8000 [Security] Fix AbstractAuthenticator::createToken() BC layer · symfony/symfony@799acc5 · GitHub
[go: up one dir, main page]
Skip to content
Sign in

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 799acc5

Browse files
chalasrchalasr
committed
[Security] Fix AbstractAuthenticator::createToken() BC layer
1 parent c0e7f09 commit 799acc5

File tree

2 files changed

+91
-1
lines changed

2 files changed

+91
-1
lines changed

src/Symfony/Component/Security/Http/Authenticator/AbstractAuthenticator.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,10 @@ abstract class AbstractAuthenticator implements AuthenticatorInterface
3131
*/
3232
public function createToken(Passport $passport, string $firewallName): TokenInterface
3333
{
34+
if (self::class !== (new \ReflectionMethod($this, 'createAuthenticatedToken'))->getDeclaringClass()->getName() && self::class === (new \ReflectionMethod($this, 'createToken'))->getDeclaringClass()->getName()) {
35+
return $this->createAuthenticatedToken($passport, $firewallName);
36+
}
37+
3438
return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
3539
}
3640

@@ -46,6 +50,6 @@ public function createAuthenticatedToken(PassportInterface $passport, string $fi
4650

4751
trigger_deprecation('symfony/security-http', '5.4', 'Method "%s()" is deprecated, use "%s::createToken()" instead.', __METHOD__, __CLASS__);
4852

49-
return $this->createToken($passport, $firewallName);
53+
return new PostAuthenticationToken($passport->getUser(), $firewallName, $passport->getUser()->getRoles());
5054
}
5155
}

src/Symfony/Component/Security/Http/Tests/Authenticator/AbstractAuthenticatorTest.php

Lines changed: 86 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,86 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Http\Tests\Authenticator;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
16+
use Symfony\Component\HttpFoundation\Request;
17+
use Symfony\Component\HttpFoundation\Response;
18+
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
19+
use Symfony\Component\Security\Core\Exception\AuthenticationException;
20+
use Symfony\Component\Security\Core\User\InMemoryUser;
21+
use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
22+
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
23+
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
24+
use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
25+
use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
26+
use Symfony\Component\Security\Http\Authenticator\Token\PostAuthenticationToken;
27+
28+
class AbstractAuthenticatorTest extends TestCase
29+
{
30+
use ExpectDeprecationTrait;
31+
32+
public function testCreateToken()
33+
{
34+
$authenticator = new ConcreteAuthenticator();
35+
$this->assertInstanceOf(
36+
PostAuthenticationToken::class,
37+
$authenticator->createToken(new SelfValidatingPassport(new UserBadge('dummy', function () { return new InMemoryUser('robin', 'hood'); })), 'dummy')
38+
);
39+
}
40+
41+
/**
42+
* @group legacy
43+
*/
44+
public function testLegacyCreateAuthenticatedToken()
45+
{
46+
$authenticator = new ConcreteAuthenticator();
47+
$this->expectDeprecation('Since symfony/security-http 5.4: Method "Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator::createAuthenticatedToken()" is deprecated, use "Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator::createToken()" instead.');
48+
$this->assertInstanceOf(
49+
PostAuthenticationToken::class,
50+
$authenticator->createAuthenticatedToken(new SelfValidatingPassport(new UserBadge('dummy', function () { return new InMemoryUser('robin', 'hood'); })), 'dummy')
51+
);
52+
}
53+
}
54+
55+
class ConcreteAuthenticator extends AbstractAuthenticator
56+
{
57+
public function createToken(Passport $passport, string $firewallName): TokenInterface
58+
{
59+
return parent::createToken($passport, $firewallName);
60+
}
61+
62+
public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
63+
{
64+
return parent::createAuthenticatedToken($passport, $firewallName);
65+
}
66+
67+
public function supports(Request $request): ?bool
68+
{
69+
return null;
70+
}
71+
72+
public function authenticate(Request $request): Passport
73+
{
74+
return new SelfValidatingPassport(new UserBadge('dummy'));
75+
}
76+
77+
public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
78+
{
 6A52
79+
return null;
80+
}
81+
82+
public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
83+
{
84+
return null;
85+
}
86+
}

0 commit comments

Comments
 (0)
0