd932..0cb45ac 100644 --- a/Http/Firewall/AccessListener.php +++ b/Http/Firewall/AccessListener.php @@ -17,7 +17,6 @@ use Symfony\Component\Security\Http\AccessMap; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; diff --git a/Http/Firewall/AnonymousAuthenticationListener.php b/Http/Firewall/AnonymousAuthenticationListener.php index 36cf878..a6f8742 100644 --- a/Http/Firewall/AnonymousAuthenticationListener.php +++ b/Http/Firewall/AnonymousAuthenticationListener.php @@ -14,7 +14,6 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; /** diff --git a/Http/Firewall/BasicAuthenticationListener.php b/Http/Firewall/BasicAuthenticationListener.php index da2e435..9669853 100644 --- a/Http/Firewall/BasicAuthenticationListener.php +++ b/Http/Firewall/BasicAuthenticationListener.php @@ -16,7 +16,6 @@ use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterfac use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; diff --git a/Http/Firewall/ChannelListener.php b/Http/Firewall/ChannelListener.php index 1677a02..73bb076 100644 --- a/Http/Firewall/ChannelListener.php +++ b/Http/Firewall/ChannelListener.php @@ -15,7 +15,6 @@ use Symfony\Component\Security\Http\AccessMap; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; /** * ChannelListener switches the HTTP protocol based on the access control diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 8226fe4..950429a 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -16,7 +16,7 @@ use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpKernel\Event\FilterResponseEvent; -use Symfony\Component\HttpKernel\Events; +use Symfony\Component\HttpKernel\CoreEvents; use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; @@ -47,9 +47,10 @@ class ContextListener implements ListenerInterface $this->context = $context; $this->userProviders = $userProviders; $this->contextKey = $contextKey; + $this->logger = $logger; if (null !== $dispatcher) { - $dispatcher->addListener(Events::onCoreResponse, $this); + $dispatcher->addListener(CoreEvents::RESPONSE, array($this, 'onCoreResponse')); } } diff --git a/Http/Firewall/DigestAuthenticationListener.php b/Http/Firewall/DigestAuthenticationListener.php index ffb06a3..5c529da 100644 --- a/Http/Firewall/DigestAuthenticationListener.php +++ b/Http/Firewall/DigestAuthenticationListener.php @@ -16,7 +16,6 @@ use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Http\EntryPoint\DigestAuthenticationEntryPoint; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\BadCredentialsException; use Symfony\Component\Security\Core\Exception\AuthenticationServiceException; diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 9143361..5755c2d 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -23,7 +23,7 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\HttpKernelInterface; -use Symfony\Component\HttpKernel\Events; +use Symfony\Component\HttpKernel\CoreEvents; use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; use Symfony\Component\EventDispatcher\EventDispatcherInterface; @@ -59,7 +59,7 @@ class ExceptionListener */ public function register(EventDispatcherInterface $dispatcher) { - $dispatcher->addListener(Events::onCoreException, $this); + $dispatcher->addListener(CoreEvents::EXCEPTION, array($this, 'onCoreException')); } /** @@ -115,7 +115,7 @@ class ExceptionListener return; } - $subRequest = Request::create($this->errorPage); + $subRequest = Request::create($this->errorPage, 'get', array(), $request->cookies->all(), array(), $request->server->all()); $subRequest->attributes->set(SecurityContextInterface::ACCESS_DENIED_ERROR, $exception); $response = $event->getKernel()->handle($subRequest, HttpKernelInterface::SUB_REQUEST, true); @@ -140,8 +140,6 @@ class ExceptionListener private function startAuthentication(Request $request, AuthenticationException $authException) { - $this->context->setToken(null); - if (null === $this->authenticationEntryPoint) { throw $authException; } diff --git a/Http/Firewall/ListenerInterface.php b/Http/Firewall/ListenerInterface.php index 9d5084e..822f641 100644 --- a/Http/Firewall/ListenerInterface.php +++ b/Http/Firewall/ListenerInterface.php @@ -27,4 +27,4 @@ interface ListenerInterface * @param GetResponseEvent $event */ function handle(GetResponseEvent $event); -}
