8000 bug #42472 [Security] Fix `AbstractAuthenticator::createToken()` BC l… · symfony/symfony@4822448 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4822448

Browse files
fabpotfabpot
committed
bug #42472 [Security] Fix AbstractAuthenticator::createToken() BC layer (chalasr)
This PR was merged into the 5.4 branch. Discussion ---------- [Security] Fix `AbstractAuthenticator::createToken()` BC layer | Q | A | ------------- | --- | Branch? | 5.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - An authenticator might override the `createAuthenticatedToken()` method, hence it must keep being called until that authenticator has been migrated to use `createToken()`. Spotted in lexik/jwt-authentication-bundle's CI. Commits ------- 799acc5 [Security] Fix AbstractAuthenticator::createToken() BC layer
2 parents edecf96 + 799acc5 commit 4822448

File tree

2 files changed

+91
-1
lines changed

2 files changed

+91
-1
lines changed

src/Symfony/Component/Security/Http/Authenticator/AbstractAuthenticator.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,10 @@ abstract class AbstractAuthenticator implements AuthenticatorInterface
3131
*/
3232
public function createToken(Passport $passport, string $firewallName): TokenInterface
3333
{
34+
if (self::class !== (new \ReflectionMethod($this, 'createAuthenticatedToken'))->getDeclaringClass()->getName() && self::class === (new \ReflectionMethod($this, 'createToken'))->getDeclaringClass()->getName()) {
35+
return $this->createAuthenticatedToken($passport, $firewallName);
36+
}
37+
3438
return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
3539
}
3640

@@ -46,6 +50,6 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi
4650

4751
trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
4852

49-
return $this->createToken($passport, $firewallName);
53+
return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
5054
}
5155
}

src/Symfony/Component/Security/Http/Tests/Authenticator/AbstractAuthenticatorTest.php

Lines changed: 86 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,86 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Http\Tests\Authenticator;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
16+
use Symfony\Component\HttpFoundation\Request;
17+
use Symfony\Component\HttpFoundation\Response;
18+
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
19+
use Symfony\Component\Security\Core\Exception\AuthenticationException;
20+
use Symfony\Component\Security\Core\User\InMemoryUser;
21+
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
22+
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
23+
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
24+
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
25+
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
26+
use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
27+
28+
class AbstractAuthenticatorTest extends TestCase
29+
{
30+
use ExpectDeprecationTrait;
31+
32+
public function testCreateToken()
33+
{
34+
$authenticator = new ConcreteAuthenticator();
35+
$this->assertInstanceOf(
36+
PostAuthenticationToken::class,
37+
$authenticator->createToken(new SelfValidatingPassport(new UserBadge('dummy', function () { return new InMemoryUser('robin', 'hood'); })), 'dummy')
38+
);
39+
}
40+
41+
/**
42+
* @group legacy
43+
*/
44+
public function testLegacyCreateAuthenticatedToken()
45+
{
46+
$authenticator = new ConcreteAuthenticator();
47+
$this->expectDeprecation('Since symfony/security-http 5.4: Method "Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator::createAuthenticatedToken()" is deprecated, use "Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator::createToken()" instead.');
48+
$this->assertInstanceOf(
49+
PostAuthenticationToken::class,
50+
$authenticator->createAuthenticatedToken(new SelfValidatingPassport(new UserBadge('dummy', function () { return new InMemoryUser('robin', 'hood'); })), 'dummy')
51+
);
52+
}
53+
}
54+
55+
class ConcreteAuthenticator extends AbstractAuthenticator
56+
{
57+
public function createToken(Passport $passport, string $firewallName): TokenInterface
58+
{
59+
return parent::createToken($passport, $firewallName);
60+
}
61+
62+
public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
63+
{
64+
return parent::createAuthenticatedToken($passport, $firewallName);
65+
}
66+
67+
public function supports(Request $request): ?bool
68+
{
69+
return null;
70+
}
71+
72+
public function authenticate(Request $request): Passport
73+
{
74+
return new SelfValidatingPassport(new UserBadge('dummy'));
75+
}
76+
77+
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
78+
{
79+
return null;
80+
}
81+
82+
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
83+
{
84+
return null;
85+
}
86+
}

0 commit comments

Comments
 (0)
0