summaryrefslogtreecommitdiffstats
path: root/Guard
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch '3.2'Fabien Potencier2017-01-021-1/+1
|\ | | | | | | | | | | | | | | | | * 3.2: updated LICENSE year updated LICENSE year updated LICENSE year Fixed `@return self` with `$this` [Yaml] add missing indicator character
| * Merge branch '3.1' into 3.2v3.2.2origin/3.2Fabien Potencier2017-01-021-1/+1
| |\ | | | | | | | | | | | | | | | | | | * 3.1: updated LICENSE year updated LICENSE year Fixed `@return self` with `$this`
| | * Merge branch '2.8' into 3.1v3.1.9Fabien Potencier2017-01-021-1/+1
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: updated LICENSE year updated LICENSE year Fixed `@return self` with `$this`
| | | * updated LICENSE yearv2.8.16origin/2.8Fabien Potencier2017-01-021-1/+1
| | | |
* | | | Merge branch '3.2'Fabien Potencier2016-12-193-25/+25
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.2: fixed obsolete getMock() usage fixed obsolete getMock() usage fixed obsolete getMock() usage fixed obsolete getMock() usage [WebProfilerBundle] Display multiple HTTP headers in WDT do not remove the Twig ExceptionController service removed obsolete condition do not try to register incomplete definitions
| * | | Merge branch '3.1' into 3.2Fabien Potencier2016-12-193-25/+25
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.1: fixed obsolete getMock() usage fixed obsolete getMock() usage fixed obsolete getMock() usage [WebProfilerBundle] Display multiple HTTP headers in WDT do not remove the Twig ExceptionController service removed obsolete condition do not try to register incomplete definitions
| | * | Merge branch '2.8' into 3.1Fabien Potencier2016-12-193-25/+25
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: fixed obsolete getMock() usage fixed obsolete getMock() usage [WebProfilerBundle] Display multiple HTTP headers in WDT do not remove the Twig ExceptionController service removed obsolete condition do not try to register incomplete definitions
| | | * fixed obsolete getMock() usageFabien Potencier2016-12-193-25/+25
| | | |
* | | | Merge branch '3.2'Nicolas Grekas2016-12-081-1/+1
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.2: (51 commits) [FrameworkBundle] [Workflow] Fix service marking store configuration Fix merge [Validator] add class name to the cache key [Serializer] Remove AbstractObjectNormalizer::isAttributeToNormalize Throw less misleading exception when property access not found [Twig] Fix deprecations with Twig 1.29 [FrameworkBundle] Fix validation cache warmer with failing or missing classes Fixed typo [FrameworkBundle] Removed the kernel.debug parameter from the cache pool namespace seed Fix email address fix the docblock in regard to the role argument [Bridge\Twig] Trigger deprecation when using FormExtension::$renderer Don't use the "app" global variable in the profiler [VarDumper] fix tests when xdebug is enabled Fix merge FIXED NON EXISTING TYPE DECLARATION [Form] Add failing test for data collector bug [Cache] Fix dumping SplDoublyLinkedList iter mode [Form] Fix FormDataCollector Ignore missing 'debug.file_link_formatter' service in Debug and Twig bundles ...
| * | | Merge branch '3.1' into 3.2v3.2.1Nicolas Grekas2016-12-081-1/+1
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.1: (28 commits) Fix merge [Validator] add class name to the cache key [Serializer] Remove AbstractObjectNormalizer::isAttributeToNormalize Throw less misleading exception when property access not found [Twig] Fix deprecations with Twig 1.29 Fixed typo [FrameworkBundle] Removed the kernel.debug parameter from the cache pool namespace seed Fix email address fix the docblock in regard to the role argument Don't use the "app" global variable in the profiler [VarDumper] fix tests when xdebug is enabled Fix merge FIXED NON EXISTING TYPE DECLARATION [Cache] Fix dumping SplDoublyLinkedList iter mode [Console] fixed PHP7 Errors when not using Dispatcher Regression test for missing controller arguments (3.1) Regression test for missing controller arguments fix a test checking for a value [Form][DX] FileType "multiple" fixes fixed CS ...
