diff options
Diffstat (limited to 'Http')
| -rw-r--r-- | Http/EntryPoint/RetryAuthenticationEntryPoint.php | 1 | ||||
| -rw-r--r-- | Http/Firewall.php | 1 | ||||
| -rw-r--r-- | Http/Firewall/ContextListener.php | 5 | ||||
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 9 | ||||
| -rw-r--r-- | Http/Firewall/ListenerInterface.php | 1 | ||||
| -rw-r--r-- | Http/Firewall/LogoutListener.php | 2 | ||||
| -rw-r--r-- | Http/Firewall/RememberMeListener.php | 5 | ||||
| -rw-r--r-- | Http/Firewall/SwitchUserListener.php | 1 | ||||
| -rw-r--r-- | Http/FirewallMapInterface.php | 1 | ||||
| -rw-r--r-- | Http/HttpUtils.php | 8 | ||||
| -rw-r--r-- | Http/Logout/CookieClearingLogoutHandler.php | 4 | ||||
| -rw-r--r-- | Http/Logout/LogoutHandlerInterface.php | 1 | ||||
| -rw-r--r-- | Http/Logout/LogoutSuccessHandlerInterface.php | 2 | ||||
| -rw-r--r-- | Http/Logout/SessionLogoutHandler.php | 1 | ||||
| -rw-r--r-- | Http/RememberMe/AbstractRememberMeServices.php | 14 | ||||
| -rw-r--r-- | Http/RememberMe/PersistentTokenBasedRememberMeServices.php | 2 | ||||
| -rw-r--r-- | Http/RememberMe/RememberMeServicesInterface.php | 3 | ||||
| -rw-r--r-- | Http/RememberMe/TokenBasedRememberMeServices.php | 3 |
18 files changed, 43 insertions, 21 deletions
diff --git a/Http/EntryPoint/RetryAuthenticationEntryPoint.php b/Http/EntryPoint/RetryAuthenticationEntryPoint.php index 12ba538..532601a 100644 --- a/Http/EntryPoint/RetryAuthenticationEntryPoint.php +++ b/Http/EntryPoint/RetryAuthenticationEntryPoint.php @@ -13,7 +13,6 @@ namespace Symfony\Component\Security\Http\EntryPoint; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; diff --git a/Http/Firewall.php b/Http/Firewall.php index 9d05f86..91eb6a9 100644 --- a/Http/Firewall.php +++ b/Http/Firewall.php @@ -13,7 +13,6 @@ namespace Symfony\Component\Security\Http; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpFoundation\Request; use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** diff --git a/Http/Firewall/ContextListener.php b/Http/Firewall/ContextListener.php index 6fb77e9..d282452 100644 --- a/Http/Firewall/ContextListener.php +++ b/Http/Firewall/ContextListener.php @@ -11,7 +11,6 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; @@ -93,6 +92,10 @@ class ContextListener implements ListenerInterface return; } + if (!$event->getRequest()->hasSession()) { + return; + } + if (null === $token = $this->context->getToken()) { return; } diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index 9bbccca..1535b9b 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -15,10 +15,11 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; +use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface; +use Symfony\Component\Security\Core\Exception\AccountStatusException; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\AccessDeniedException; -use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Exception\InsufficientAuthenticationException; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\HttpFoundation\Request; @@ -159,6 +160,12 @@ class ExceptionListener $this->setTargetPath($request); + if ($authException instanceof AccountStatusException && ($token = $this->context->getToken()) instanceof UsernamePasswordToken) { + // remove the security token to prevent infinite redirect loops + $this->context->setToken(null); + $request->getSession()->remove('_security_' . $token->getProviderKey()); + } + return $this->authenticationEntryPoint->start($request, $authException); } diff --git a/Http/Firewall/ListenerInterface.php b/Http/Firewall/ListenerInterface.php index 822f641..ccde86e 100644 --- a/Http/Firewall/ListenerInterface.php +++ b/Http/Firewall/ListenerInterface.php @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Http\Firewall; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\EventDispatcher\EventDispatcherInterface; /** * Interface that must be implemented by firewall listeners diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php index 06454a3..4bfa7e1 100644 --- a/Http/Firewall/LogoutListener.php +++ b/Http/Firewall/LogoutListener.php @@ -17,7 +17,6 @@ use Symfony\Component\Security\Http\Logout\LogoutHandlerInterface; use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\Security\Http\HttpUtils; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpKernel\Event\GetResponseEvent; /** @@ -57,6 +56,7 @@ class LogoutListener implements ListenerInterface * Adds a logout handler * * @param LogoutHandlerInterface $handler + * * @return void */ public function addHandler(LogoutHandlerInterface $handler) diff --git a/Http/Firewall/RememberMeListener.php b/Http/Firewall/RememberMeListener.php index 0b3bc78..5531012 100644 --- a/Http/Firewall/RememberMeListener.php +++ b/Http/Firewall/RememberMeListener.php @@ -2,15 +2,10 @@ namespace Symfony\Component\Security\Http\Firewall; -use