8000 feature #57692 [SecurityBundle] Link to the profile the token was (de… · symfony/symfony@2da6a13 · GitHub
[go: up one dir, main page]
Skip to content

Commit 2da6a13

Browse files
fabpotfabpot
committed
feature #57692 [SecurityBundle] Link to the profile the token was (de)authenticated (MatTheCat)
This PR was merged into the 7.2 branch. Discussion ---------- [SecurityBundle] Link to the profile the token was (de)authenticated | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | no | New feature? | yes | Deprecations? | no | Issues | Part of #36668 | License | MIT When using a stateful firewall, this PR allows an easy access to the profile of the request where a user was - authenticated: ![](https://github.com/symfony/symfony/assets/1898254/a3342407-2d2d-44ca-b271-ce35834297d4) - de-authenticated: ![](https://github.com/symfony/symfony/assets/1898254/a279ba0f-3634-40ce-8d81-d2009729485b) Commits ------- e3bd133 [SecurityBundle] Link to the profile the token was (de)authenticated
2 parents 402d8b7 + e3bd133 commit 2da6a13

File tree

2 files changed

+52
-1
lines changed

2 files changed

+52
-1
lines changed

src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313

1414
use Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener;
1515
use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
16+
use Symfony\Component\HttpFoundation\Cookie;
1617
use Symfony\Component\HttpFoundation\Request;
1718
use Symfony\Component\HttpFoundation\Response;
1819
use Symfony\Component\HttpKernel\DataCollector\DataCollector;
@@ -195,6 +196,27 @@ public function collect(Request $request, Response $response, ?\Throwable $excep
195196
}
196197

197198
$this->data['authenticators'] = $this->firewall ? $this->firewall->getAuthenticatorsInfo() : [];
199+
200+
if ($this->data['listeners'] && !($this->data['firewall']['stateless'] ?? true)) {
201+
$authCookieName = "{$this->data['firewall']['name']}_auth_profile_token";
202+
$deauthCookieName = "{$this->data['firewall']['name']}_deauth_profile_token";
203+
$profileToken = $response->headers->get('X-Debug-Token');
204+
205+
$this->data['auth_profile_token'] = $request->cookies->get($authCookieName);
206+
$this->data['deauth_profile_token'] = $request->cookies->get($deauthCookieName);
207+
208+
if ($this->data['authenticated'] && !$this->data['auth_profile_token']) {
209+
$response->headers->setCookie(new Cookie($authCookieName, $profileToken));
210+
211+
$this->data['deauth_profile_token'] = null;
212+
$response->headers->clearCookie($deauthCookieName);
213+
} elseif(!$this->data['authenticated'] && !$this->data['deauth_profile_token']) {
214+
$response->headers->setCookie(new Cookie($deauthCookieName, $profileToken));
215+
216+
$this->data['auth_profile_token'] = null;
217+
$response->headers->clearCookie($authCookieName);
218+
}
219+
}
198220
}
199221

200222
public function reset(): void
@@ -339,6 +361,16 @@ public function getAuthenticators(): array|Data
339361
return $this->data['authenticators'];
340362
}
341363

364+
public function getAuthProfileToken(): string|Data|null
365+
{
366+
return $this->data['auth_profile_token'] ?? null;
367+
}
368+
369+
public function getDeauthProfileToken(): string|Data|null
370+
{
371+
return $this->data['deauth_profile_token'] ?? null;
372+
}
373+
342374
public function getName(): string
343375
{
344376
return 'security';

src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -181,6 +181,17 @@
181181
<span class="value">{{ source('@WebProfiler/Icon/' ~ (collector.authenticated ? 'yes' : 'no') ~ '.svg') }}</span>
182182
<span class="label">Authenticated</span>
183183
</div>
184+
185+
{% if collector.authProfileToken %}
186+
<div class="metric">
187+
<span class="value">
188+
<a href="{{ path('_profiler', {token: collector.authProfileToken, panel: 'security'}) }}">
189+
{{- collector.authProfileToken -}}
190+
</a>
191+
</span>
192+
<span class="label">From</span>
193+
</div>
194+
{% endif %}
184195
</div>
185196

186197
<table>
@@ -219,7 +230,15 @@
219230
</table>
220231
{% elseif collector.enabled %}
221232
<div class="empty">
222-
<p>There is no security token.</p>
233+
<p>
234+
There is no security token.
235+
{% if collector.deauthProfileToken %}
236+
It was removed in
237+
<a href="{{ path('_profiler', {token: collector.deauthProfileToken, panel: 'security'}) }}">
238+
{{- collector.deauthProfileToken -}}
239+
</a>.
240+
{% endif %}
241+
</p>
223242
</div>
224243
{% endif %}
225244
</div>

0 commit comments

Comments
 (0)
0