| | * | Merge branch '2.8' into 3.1v3.1.8Nicolas Grekas2016-12-081-1/+1
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [Twig] Fix deprecations with Twig 1.29 Fixed typo Fix email address fix the docblock in regard to the role argument [VarDumper] fix tests when xdebug is enabled Fix merge [Cache] Fix dumping SplDoublyLinkedList iter mode [Console] fixed PHP7 Errors when not using Dispatcher Regression test for missing controller arguments fix a test checking for a value [Form][DX] FileType "multiple" fixes fixed CS [TwigBundle] Fix twig loader registered twice [WebProfilerBundle] Fix dump block is unfairly restrained [Console] Fix wrong handling of multiline arg/opt descriptions [DependencyInjection] PhpDumper.php: hasReference() should not search references in lazy service arguments. [Form] fixed "empty_value" option deprecation Cast result to int before adding to it
| | | * Fix email addressVictor Bocharsky2016-12-071-1/+1
| | | |
* | | | [Security] deprecate the RoleInterfaceChristian Flothmann2016-12-071-4/+4
| | | |
* | | | updated version to 3.3Fabien Potencier2016-11-191-1/+1
|/ / /
* | | erge branch '3.1'Nicolas Grekas2016-11-031-2/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.1: Remove trailing space CS fixes Remove trailing space CS: apply rules [Yaml] Clean some messages + add test case [Console] simplified code [Form] Fix UrlType transforms valid protocols [SecurityBundle] Changed encoder configuration example to bcrypt
| * | Merge branch '2.8' into 3.1Nicolas Grekas2016-11-031-2/+2
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: CS fixes Remove trailing space CS: apply rules [Yaml] Clean some messages + add test case [Console] simplified code [Form] Fix UrlType transforms valid protocols [SecurityBundle] Changed encoder configuration example to bcrypt
| | * Merge branch '2.7' into 2.8Nicolas Grekas2016-11-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: CS fixes Remove trailing space CS: apply rules [Yaml] Clean some messages + add test case [Form] Fix UrlType transforms valid protocols [SecurityBundle] Changed encoder configuration example to bcrypt
* | | Merge branch '3.1'Nicolas Grekas2016-07-013-68/+233
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.1: (22 commits) [travis] Fix deps=low/high builds [Form] Fix depreciation triggers fixed CS skip test with current phpunit bridge Fix for #19183 to add support for new PHP MongoDB extension in sessions. [Console] Fix for block() padding formatting after #19189 [Security][Guard] check if session exist before using it bumped Symfony version to 3.1.3 updated VERSION for 3.1.2 updated CHANGELOG for 3.1.2 bumped Symfony version to 3.0.9 updated VERSION for 3.0.8 updated CHANGELOG for 3.0.8 bumped Symfony version to 2.8.9 updated VERSION for 2.8.8 updated CHANGELOG for 2.8.8 bumped Symfony version to 2.7.16 updated VERSION for 2.7.15 update CONTRIBUTORS for 2.7.15 updated CHANGELOG for 2.7.15 ... Conflicts: src/Symfony/Component/HttpKernel/Kernel.php
| * | Merge branch '3.0' into 3.1Nicolas Grekas2016-07-013-68/+233
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.0: [travis] Fix deps=low/high builds fixed CS skip test with current phpunit bridge Fix for #19183 to add support for new PHP MongoDB extension in sessions. [Console] Fix for block() padding formatting after #19189 [Security][Guard] check if session exist before using it bumped Symfony version to 3.0.9 updated VERSION for 3.0.8 updated CHANGELOG for 3.0.8 bumped Symfony version to 2.8.9 updated VERSION for 2.8.8 updated CHANGELOG for 2.8.8 bumped Symfony version to 2.7.16 updated VERSION for 2.7.15 update CONTRIBUTORS for 2.7.15 updated CHANGELOG for 2.7.15 Fix some lowest deps Fixed typos in the expectedException annotations Conflicts: src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
| | * \ Merge branch '2.8' into 3.0Nicolas Grekas2016-07-012-2/+222
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [travis] Fix deps=low/high builds fixed CS skip test with current phpunit bridge Fix for #19183 to add support for new PHP MongoDB extension in sessions. [Console] Fix for block() padding formatting after #19189 [Security][Guard] check if session exist before using it bumped Symfony version to 2.8.9 updated VERSION for 2.8.8 updated CHANGELOG for 2.8.8 bumped Symfony version to 2.7.16 updated VERSION for 2.7.15 update CONTRIBUTORS for 2.7.15 updated CHANGELOG for 2.7.15 Fix some lowest deps Fixed typos in the expectedException annotations Conflicts: CHANGELOG-2.7.md CHANGELOG-3.0.md src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/composer.json src/Symfony/Component/Yaml/Tests/ParserTest.php