Symfony\Component\HttpKernel\HttpKernelInterface; use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Event\FilterResponseEvent; -use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\Security\Core\SecurityContext; use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; diff --git a/Http/Firewall/SwitchUserListener.php b/Http/Firewall/SwitchUserListener.php index 8e45508..9780860 100644 --- a/Http/Firewall/SwitchUserListener.php +++ b/Http/Firewall/SwitchUserListener.php @@ -19,7 +19,6 @@ use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Exception\AuthenticationException; -use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Core\Role\SwitchUserRole; diff --git a/Http/FirewallMapInterface.php b/Http/FirewallMapInterface.php index 99bac06..0630a86 100644 --- a/Http/FirewallMapInterface.php +++ b/Http/FirewallMapInterface.php @@ -31,6 +31,7 @@ interface FirewallMapInterface * must be null. * * @param Request $request + * * @return array of the format array(array(AuthenticationListener), ExceptionListener) */ function getListeners(Request $request); diff --git a/Http/HttpUtils.php b/Http/HttpUtils.php index a26b1bd..cac130e 100644 --- a/Http/HttpUtils.php +++ b/Http/HttpUtils.php @@ -16,6 +16,8 @@ use Symfony\Component\Security\Core\SecurityContextInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\Routing\RouterInterface; +use Symfony\Component\Routing\Exception\MethodNotAllowedException; +use Symfony\Component\Routing\Exception\ResourceNotFoundException; /** * Encapsulates the logic needed to create sub-requests, redirect the user, and match URLs. @@ -97,7 +99,7 @@ class HttpUtils * Checks that a given path matches the Request. * * @param Request $request A Request instance - * @param string $path A path (an absolute path (/foo), an absolute URL (http://...), or a route name (foo)) + * @param string $path A path (an absolute path (/foo) or a route name (foo)) * * @return Boolean true if the path is the same as the one from the Request, false otherwise */ @@ -108,7 +110,9 @@ class HttpUtils $parameters = $this->router->match($request->getPathInfo()); return $path === $parameters['_route']; - } catch (\Exception $e) { + } catch (MethodNotAllowedException $e) { + return false; + } catch (ResourceNotFoundException $e) { return false; } } diff --git a/Http/Logout/CookieClearingLogoutHandler.php b/Http/Logout/CookieClearingLogoutHandler.php index 65b45f2..ddb24e3 100644 --- a/Http/Logout/CookieClearingLogoutHandler.php +++ b/Http/Logout/CookieClearingLogoutHandler.php @@ -25,7 +25,8 @@ class CookieClearingLogoutHandler implements LogoutHandlerInterface private $cookies; /** - * Constructor + * Constructor. + * * @param array $cookies An array of cookie names to unset */ public function __construct(array $cookies) @@ -39,6 +40,7 @@ class CookieClearingLogoutHandler implements LogoutHandlerInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ public function logout(Request $request, Response $response, TokenInterface $token) diff --git a/Http/Logout/LogoutHandlerInterface.php b/Http/Logout/LogoutHandlerInterface.php index 6d5c519..079cc00 100644 --- a/Http/Logout/LogoutHandlerInterface.php +++ b/Http/Logout/LogoutHandlerInterface.php @@ -30,6 +30,7 @@ interface LogoutHandlerInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ function logout(Request $request, Response $response, TokenInterface $token); diff --git a/Http/Logout/LogoutSuccessHandlerInterface.php b/Http/Logout/LogoutSuccessHandlerInterface.php index 5592771..5c6c2b6 100644 --- a/Http/Logout/LogoutSuccessHandlerInterface.php +++ b/Http/Logout/LogoutSuccessHandlerInterface.php @@ -12,7 +12,6 @@ namespace Symfony\Component\Security\Http\Logout; use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\HttpKernel\Event\GetResponseEvent; /** * LogoutSuccesshandlerInterface. @@ -31,6 +30,7 @@ interface LogoutSuccessHandlerInterface * Creates a Response object to send upon a successful logout. * * @param Request $request + * * @return Response never null */ function onLogoutSuccess(Request $request); diff --git a/Http/Logout/SessionLogoutHandler.php b/Http/Logout/SessionLogoutHandler.php index 9fd49d1..0a7e5cd 100644 --- a/Http/Logout/SessionLogoutHandler.php +++ b/Http/Logout/SessionLogoutHandler.php @@ -28,6 +28,7 @@ class SessionLogoutHandler implements LogoutHandlerInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ public function logout(Request $request, Response $response, TokenInterface $token) diff --git a/Http/RememberMe/AbstractRememberMeServices.php b/Http/RememberMe/AbstractRememberMeServices.php index 2118a86..94f8830 100644 --- a/Http/RememberMe/AbstractRememberMeServices.php +++ b/Http/RememberMe/AbstractRememberMeServices.php @@ -10,8 +10,6 @@ use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\Exception\CookieTheftException; -use Symfony\Component\Security\Core\User\UserProviderInterface; -use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Cookie; @@ -90,6 +88,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * cookie was set, decodes it, and hands it to subclasses for further processing. * * @param Request $request + * * @return TokenInterface */ public final function autoLogin(Request $request) @@ -145,6 +144,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ public function logout(Request $request, Response $response, TokenInterface $token) @@ -157,6 +157,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * an attempted authentication fails. * * @param Request $request + * * @return void */ public final function loginFail(Request $request) @@ -172,13 +173,14 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * @param Request $request * @param Response $response * @param TokenInterface $token The token that resulted in a successful authentication + * * @return void */ public final function loginSuccess(Request $request, Response $response, TokenInterface $token) { if (!$token->getUser() instanceof UserInterface) { if (null !== $this->logger) { - $this->logger->debug('Remember-me ignores token since it does not contain an UserInterface implementation.'); + $this->logger->debug('Remember-me ignores token since it does not contain a UserInterface implementation.'); } return; @@ -205,6 +207,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * * @param array $cookieParts * @param Request $request + * * @return TokenInterface */ abstract protected function processAutoLoginCookie(array $cookieParts, Request $request); @@ -221,6 +224,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ abstract protected function onLoginSuccess(Request $request, Response $response, TokenInterface $token); @@ -240,6 +244,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Decodes the raw cookie value * * @param string $rawCookie + * * @return array */ protected function decodeCookie($rawCookie) @@ -251,6 +256,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Encodes the cookie parts * * @param array $cookieParts + * * @return string */ protected function encodeCookie(array $cookieParts) @@ -262,6 +268,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Deletes the remember-me cookie * * @param Request $request + * * @return void */ protected function cancelCookie(Request $request) @@ -277,6 +284,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface * Checks whether remember-me capabilities where requested * * @param Request $request + * * @return Boolean */ protected function isRememberMeRequested(Request $request) diff --git a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php index eb622a4..e9d22ba 100644 --- a/Http/RememberMe/PersistentTokenBasedRememberMeServices.php +++ b/Http/RememberMe/PersistentTokenBasedRememberMeServices.php @@ -10,7 +10,6 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\CookieTheftException; use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; -use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken; /* * This file is part of the Symfony package. @@ -36,6 +35,7 @@ class PersistentTokenBasedRememberMeServices extends AbstractRememberMeServices * Sets the token provider * * @param TokenProviderInterface $tokenProvider + * * @return void */ public function setTokenProvider(TokenProviderInterface $tokenProvider) diff --git a/Http/RememberMe/RememberMeServicesInterface.php b/Http/RememberMe/RememberMeServicesInterface.php index c6b0ada..b824538 100644 --- a/Http/RememberMe/RememberMeServicesInterface.php +++ b/Http/RememberMe/RememberMeServicesInterface.php @@ -48,6 +48,7 @@ interface RememberMeServicesInterface * result in a call to loginFail() and therefore an invalidation of the cookie. * * @param Request $request + * * @return TokenInterface */ function autoLogin(Request $request); @@ -59,6 +60,7 @@ interface RememberMeServicesInterface * This method needs to take care of invalidating the cookie. * * @param Request $request + * * @return void */ function loginFail(Request $request); @@ -77,6 +79,7 @@ interface RememberMeServicesInterface * @param Request $request * @param Response $response * @param TokenInterface $token + * * @return void */ function loginSuccess(Request $request, Response $response, TokenInterface $token); diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php index 0fd5c41..44140f7 100644 --- a/Http/RememberMe/TokenBasedRememberMeServices.php +++ b/Http/RememberMe/TokenBasedRememberMeServices.php @@ -6,7 +6,6 @@ use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; -use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\User\UserInterface; @@ -141,7 +140,9 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices * @param string $username The username * @param integer $expires The unixtime when the cookie expires * @param string $password The encoded password + * * @throws \RuntimeException when the private key is empty + * * @return string */ protected function generateCookieHash($class, $username, $expires, $password) |