8000 bug #53509 [Security] Fix `AuthenticationUtils::getLastUsername()` re… · symfony/symfony@4460eb4 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4460eb4

Browse files
chalasrchalasr
committed
bug #53509 [Security] Fix AuthenticationUtils::getLastUsername() returning null (alexandre-daubois)
This PR was merged into the 5.4 branch. Discussion ---------- [Security] Fix `AuthenticationUtils::getLastUsername()` returning null | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Issues | Fix #53503 | License | MIT This can happen when the attribute is actually set with `null`. Covered the class while at it. Commits ------- 2e52b06 [Security] Fix `AuthenticationUtils::getLastUsername()` returning null
2 parents 766676f + 2e52b06 commit 4460eb4

File tree

2 files changed

+123
-2
lines changed

2 files changed

+123
-2
lines changed

src/Symfony/Component/Security/Http/Authentication/AuthenticationUtils.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -59,10 +59,10 @@ public function getLastUsername()
5959
$request = $this->getRequest();
6060

6161
if ($request->attributes->has(Security::LAST_USERNAME)) {
62-
return $request->attributes->get(Security::LAST_USERNAME, '');
62+
return $request->attributes->get(Security::LAST_USERNAME) ?? '';
6363
}
6464

65-
return $request->hasSession() ? $request->getSession()->get(Security::LAST_USERNAME, '') : '';
65+
return $request->hasSession() ? ($request->getSession()->get(Security::LAST_USERNAME) ?? '') : '';
6666
}
6767

6868
/**

src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticationUtilsTest.php

Lines changed: 121 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,121 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Http\Tests\Authentication;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\HttpFoundation\Request;
16+
use Symfony\Component\HttpFoundation\RequestStack;
17+
use Symfony\Component\HttpFoundation\Session\Session;
18+
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
19+
use Symfony\Component\Security\Core\Security;
20+
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
21+
22+
class AuthenticationUtilsTest extends TestCase
23+
{
24+
public function testLastAuthenticationErrorWhenRequestHasAttribute()
25+
{
26+
$request = Request::create('/');
27+
$request->attributes->set(Security::AUTHENTICATION_ERROR, 'my error');
28+
29+
$requestStack = new RequestStack();
30+
$requestStack->push($request);
31+
32+
$utils = new AuthenticationUtils($requestStack);
33+
$this->assertSame('my error', $utils->getLastAuthenticationError());
34+
}
35+
36+
public function testLastAuthenticationErrorInSession()
37+
{
38+
$request = Request::create('/');
39+
40+
$session = new Session(new MockArraySessionStorage());
41+
$session->set(Security::AUTHENTICATION_ERROR, 'session error');
42+
$request->setSession($session);
43+
44+
$requestStack = new RequestStack();
45+
$requestStack->push($request);
46+
47+
$utils = new AuthenticationUtils($requestStack);
48+
$this->assertSame('session error', $utils->getLastAuthenticationError());
49+
$this->assertFalse($session->has(Security::AUTHENTICATION_ERROR));
50+
}
51+
52+
public function testLastAuthenticationErrorInSessionWithoutClearing()
53+
{
54+
$request = Request::create('/');
55+
56+
$session = new Session(new MockArraySessionStorage());
57+
$session->set(Security::AUTHENTICATION_ERROR, 'session error');
58+
$request->setSession($session);
59+
60+
$requestStack = new RequestStack();
61+
$requestStack->push($request);
62+
63+
$utils = new AuthenticationUtils($requestStack);
64+
$this->assertSame('session error', $utils->getLastAuthenticationError(false));
65+
$this->assertTrue($session->has(Security::AUTHENTICATION_ERROR));
66+
}
67+
68+
public function testLastUserNameIsDefinedButNull()
69+
{
70+
$request = Request::create('/');
71+
$request->attributes->set(Security::LAST_USERNAME, null);
72+
73+
$requestStack = new RequestStack();
74+
$requestStack->push($request);
75+
76+
$utils = new AuthenticationUtils($requestStack);
77+
$this->assertSame('', $utils->getLastUsername());
78+
}
79+
80+
public function testLastUserNameIsDefined()
81+
{
82+
$request = Request::create('/');
83+
$request->attributes->set(Security::LAST_USERNAME, 'user');
84+
85+
$requestStack = new RequestStack();
86+
$requestStack->push($request);
87+
88+
$utils = new AuthenticationUtils($requestStack);
89+
$this->assertSame('user', $utils->getLastUsername());
90+
}
91+
92+
public function testLastUserNameIsDefinedInSessionButNull()
93+
{
94+
$request = Request::create('/');
95+
96+
$session = new Session(new MockArraySessionStorage());
97+
$session->set(Security::LAST_USERNAME, null);
98+
$request->setSession($session);
99+
100+
$requestStack = new RequestStack();
101+
$requestStack->push($request);
102+
103+
$utils = new AuthenticationUtils($requestStack);
104+
$this->assertSame('', $utils->getLastUsername());
105+
}
106+
107+
public function testLastUserNameIsDefinedInSession()
108+
{
109+
$request = Request::create('/');
110+
111+
$session = new Session(new MockArraySessionStorage());
112+
$session->set(Security::LAST_USERNAME, 'user');
113+
$request->setSession($session);
114+
115+
$requestStack = new RequestStack();
116+
$requestStack->push($request);
117+
118+
$utils = new AuthenticationUtils($requestStack);
119+
$this->assertSame('user', $utils->getLastUsername());
120+
}
121+
}

0 commit comments

Comments
 (0)
0