| | | * [Security][Guard] check if session exist before using itJean Pasdeloup2016-06-302-2/+222
| | | |
* | | | Merge branch '3.1'Fabien Potencier2016-06-281-5/+9
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.1: [CS] Respect PSR2 4.2 [Form] fix `empty_data` option in expanded `ChoiceType` [Console] removed unneeded private methods updated Http-Kernel dependency [Security] [Guard] Improve comment with working example sync min email validator version [TwigBridge] Fix inconsistency in LintCommand help explicitly forbid e-mail validator 2.0 or higher Fixed SymfonyQuestionHelper multi-choice with defaults [DoctrineBridge] Don't use object IDs in DoctrineChoiceLoader when passing a value closure Differentiate between the first time a progress bar is displayed and subsequent times finished previous commit No more exception for malformed input name fix post_max_size_message translation [Process] Fix pipes cleaning on Windows Avoid phpunit 5.4 warnings on getMock [Form] Add exception to FormRenderer about non-unique block names [FrameworkBundle] templating can be fully disabled [Form] Consider a violation even if the form is not submitted
| * | | Merge branch '3.0' into 3.1Fabien Potencier2016-06-281-5/+9
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.0: [CS] Respect PSR2 4.2 [Form] fix `empty_data` option in expanded `ChoiceType` [Console] removed unneeded private methods [Security] [Guard] Improve comment with working example sync min email validator version [TwigBridge] Fix inconsistency in LintCommand help explicitly forbid e-mail validator 2.0 or higher Fixed SymfonyQuestionHelper multi-choice with defaults [DoctrineBridge] Don't use object IDs in DoctrineChoiceLoader when passing a value closure Differentiate between the first time a progress bar is displayed and subsequent times finished previous commit No more exception for malformed input name fix post_max_size_message translation [Process] Fix pipes cleaning on Windows Avoid phpunit 5.4 warnings on getMock [Form] Add exception to FormRenderer about non-unique block names [Form] Consider a violation even if the form is not submitted
| | * | Merge branch '2.8' into 3.0Fabien Potencier2016-06-281-5/+9
| | |\ \ | | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [CS] Respect PSR2 4.2 [Form] fix `empty_data` option in expanded `ChoiceType` [Console] removed unneeded private methods [Security] [Guard] Improve comment with working example sync min email validator version [TwigBridge] Fix inconsistency in LintCommand help explicitly forbid e-mail validator 2.0 or higher Fixed SymfonyQuestionHelper multi-choice with defaults [DoctrineBridge] Don't use object IDs in DoctrineChoiceLoader when passing a value closure Differentiate between the first time a progress bar is displayed and subsequent times finished previous commit No more exception for malformed input name fix post_max_size_message translation [Process] Fix pipes cleaning on Windows Avoid phpunit 5.4 warnings on getMock [Form] Add exception to FormRenderer about non-unique block names [Form] Consider a violation even if the form is not submitted
| | | * [Security] [Guard] Improve comment with working exampleJean Pasdeloup2016-06-231-5/+9
| | | |
* | | | updated version to 3.2Fabien Potencier2016-05-131-1/+1
|/ / /
* | | [Security] Deprecate onAuthenticationSuccess()Ryan Weaver2016-03-312-11/+71
| | |
* | | [Guard] fix minimum required Seucirty Http versionChristian Flothmann2016-03-251-1/+1
| | |
* | | Merge branch '3.0'Nicolas Grekas2016-03-101-12/+5
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * 3.0: [ci] use hirak/prestissimo [Filesystem] Fix transient tests [WebProfiler] Sidebar button padding Updated some missing READMEs [HttpFoundation] Avoid warnings when checking malicious IPs [HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
| * | Merge branch '2.8' into 3.0Nicolas Grekas2016-03-101-12/+5
