symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SwitchUserTest.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/SwitchUserTest.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/JsonLogin/switchuser_stateless.yml
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/JsonLogin/switchuser_stateless.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
Lines changed: 8 additions & 8 deletions b/‎src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
Lines changed: 8 additions & 8 deletions
@@ -54,7 +54,7 @@ public function testSwitchedUserExit()
     public function testSwitchUserStateless()
     {
         $client = $this->createClient(array('test_case' => 'JsonLogin', 'root_config' => 'switchuser_stateless.yml'));
-        $client->request('POST', '/chk', array('_switch_user' => 'dunglas'), array(), array('CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');
+        $client->request('POST', '/chk', array(), array(), array('HTTP_X_SWITCH_USER' => 'dunglas', 'CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');
         $response = $client->getResponse();
 
         $this->assertInstanceOf(JsonResponse::class, $response);
 
@@ -10,4 +10,5 @@ security:
     firewalls:
         main:
             switch_user:
+                parameter: X-Switch-User
                 stateless: true
@@ -79,16 +79,17 @@ public function __construct(TokenStorageInterface $tokenStorage, UserProviderInt
     public function handle(GetResponseEvent $event)
     {
         $request = $event->getRequest();
+        $username = $request->get($this->usernameParameter) ?: $request->headers->get($this->usernameParameter);
 
-        if (!$request->get($this->usernameParameter)) {
+        if (!$username) {
             return;
         }
 
-        if (self::EXIT_VALUE === $request->get($this->usernameParameter)) {
+        if (self::EXIT_VALUE === $username) {
             $this->tokenStorage->setToken($this->attemptExitUser($request));
         } else {
             try {
-                $this->tokenStorage->setToken($this->attemptSwitchUser($request));
+                $this->tokenStorage->setToken($this->attemptSwitchUser($request, $username));
             } catch (AuthenticationException $e) {
                 throw new \LogicException(sprintf('Switch User failed: "%s"', $e->getMessage()));
             }
@@ -106,20 +107,21 @@ public function handle(GetResponseEvent $event)
     /**
      * Attempts to switch to another user.
      *
-     * @param Request $request A Request instance
+     * @param Request $request  A Request instance
+     * @param string  $username
      *
      * @return TokenInterface|null The new TokenInterface if successfully switched, null otherwise
      *
      * @throws \LogicException
      * @throws AccessDeniedException
      */
-    private function attemptSwitchUser(Request $request)
+    private function attemptSwitchUser(Request $request, $username)
     {
         $token = $this->tokenStorage->getToken();
         $originalToken = $this->getOriginalToken($token);
 
         if (false !== $originalToken) {
-            if ($token->getUsername() === $request->get($this->usernameParameter)) {
+            if ($token->getUsername() === $username) {
                 return $token;
             }
 
@@ -133,8 +135,6 @@ private function attemptSwitchUser(Request $request)
             throw $exception;
         }
 
-        $username = $request->get($this->usernameParameter);
-
         if (null !== $this->logger) {
             $this->logger->info('Attempting to switch to user.', array('username' => $username));
         }
Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ public function testSwitchedUserExit()`
`54`	`54`	`public function testSwitchUserStateless()`
`55`	`55`	`{`
`56`	`56`	`$client = $this->createClient(array('test_case' => 'JsonLogin', 'root_config' => 'switchuser_stateless.yml'));`
`57`		`- $client->request('POST', '/chk', array('_switch_user' => 'dunglas'), array(), array('CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');`
	`57`	`+ $client->request('POST', '/chk', array(), array(), array('HTTP_X_SWITCH_USER' => 'dunglas', 'CONTENT_TYPE' => 'application/json'), '{"user": {"login": "user_can_switch", "password": "test"}}');`
`58`	`58`	`$response = $client->getResponse();`
`59`	`59`
`60`	`60`	`$this->assertInstanceOf(JsonResponse::class, $response);`
Original file line number	Diff line number	Diff line change
`@@ -79,16 +79,17 @@ public function __construct(TokenStorageInterface $tokenStorage, UserProviderInt`
`79`	`79`	`public function handle(GetResponseEvent $event)`
`80`	`80`	`{`
`81`	`81`	`$request = $event->getRequest();`
	`82`	`+ $username = $request->get($this->usernameParameter) ?: $request->headers->get($this->usernameParameter);`
`82`	`83`
`83`		`- if (!$request->get($this->usernameParameter)) {`
	`84`	`+ if (!$username) {`
`84`	`85`	`return;`
`85`	`86`	`}`
`86`	`87`
`87`		`- if (self::EXIT_VALUE === $request->get($this->usernameParameter)) {`
	`88`	`+ if (self::EXIT_VALUE === $username) {`
`88`	`89`	`$this->tokenStorage->setToken($this->attemptExitUser($request));`
`89`	`90`	`} else {`
`90`	`91`	`try {`
`91`		`- $this->tokenStorage->setToken($this->attemptSwitchUser($request));`
	`92`	`+ $this->tokenStorage->setToken($this->attemptSwitchUser($request, $username));`
`92`	`93`	`} catch (AuthenticationException $e) {`
`93`	`94`	`throw new \LogicException(sprintf('Switch User failed: "%s"', $e->getMessage()));`
`94`	`95`	`}`
`@@ -106,20 +107,21 @@ public function handle(GetResponseEvent $event)`
`106`	`107`	`/**`
`107`	`108`	`* Attempts to switch to another user.`
`108`	`109`	`*`
`109`		`- * @param Request $request A Request instance`
	`110`	`+ * @param Request $request A Request instance`
	`111`	`+ * @param string $username`
`110`	`112`	`*`
`111`	`113`	`* @return TokenInterface\|null The new TokenInterface if successfully switched, null otherwise`
`112`	`114`	`*`
`113`	`115`	`* @throws \LogicException`
`114`	`116`	`* @throws AccessDeniedException`
`115`	`117`	`*/`
`116`		`- private function attemptSwitchUser(Request $request)`
	`118`	`+ private function attemptSwitchUser(Request $request, $username)`
`117`	`119`	`{`
`118`	`120`	`$token = $this->tokenStorage->getToken();`
`119`	`121`	`$originalToken = $this->getOriginalToken($token);`
`120`	`122`
`121`	`123`	`if (false !== $originalToken) {`
`122`		`- if ($token->getUsername() === $request->get($this->usernameParameter)) {`
	`124`	`+ if ($token->getUsername() === $username) {`
`123`	`125`	`return $token;`
`124`	`126`	`}`
`125`	`127`
`@@ -133,8 +135,6 @@ private function attemptSwitchUser(Request $request)`
`133`	`135`	`throw $exception;`
`134`	`136`	`}`
`135`	`137`
`136`		`- $username = $request->get($this->usernameParameter);`
`137`		`-`
`138`	`138`	`if (null !== $this->logger) {`
`139`	`139`	`$this->logger->info('Attempting to switch to user.', array('username' => $username));`
`140`	`140`	`}`