8000 bug #34859 [SecurityBundle] Fix TokenStorage::reset not called in sta… · symfony/symfony@70dec3c · GitHub
[go: up one dir, main page]
Skip to content

Commit 70dec3c

Browse files
nicolas-grekasnicolas-grekas
committed
bug #34859 [SecurityBundle] Fix TokenStorage::reset not called in stateless firewall (jderusse)
This PR was merged into the 4.4 branch. Discussion ---------- [SecurityBundle] Fix TokenStorage::reset not called in stateless firewall | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | NA | License | MIT | Doc PR | NA By default, the service `security.token_storage` is resetable. https://github.com/symfony/symfony/blob/master/src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml#L22-L24 But when using a stateless application without session, the `RegisterTokenUsageTrackingPass` replace the service `security.token_storage` by an alias to `security.untracked_token_storage` (which is not tagged as resetable. Commits ------- 616c30f Fix TokenStorage::reset not called in stateless firewall
2 parents 3314677 + 616c30f commit 70dec3c

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/RegisterTokenUsageTrackingPass.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@ public function process(ContainerBuilder $container)
4343

4444
if (!$container->has('session')) {
4545
$container->setAlias('security.token_storage', 'security.untracked_token_storage')->setPublic(true);
46+
$container->getDefinition('security.untracked_token_storage')->addTag('kernel.reset', ['method' => 'reset']);
4647
} elseif ($container->hasDefinition('security.context_listener')) {
4748
$container->getDefinition('security.context_listener')
4849
->setArgument(6, [new Reference('security.token_storage'), 'enableUsageTracking']);

0 commit comments

Comments
 (0)
0