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [ci] use hirak/prestissimo [Filesystem] Fix transient tests [WebProfiler] Sidebar button padding Updated some missing READMEs [HttpFoundation] Avoid warnings when checking malicious IPs [HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied Conflicts: appveyor.yml src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php
| | * Updated some missing READMEsv2.8.4Javier Eguiluz2016-03-101-12/+5
| | |
* | | Adding new TargetPathTrait to get/set the authentication "target_path"Ryan Weaver2016-03-021-1/+4
| | |
* | | Merge branch '3.0'Fabien Potencier2016-01-211-1/+0
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 3.0: fixed CS fixed CS fixed CS fixed test fixed CS Remove default match from AbstractConfigCommand::findExtension Remove unused imports [FrameworkBundle][Validator] Fix apc cache service deprecation
| * | Remove unused importsKonstantin.Myakshin2016-01-211-1/+0
| | |
* | | minor #17166 Add placeholders into log messages (hason)Fabien Potencier2016-01-141-1/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 3.1-dev branch. Discussion ---------- Add placeholders into log messages | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #15753 | License | MIT | Doc PR | Commits ------- c92fcdb Added placeholders to all log messages instead of hardcoded values
| * | | Added placeholders to all log messages instead of hardcoded valuesMartin Hasoň2015-12-291-1/+1
| | | |
* | | | Merge branch '3.0'Fabien Potencier2016-01-031-1/+1
|\ \ \ \ | |/ / / |/| / / | |/ / | | | | | | | | | | | | * 3.0: updated copyright year updated copyright year Update copyright year [2.3] Static Code Analysis for Components
| * | Merge branch '2.8' into 3.0Fabien Potencier2016-01-031-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | * 2.8: updated copyright year updated copyright year Update copyright year [2.3] Static Code Analysis for Components
| | * updated copyright yearFabien Potencier2016-01-031-1/+1
| | |
* | | Merge branch '3.0'Tobias Schultze2015-12-151-0/+2
|\ \ \ | |/ /
| * | Merge branch '2.8' into 3.0Tobias Schultze2015-12-151-0/+2
| |\ \ | | |/
| | * Added @return to checkCredentials()Alexander M. Turek2015-12-101-0/+2
| | |
* | | updated version to 3.1Fabien Potencier2015-11-301-1/+1
|/ /
* | Merge branch '2.8'Nicolas Grekas2015-11-181-1/+2
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: Fix undefined array $server Fix call to undefined function json_last_error_message Fix bug in windows detection [ProxyManager] Tmp fix composer reqs issue in ZF Fix PropertyInfo extractor namespace in framework bundle Add missing exclusions from phpunit.xml.dist [Serializer] ObjectNormalizer: don't serialize static methods and props [Form] Enhance some FormRegistry deprecation messages [Validator] [sl] BIC (SWIFT-BIC) validation constraint [WebProfilerBundle] correct typo in show stack trace link bumped Symfony version to 2.8.0 updated VERSION for 2.8.0-BETA1 updated CHANGELOG for 2.8.0-BETA1 Fix the server variables in the router_*.php files [Validator] Allow an empty path with a non empty fragment or a query The following change adds support for Armenian pluralization. [2.3][Process] fix Proccess run with pts enabled Conflicts: src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Compiler/FormPass.php src/Symfony/Component/Form/FormRegistry.php
| * Merge branch '2.7' into 2.8Nicolas Grekas2015-11-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: Fix undefined array $server Fix bug in windows detection [ProxyManager] Tmp fix composer reqs issue in ZF Add missing exclusions from phpunit.xml.dist [Serializer] ObjectNormalizer: don't serialize static methods and props Fix the server variables in the router_*.php files [Validator] Allow an empty path with a non empty fragment or a query The following change adds support for Armenian pluralization. [2.3][Process] fix Proccess run with pts enabled Conflicts: composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Component/Security/phpunit.xml.dist
* | Merge branch '2.8'Nicolas Grekas2015-11-041-1/+3