\ No newline at end of file +} diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php index 8ff9c8b..e1a5f3d 100644 --- a/Http/Firewall/LogoutListener.php +++ b/Http/Firewall/LogoutListener.php @@ -18,7 +18,6 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Events; /** * LogoutListener logout users. @@ -70,7 +69,10 @@ class LogoutListener implements ListenerInterface { $request = $event->getRequest(); - if ($this->logoutPath !== $request->getPathInfo()) { + $logoutPath = str_replace('{_locale}', $request->getSession()->getLocale(), $this->logoutPath); + $targetUrl = str_replace('{_locale}', $request->getSession()->getLocale(), $this->targetUrl); + + if ($logoutPath !== $request->getPathInfo()) { return; } @@ -81,7 +83,7 @@ class LogoutListener implements ListenerInterface throw new \RuntimeException('Logout Success Handler did not return a Response.'); } } else { - $response = new RedirectResponse(0 !== strpos($this->targetUrl, 'http') ? $request->getUriForPath($this->targetUrl) : $this->targetUrl, 302); + $response = new RedirectResponse(0 !== strpos($targetUrl, 'http') ? $request->getUriForPath($targetUrl) : $targetUrl, 302); } // handle multiple logout attempts gracefully diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 07aa8f5..9b144b6 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -6,7 +6,7 @@ use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpKernel\Event\FilterResponseEvent; -use Symfony\Component\HttpKernel\Events as KernelEvents; +use Symfony\Component\HttpKernel\CoreEvents; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; @@ -15,7 +15,7 @@ use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; -use Symfony\Component\Security\Http\Events; +use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /* @@ -80,7 +80,7 @@ class RememberMeListener implements ListenerInterface if (null !== $this->dispatcher) { $loginEvent = new InteractiveLoginEvent($request, $token); - $this->dispatcher->dispatch(Events::onSecurityInteractiveLogin, $loginEvent); + $this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent); } if (null !== $this->logger) { @@ -98,4 +98,4 @@ class RememberMeListener implements ListenerInterface $this->rememberMeServices->loginFail($request); } } -}
\ No newline at end of file +} diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 3cefdd7..8e45508 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -27,7 +27,7 @@ use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Http\Event\SwitchUserEvent; -use Symfony\Component\Security\Http\Events; +use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** @@ -133,7 +133,7 @@ class SwitchUserListener implements ListenerInterface if (null !== $this->dispatcher) { $switchEvent = new SwitchUserEvent($request, $token->getUser()); - $this->dispatcher->dispatch(Events::onSecuritySwitchUser, $switchEvent); + $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); } return $token; @@ -154,7 +154,7 @@ class SwitchUserListener implements ListenerInterface if (null !== $this->dispatcher) { $switchEvent = new SwitchUserEvent($request, $original->getUser()); - $this->dispatcher->dispatch(Events::onSecuritySwitchUser, $switchEvent); + $this->dispatcher->dispatch(SecurityEvents::SWITCH_USER, $switchEvent); } return $original; diff --git a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php index 859bb20..816cae4 100644 --- a/Http/Firewall/UsernamePasswordFormAuthenticationListener.php +++ b/Http/Firewall/UsernamePasswordFormAuthenticationListener.php @@ -63,7 +63,7 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL } if (null !== $this->csrfProvider) { - $csrfToken = $request->get($this->options['csrf_parameter']); + $csrfToken = $request->get($this->options['csrf_parameter'], null, true); if (false === $this->csrfProvider->isCsrfTokenValid($this->options['intention'], $csrfToken)) { throw new InvalidCsrfTokenException('Invalid CSRF token.'); @@ -77,4 +77,4 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey)); } -}
\ No newline at end of file +} diff --git a/Http/FirewallMapInterface.php b/Http/FirewallMapInterface.php index 575b96f..99bac06 100644 --- a/Http/FirewallMapInterface.php +++ b/Http/FirewallMapInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http; use Symfony\Component\HttpFoundation\Request; @@ -25,4 +34,4 @@ interface FirewallMapInterface * @return array of the format array(array(AuthenticationListener), ExceptionListener) */ function getListeners(Request $request); -}
