8000 minor #14986 Added a small Upgrade note regarding security.context (i… · symfony/symfony@4b960a6 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4b960a6

Browse files
fabpotfabpot
committed
minor #14986 Added a small Upgrade note regarding security.context (iltar)
This PR was merged into the 2.7 branch. Discussion ---------- Added a small Upgrade note regarding security.context | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | ~ | Fixed tickets | #14889 | License | MIT | Doc PR | ~ I've added a note in the 2.7 upgrade file on which extending implementations should be updated when using 2.7. Along with it, I've removed an unused use statement, fixed some typos and removed a redundant session check as this check is already done at the start of the method. For #14889 I have also done a search through the docs (2.7), but I couldn't find any remaining examples encouraging the usage of the `SecurityContext(Interface)` anywhere. Commits ------- ade1fef Added a small Upgrade note regarding security.context
2 parents 4c800ae + ade1fef commit 4b960a6

File tree

5 files changed

+26
-9
lines changed

5 files changed

+26
-9
lines changed

UPGRADE-2.7.md

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -643,3 +643,25 @@ FrameworkBundle
643643
}
644644
}
645645
```
646+
647+
Security
648+
---------------
649+
650+
* Injection of the `security.context` service has been reduced to a bare minimum. This means
651+
that arguments that once hinted `SecurityContext` or `SecurityContextInterface` will have
652+
to be updated accordingly to either the `TokenStorageInterface` or `AuthorizationCheckerInterface`.
653+
The following classes now require the `security.token_storage` service instead of the `security.context`,
654+
please update your extending implementations accordingly.
655+
656+
* `AbstractAuthenticationListener`
657+
* `AnonymousAuthenticationListener`
658+
* `ContextListener`
659+
* `SimplePreAuthenticationListener`
660+
* `X509AuthenticationListener`
661+
* `RemoteUserAuthenticationListener`
662+
* `BasicAuthenticationListener`
663+
* `DigestAuthenticationListener`
664+
* `ExceptionListener`
665+
* `SwitchUserListener`
666+
* `AccessListener`
667+
* `RememberMeListener`

src/Symfony/Bundle/FrameworkBundle/Templating/GlobalVariables.php

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,6 @@
1414
use Symfony\Component\DependencyInjection\ContainerInterface;
1515
use Symfony\Component\HttpFoundation\Request;
1616
use Symfony\Component\HttpFoundation\Session\Session;
17-
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
1817
use Symfony\Component\Security\Core\SecurityContext;
1918

2019
/**

src/Symfony/Component/Security/Http/Firewall/ContextListener.php

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -101,7 +101,7 @@ public function handle(GetResponseEvent $event)
101101
}
102102

103103
/**
104-
* Writes the SecurityContext to the session.
104+
* Writes the security token into the session.
105105
*
106106
* @param FilterResponseEvent $event A FilterResponseEvent instance
107107
*/
@@ -121,10 +121,6 @@ public function onKernelResponse(FilterResponseEvent $event)
121121
$request = $event->getRequest();
122122
$session = $request->getSession();
123123

124-
if (null === $session) {
125-
return;
126-
}
127-
128124
if ((null === $token = $this->tokenStorage->getToken()) || ($token instanceof AnonymousToken)) {
129125
if ($request->hasPreviousSession()) {
130126
$session->remove($this->sessionKey);

src/Symfony/Component/Security/Http/RememberMe/RememberMeServicesInterface.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,8 @@ interface RememberMeServicesInterface
3636
const COOKIE_ATTR_NAME = '_security_remember_me_cookie';
3737

3838
/**
39-
* This method will be called whenever the SecurityContext does not contain
40-
* an TokenInterface object and the framework wishes to provide an implementation
39+
* This method will be called whenever the TokenStorage does not contain
40+
* a TokenInterface object and the framework wishes to provide an implementation
4141
* with an opportunity to authenticate the request using remember-me capabilities.
4242
*
4343
* No attempt whatsoever is made to determine whether the browser has requested

src/Symfony/Component/Security/Http/Session/SessionAuthenticationStrategyInterface.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ interface SessionAuthenticationStrategyInterface
2727
/**
2828
* This performs any necessary changes to the session.
2929
*
30-
* This method is called before the SecurityContext is populated with a
30+
* This method is called before the TokenStorage is populated with a
3131
* Token, and only by classes inheriting from AbstractAuthenticationListener.
3232
*
3333
* @param Request $request

0 commit comments

Comments
 (0)
0