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: asset test coverage [HttpKernel] PostResponseEvent should extend the KernelEvent [travis] session.gc_probability=0 to fix transient tests on hhvm Write the log message on a single line againn [DI] Deprecate ContainerAware in favor of ContainerAwareTrait [VarDumper] Deprecate VarDumperTestCase in favor of the trait Check whether $this->logger is not null on GuardAuthenticationListener [Console] Add progress indicator helper Conflicts: .travis.yml
| * Write the log message on a single line againnDiego Agulló2015-11-031-4/+1
| |
| * Check whether $this->logger is not null on GuardAuthenticationListenerDiego Agulló2015-11-011-1/+6
| |
* | Merge branch '2.8'Fabien Potencier2015-11-023-3/+45
|\ \ | |/ | | | | | | | | | | | | | | * 2.8: removed @covers annotations in tests removed @covers annotations in tests removed all @covers annotations checkCredentials() force it to be an affirmative yes! [PropertyAccess] Major performance improvement
| * feature #16395 checkCredentials() force it to be an affirmative yes! ↵Fabien Potencier2015-10-313-3/+45
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (weaverryan) This PR was squashed before being merged into the 2.8 branch (closes #16395). Discussion ---------- checkCredentials() force it to be an affirmative yes! | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no (because 2.8 isn't released) | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a This changes `GuardAuthenticatorInterface::checkCredentials()`: you now *must* return true in order for authentication to pass. Before: You could do nothing (i.e. return null) and authentication would pass. You threw an AuthenticationException to cause a failure. New: You *must* return `true` for authentication to pass. If you do nothing, we will throw a `BadCredentialsException` on your behalf. You can still throw your own exception. This was a suggestion at symfony_live to make things more secure. I think it makes sense. Commits ------- 14acadd checkCredentials() force it to be an affirmative yes!
| | * checkCredentials() force it to be an affirmative yes!Ryan Weaver2015-10-313-3/+45
| | |
* | | Merge branch '2.8'Fabien Potencier2015-10-301-1/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: added the new Composer exclude-from-classmap option added the new Composer exclude-from-classmap option fix docblock description for the build() method fix expected argument type docblock Set back libxml settings after testings. fixed Twig deprecation notices
| * | Merge branch '2.7' into 2.8Fabien Potencier2015-10-301-1/+4
| |/ | | | | | | | | | | | | | | | | * 2.7: added the new Composer exclude-from-classmap option added the new Composer exclude-from-classmap option fix expected argument type docblock Set back libxml settings after testings. fixed Twig deprecation notices
* | remove polyfills for unsupported php versionsTobias Schultze2015-10-291-1/+1
| |
* | Merge branch '2.8'Nicolas Grekas2015-10-111-4/+0
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: [PhpUnit] Auto-register SymfonyTestsListener [phpunit] Upgrade when a change is detected and when install subcommand is used [Filesystem] Fix test on Windows Fix merge [HttpFoundation] Extend ClockMock to session storage tests [Process] Don't use @requires on abstract class [VarDumper] Fix wordwrap with Bootstrap Fix the BC layer for the key->secret renaming for remember_me Fix potential access to undefined index Conflicts: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/LegacyPdoSessionHandlerTest.php src/Symfony/Component/Locale/phpunit.xml.dist
| * [PhpUnit] Auto-register SymfonyTestsListenerNicolas Grekas2015-10-111-4/+0
| |
* | Merge branch '2.8'Nicolas Grekas2015-10-102-1/+4
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: Fix merge [tests] Use @requires annotation when possible [tests] Use @requires annotation when possible [PhpUnitBridge] Add SkippedTestsListener to collect and replay skipped tests [ci] Enable collecting and replaying skipped tests [tests] Use @requires annotation when possible [Process] Workaround buggy PHP warning [FrameworkBundle] Replace PhpFileCache by FilesystemCache [FrameworkBundle] composer suggest fix [Console] Add additional ways to detect OS400 platform [Yaml] Allow tabs before comments at the end of a line Added more tests for PropertyAccess Conflicts: .travis.yml src/Symfony/Bridge/Doctrine/composer.json