\ No newline at end of file +} diff --git a/Http/Logout/LogoutHandlerInterface.php b/Http/Logout/LogoutHandlerInterface.php index e3f0995..6d5c519 100644 --- a/Http/Logout/LogoutHandlerInterface.php +++ b/Http/Logout/LogoutHandlerInterface.php @@ -33,4 +33,4 @@ interface LogoutHandlerInterface * @return void */ function logout(Request $request, Response $response, TokenInterface $token); -}
\ No newline at end of file +} diff --git a/Http/Logout/LogoutSuccessHandlerInterface.php b/Http/Logout/LogoutSuccessHandlerInterface.php index e3e80bc..5592771 100644 --- a/Http/Logout/LogoutSuccessHandlerInterface.php +++ b/Http/Logout/LogoutSuccessHandlerInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Logout; use Symfony\Component\HttpFoundation\Request; @@ -25,4 +34,4 @@ interface LogoutSuccessHandlerInterface * @return Response never null */ function onLogoutSuccess(Request $request); -}
\ No newline at end of file +} diff --git a/Http/Logout/SessionLogoutHandler.php b/Http/Logout/SessionLogoutHandler.php index bfb5ecd..9fd49d1 100644 --- a/Http/Logout/SessionLogoutHandler.php +++ b/Http/Logout/SessionLogoutHandler.php @@ -34,4 +34,4 @@ class SessionLogoutHandler implements LogoutHandlerInterface { $request->getSession()->invalidate(); } -}
\ No newline at end of file +} diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php index f2a0249..eb622a4 100644 --- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php +++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php @@ -150,4 +150,4 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices return base64_encode(hash('sha512', uniqid(mt_rand(), true), true)); } -}
\ No newline at end of file +} diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php index 5c56c18..c6b0ada 100644 --- a/Http/RememberMe/RememberMeServicesInterface.php +++ b/Http/RememberMe/RememberMeServicesInterface.php @@ -80,4 +80,4 @@ interface RememberMeServicesInterface * @return void */ function loginSuccess(Request $request, Response $response, TokenInterface $token); -}
\ No newline at end of file +} diff --git a/Http/Events.php b/Http/SecurityEvents.php index c0aa65d..a6c4e42 100644 --- a/Http/Events.php +++ b/Http/SecurityEvents.php @@ -11,9 +11,9 @@ namespace Symfony\Component\Security\Http; -final class Events +final class SecurityEvents { - const onSecurityInteractiveLogin = 'onSecurityInteractiveLogin'; + const INTERACTIVE_LOGIN = 'security.interactive_login'; - const onSecuritySwitchUser = 'onSecuritySwitchUser'; -}
\ No newline at end of file + const SWITCH_USER = 'security.switch_user'; +} diff --git a/Http/Session/SessionAuthenticationStrategy.php b/Http/Session/SessionAuthenticationStrategy.php index dea34be..7e0c20a 100644 --- a/Http/Session/SessionAuthenticationStrategy.php +++ b/Http/Session/SessionAuthenticationStrategy.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Session; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; @@ -39,14 +48,16 @@ class SessionAuthenticationStrategy implements SessionAuthenticationStrategyInte case self::MIGRATE: $request->getSession()->migrate(); + return; case self::INVALIDATE: $request->getSession()->invalidate(); + return; default: throw new \RuntimeException(sprintf('Invalid session authentication strategy "%s"', $this->strategy)); } } -}
\ No newline at end of file +} diff --git a/Http/Session/SessionAuthenticationStrategyInterface.php b/Http/Session/SessionAuthenticationStrategyInterface.php index b248fd7..54924ac 100644 --- a/Http/Session/SessionAuthenticationStrategyInterface.php +++ b/Http/Session/SessionAuthenticationStrategyInterface.php @@ -1,5 +1,14 @@ <?php +/* + * This file is part of the Symfony framework. + * + * (c) Fabien Potencier <fabien@symfony.com> + * + * This source file is subject to the MIT license that is bundled + * with this source code in the file LICENSE. + */ + namespace Symfony\Component\Security\Http\Session; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; @@ -27,4 +36,4 @@ interface SessionAuthenticationStrategyInterface * @return void */ function onAuthentication(Request $request, TokenInterface $token); -}
\ No newline at end of file +} |