8000 bug #59347 [Security] Fix triggering session tracking from ContextLis… · symfony/symfony@4166af2 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4166af2

Browse files
fabpotfabpot
committed
bug #59347 [Security] Fix triggering session tracking from ContextListener (nicolas-grekas)
This PR was merged into the 6.4 branch. Discussion ---------- [Security] Fix triggering session tracking from ContextListener | Q | A | ------------- | --- | Branch? | 6.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | - | License | MIT Looks like this was forgotten in #36129 The added line in the test case makes the test fail without the patch. Commits ------- a00dc82 [Security] Fix triggering session tracking from ContextListener
2 parents 9fd383a + a00dc82 commit 4166af2

File tree

2 files changed

+5
-0
lines changed

2 files changed

+5
-0
lines changed

src/Symfony/Component/Security/Http/Firewall/ContextListener.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -164,6 +164,7 @@ public function onKernelResponse(ResponseEvent $event): void
164164
$session = $request->getSession();
165165
$sessionId = $session->getId();
166166
$usageIndexValue = $session instanceof Session ? $usageIndexReference = &$session->getUsageIndex() : null;
167+
$usageIndexReference = \PHP_INT_MIN;
167168
$token = $this->tokenStorage->getToken();
168169

169170
if (!$this->trustResolver->isAuthenticated($token)) {
@@ -178,6 +179,8 @@ public function onKernelResponse(ResponseEvent $event): void
178179

179180
if ($this->sessionTrackerEnabler && $session->getId() === $sessionId) {
180181
$usageIndexReference = $usageIndexValue;
182+
} else {
183+
$usageIndexReference = $usageIndexReference - \PHP_INT_MIN + $usageIndexValue;
181184
}
182185
}
183186

src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -323,6 +323,8 @@ public function testSessionIsNotReported()
323323

324324
$listener = new ContextListener($tokenStorage, [], 'context_key', null, null, null, $tokenStorage->getToken(...));
325325
$listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST));
326+
327+
$listener->onKernelResponse(new ResponseEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST, new Response()));
326328
}
327329

328330
public function testOnKernelResponseRemoveListener()

0 commit comments

Comments
 (0)
0