src/Symfony/Bridge/Monolog/composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Bridge/Swiftmailer/composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/DebugBundle/composer.json src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Bundle/TwigBundle/composer.json src/Symfony/Bundle/WebProfilerBundle/composer.json src/Symfony/Component/Asset/composer.json src/Symfony/Component/BrowserKit/composer.json src/Symfony/Component/ClassLoader/Tests/ApcClassLoaderTest.php src/Symfony/Component/ClassLoader/composer.json src/Symfony/Component/Config/composer.json src/Symfony/Component/Console/Tests/Helper/LegacyProgressHelperTest.php src/Symfony/Component/Console/Tests/Helper/LegacyTableHelperTest.php src/Symfony/Component/Console/composer.json src/Symfony/Component/CssSelector/composer.json src/Symfony/Component/Debug/composer.json src/Symfony/Component/DependencyInjection/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/composer.json src/Symfony/Component/ExpressionLanguage/composer.json src/Symfony/Component/Filesystem/composer.json src/Symfony/Component/Finder/composer.json src/Symfony/Component/Form/Tests/Extension/Csrf/CsrfProvider/LegacyDefaultCsrfProviderTest.php src/Symfony/Component/Form/composer.json src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/LegacyPdoSessionHandlerTest.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/PhpBridgeSessionStorageTest.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Proxy/AbstractProxyTest.php src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/HttpKernel/Tests/Profiler/MongoDbProfilerStorageTest.php src/Symfony/Component/HttpKernel/Tests/Profiler/SqliteProfilerStorageTest.php src/Symfony/Component/HttpKernel/composer.json src/Symfony/Component/Intl/Tests/Data/Bundle/Writer/PhpBundleWriterTest.php src/Symfony/Component/Intl/Tests/DateFormatter/AbstractIntlDateFormatterTest.php src/Symfony/Component/Intl/composer.json src/Symfony/Component/Ldap/composer.json src/Symfony/Component/Locale/composer.json src/Symfony/Component/Locale/phpunit.xml.dist src/Symfony/Component/OptionsResolver/composer.json src/Symfony/Component/Process/composer.json src/Symfony/Component/PropertyAccess/composer.json src/Symfony/Component/PropertyInfo/composer.json src/Symfony/Component/Routing/composer.json src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/Csrf/composer.json src/Symfony/Component/Security/Guard/composer.json src/Symfony/Component/Security/Http/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Stopwatch/composer.json src/Symfony/Component/Templating/composer.json src/Symfony/Component/Translation/composer.json src/Symfony/Component/Validator/Tests/Mapping/Cache/LegacyApcCacheTest.php src/Symfony/Component/Validator/composer.json src/Symfony/Component/VarDumper/composer.json src/Symfony/Component/Yaml/composer.json
| * Merge branch '2.7' into 2.8Nicolas Grekas2015-10-102-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [tests] Use @requires annotation when possible [tests] Use @requires annotation when possible [ci] Enable collecting and replaying skipped tests [Process] Workaround buggy PHP warning [Console] Add additional ways to detect OS400 platform [Yaml] Allow tabs before comments at the end of a line Added more tests for PropertyAccess Conflicts: .travis.yml src/Symfony/Bridge/Doctrine/composer.json src/Symfony/Bridge/Monolog/composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Bridge/Swiftmailer/composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/DebugBundle/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Bundle/TwigBundle/composer.json src/Symfony/Bundle/WebProfilerBundle/composer.json src/Symfony/Component/Asset/composer.json src/Symfony/Component/BrowserKit/composer.json src/Symfony/Component/ClassLoader/composer.json src/Symfony/Component/Config/composer.json src/Symfony/Component/Console/composer.json src/Symfony/Component/CssSelector/composer.json src/Symfony/Component/Debug/composer.json src/Symfony/Component/DependencyInjection/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/composer.json src/Symfony/Component/ExpressionLanguage/composer.json src/Symfony/Component/Filesystem/composer.json src/Symfony/Component/Finder/composer.json src/Symfony/Component/Form/composer.json src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/HttpKernel/composer.json src/Symfony/Component/Intl/composer.json src/Symfony/Component/Locale/composer.json src/Symfony/Component/OptionsResolver/composer.json src/Symfony/Component/Process/composer.json src/Symfony/Component/PropertyAccess/composer.json src/Symfony/Component/Routing/composer.json src/Symfony/Component/Security/Acl/composer.json src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/Csrf/composer.json src/Symfony/Component/Security/Http/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Stopwatch/composer.json src/Symfony/Component/Templating/composer.json src/Symfony/Component/Translation/Tests/Dumper/IcuResFileDumperTest.php src/Symfony/Component/Translation/composer.json src/Symfony/Component/Validator/composer.json src/Symfony/Component/VarDumper/composer.json src/Symfony/Component/Yaml/composer.json
* | Merge branch '2.8'Fabien Potencier2015-09-273-9/+51
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.8: (28 commits) Detect Mintty for color support on Windows Detect Mintty for color support on Windows [WebProfilerBundle] Fix search button click listener [Form][Type Date/Time] added choice_translation_domain option. Massively simplifying the BC and deprecated-throwing code thanks to suggestions by stof in #15870 Making all "debug" messages use the debug router Making GuardTokenInterface extend TokenInterface Updating behavior to not continue after an authenticator has set the response Add a group for tests of the finder against the FTP server Fix trigger_error calls Fix legacy security tests tweaking message related to configuration edge case that we want to be helpful with Minor tweaks - lowering the required security-http requirement and nulling out a test field Fix license headers Fix license headers Fix license headers Ensure the ClockMock is loaded before using it in the testsuite Allow serializer 3.0 in the PropertyInfo component Add the replace rules for the security-guard component Forbid serializing a Crawler ...
| * bug #15925 Updating behavior to not continue after an authenticator has set ↵Fabien Potencier2015-09-272-8/+47
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the response (weaverryan) This PR was merged into the 2.8 branch. Discussion ---------- Updating behavior to not continue after an authenticator has set the response | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | https://github.com/symfony/symfony/pull/14673/files#r40492765 | License | MIT | Doc PR | n/a This mirrors the behavior in core: *if* a listener sets a response (on success or failure), then the other listeners are not called. But if a response is *not* set (which is sometimes the case for success, like in BasicAuthenticationListener), then the other listeners are called, and can even fail. It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best. Commits ------- 5fa2684 Making all "debug" messages use the debug router f403444 Updating behavior to not continue after an authenticator has set the response
| | * Making all "debug" messages use the debug routerRyan Weaver2015-09-261-8/+8
| | | | | | | | | | | | | | | Only the "auth success" and "auth failed" messages remain at info. That's consistent with AbstractAuthenticationListener
| | * Updating behavior to not continue after an authenticator has set the responseRyan Weaver2015-09-262-1/+40
| | | | | | | | | | | | | | | | | | | | | This mirrors the behavior in core: *if* a listener sets a response (on success or failure), then the other listeners are not called. But if a response is *not* set (which is sometimes the case for success, like in BasicAuthenticationListener), then the other listeners are called, and can even fail.
| * | bug #15927 Making GuardTokenInterface extend TokenInterface (weaverryan)Fabien Potencier2015-09-271-1/+3
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Making GuardTokenInterface extend TokenInterface | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #15884 | License | MIT | Doc PR | n/a See #15884 Commits ------- 7f04fbb Making GuardTokenInterface extend TokenInterface
| | * | Making GuardTokenInterface extend TokenInterfaceRyan Weaver2015-09-261-1/+3
| | |/ | | | | | | | | | | | | This makes some of our type-hints more honest: i.e. where we look for a GuardTokenInterface, but really also expect it to implement TokenInterface.
| * | Minor tweaks - lowering the required security-http requirement and nulling ↵Ryan Weaver2015-09-262-1/+2
| |/ | | | | | | out a test field
* | Update the branch alias for new components in their 3.0 branchChristophe Coevoet2015-09-261-4/+4
|/
* Adding the necessary files so that Guard can be its own installable componentRyan Weaver2015-09-235-0/+113
|
* Removing unnecessary overrideRyan Weaver2015-09-221-12/+0
|
* fabbotRyan Weaver2015-09-203-14/+12
|
* Adding a new exception and throwing it when the User changesRyan Weaver2015-09-202-4/+6
| | | | | | | | | | | This is quite technical. As you can see in the provider, the method is called sometimes when the User changes, and so the token becomes de-authenticated (e.g. someone else changes the password between requests). In practice, the user should be unauthenticated. Using the anonymous token did this, but throwing an AccountStatusException seems like a better idea. It needs to be an AccountStatusException because the ExceptionListener from the Firewall looks for exceptions of this class and logs the user out when they are found (because this is their purpose).
* Fixing a bug where having an authentication failure would log you out.Ryan Weaver2015-09-204-8/+55
| | | | | | | | | | This solution is a copy of what AbstractAuthenticationListener does. Scenario: 1) Login 2) Go back to the log in page 3) Put in a bad user/pass You *should* still be logged in after a failed attempt. This commit gives that behavior.
* Tweaks thanks to WouterRyan Weaver2015-09-202-6/+3
|
* Adding logging on this step and switching the order - not for any huge reasonRyan Weaver2015-09-201-3/+7
|
* Adding a base class to assist with form login authenticationRyan Weaver2015-09-201-0/+104
|
* Allowing for other authenticators to be checkedRyan Weaver2015-09-201-4/+2
| | | | | If you have 2 firewalls, 2 GuardAuthenticationProviders are still created, so we need to be able to run through both of them.
* meaningless author and license changesRyan Weaver2015-09-208-11/+83
|
* Thanks again fabbot!Ryan Weaver2015-09-201-4/+4
|
* A few more changes thanks to @iltarRyan Weaver2015-09-201-4/+4
|
* Splitting the getting of the user and checking credentials into two stepsRyan Weaver2015-09-203-12/+41
| | | | | | | This looks like a subjective change (one more method, but the method implementations are simpler), but it wasn't. The problem was that the UserChecker checkPreAuth should happen *after* we get the user, but *before* the credentials are checked, and that wasn't possible before this change. Now it is.
* Tweaking docblock on interface thanks to @iltarRyan Weaver2015-09-201-3/+4
|
* Adding periods at the end of exceptions, and changing one class name to ↵Ryan Weaver2015-09-204-8/+8
| | | | LogicException thanks to @iltar
* Updating interface method per suggestion - makes sense to me, Request is ↵Ryan Weaver2015-09-203-9/+9
| | | | redundant
* Thanks fabbot!Ryan Weaver2015-09-207-48/+59
|
* Adding an edge case - this should not happen anywaysRyan Weaver2015-09-202-1/+9
|
* Properly handles "post auth" tokens that have become not authenticatedRyan Weaver2015-09-202-0/+31
| | | | | | | | | | | | | Here is the flow: A) You login using guard and are given a PostAuthGuardToken B) Your user changes between requests - AbstractToken::setUser() and hasUserChanged() - which results in the Token becoming "not authenticated" C) Something calls out to the security system, which then passes the no-longer-authed token back into the AuthenticationProviderManager D) Because the PostauthGuardToken implements GuardTokenInterface, the provider responds to it. But, seeing that this is a no-longer-authed PostAuthGuardToken, it returns an AnonymousToken, which triggers logout
* Renaming the tokens to be clear they are "post" and "pre" auth - also adding ↵Ryan Weaver2015-09-208-30/+45
| | | | | | | | | | | | | an interface The reason is that the GuardAuthenticationProvider *must* respond to *all* tokens created by the system - both "pre auth" and "post auth" tokens. The reason is that if a "post auth" token becomes not authenticated (e.g. because the user changes between requests), then it may be passed to the provider system. If no providers respond (which was the case before this commit), then AuthenticationProviderManager throws an exception. The next commit will properly handle these "post auth" + "no-longer-authenticated" tokens, which should cause a log out.
* Initial commit (but after some polished work) of the new Guard ↵Ryan Weaver2015-09-2010-0/+1124
authentication system
generated by cgit v1.1 at 2025-05-10 21:44:20 +0000