8000 [Security] Move the `Security` helper to SecurityBundle · symfony/symfony@8060907 · GitHub
[go: up one dir, main page]
Skip to content

Commit 8060907

Browse files
chalasrchalasr
committed
[Security] Move the Security helper to SecurityBundle
1 parent a10071b commit 8060907

File tree

27 files changed

+226
-70
lines changed

27 files changed

+226
-70
lines changed

src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -186,8 +186,8 @@
186186
use Symfony\Component\RateLimiter\Storage\CacheStorage;
187187
use Symfony\Component\Routing\Loader\AnnotationDirectoryLoader;
188188
use Symfony\Component\Routing\Loader\AnnotationFileLoader;
189+
use Symfony\Component\Security\Core\AuthenticationEvents;
189190
use Symfony\Component\Security\Core\Exception\AuthenticationException;
190-
use Symfony\Component\Security\Core\Security;
191191
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
192192
use Symfony\Component\Semaphore\PersistingStoreInterface as SemaphoreStoreInterface;
193193
use Symfony\Component\Semaphore\Semaphore;
@@ -1020,7 +1020,7 @@ private function registerWorkflowConfiguration(array $config, ContainerBuilder $
10201020
throw new LogicException('Cannot guard workflows as the ExpressionLanguage component is not installed. Try running "composer require symfony/expression-language".');
10211021
}
10221022

1023-
if (!class_exists(Security::class)) {
1023+
if (!class_exists(AuthenticationEvents::class)) {
10241024
throw new LogicException('Cannot guard workflows as the Security component is not installed. Try running "composer require symfony/security-core".');
10251025
}
10261026

src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@
5757
use Symfony\Component\HttpKernel\Fragment\FragmentUriGeneratorInterface;
5858
use Symfony\Component\Messenger\Transport\TransportFactory;
5959
use Symfony\Component\PropertyAccess\PropertyAccessor;
60-
use Symfony\Component\Security\Core\Security;
60+
use Symfony\Component\Security\Core\AuthenticationEvents;
6161
use Symfony\Component\Serializer\Mapping\Loader\AnnotationLoader;
6262
use Symfony\Component\Serializer\Mapping\Loader\XmlFileLoader;
6363
use Symfony\Component\Serializer\Mapping\Loader\YamlFileLoader;
@@ -1036,7 +1036,7 @@ public function testTranslator()
10361036
$files,
10371037
'->registerTranslatorConfiguration() finds Form translation resources'
10381038
);
1039-
$ref = new \ReflectionClass(Security::class);
1039+
$ref = new \ReflectionClass(AuthenticationEvents::class);
10401040
$this->assertContains(
10411041
strtr(\dirname($ref->getFileName()).'/Resources/translations/security.en.xlf', '/', \DIRECTORY_SEPARATOR),
10421042
$files,

src/Symfony/Bundle/SecurityBundle/Resources/config/security.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
use Symfony\Bundle\SecurityBundle\Security\FirewallContext;
1818
use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
1919
use Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext;
20+
use Symfony\Bundle\SecurityBundle\Security\Security;
2021
use Symfony\Component\Ldap\Security\LdapUserProvider;
2122
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
2223
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
@@ -33,7 +34,6 @@
3334
use Symfony\Component\Security\Core\Authorization\Voter\RoleVoter;
3435
use Symfony\Component\Security\Core\Role\RoleHierarchy;
3536
use Symfony\Component\Security\Core\Role\RoleHierarchyInterface;
36-
use Symfony\Component\Security\Core\Security;
3737
use Symfony\Component\Security\Core\User\ChainUserProvider;
3838
use Symfony\Component\Security\Core\User\InMemoryUserChecker;
3939
use Symfony\Component\Security\Core\User\InMemoryUserProvider;

src/Symfony/Bundle/SecurityBundle/Security/Security.php

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Bundle\SecurityBundle\Security;
13+
14+
use Psr\Container\ContainerInterface;
15+
use Symfony\Component\Security\Core\Security as LegacySecurity;
16+
17+
/**
18+
* Helper class for commonly-needed security tasks.
19+
*
20+
* @final
21+
*/
22+
class Security extends LegacySecurity
23+
{
24+
public function __construct(ContainerInterface $container)
25+
{
26+
parent::__construct($container, false);
27+
}
28+
}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,11 +16,11 @@
1616
use Symfony\Component\HttpFoundation\Response;
1717
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
1818
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
19-
use Symfony\Component\Security\Core\Security;
2019
use Symfony\Component\Security\Http\Authenticator\AbstractLoginFormAuthenticator;
2120
use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
2221
use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
2322
use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
23+
use Symfony\Component\Security\Http\SecurityContextAttributes;
2424
use Symfony\Component\Security\Http\Util\TargetPathTrait;
2525

2626
class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
@@ -39,7 +39,7 @@ public function authenticate(Request $request): Passport
3939
{
4040
$username = $request->request->get('_username', '');
4141

42-
$request->getSession()->set(Security::LAST_USERNAME, $username);
42+
$request->getSession()->set(SecurityContextAttributes::LAST_USERNAME, $username);
4343

4444
return new Passport(
4545
new UserBadge($username),

src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/CsrfFormLoginBundle/Form/UserLoginType.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
use Symfony\Component\Form\FormEvents;
1919
use Symfony\Component\HttpFoundation\RequestStack;
2020
use Symfony\Component\OptionsResolver\OptionsResolver;
21-
use Symfony\Component\Security\Core\Security;
21+
use Symfony\Component\Security\Http\SecurityContextAttributes;
2222

2323
/**
2424
* Form type for use with the Security component's form-based authentication
@@ -55,18 +55,18 @@ public function buildForm(FormBuilderInterface $builder, array $options)
5555
* session for an authentication error and last username.
5656
*/
5757
$builder->addEventListener(FormEvents::PRE_SET_DATA, function (FormEvent $event) use ($request) {
58-
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
59-
$error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
58+
if ($request->attributes->has(SecurityContextAttributes::AUTHENTICATION_ERROR)) {
59+
$error = $request->attributes->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
6060
} else {
61-
$error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
61+
$error = $request->getSession()->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
6262
}
6363

6464
if ($error) {
6565
$event->getForm()->addError(new FormError($error->getMessage()));
6666
}
6767

6868
$event->setData(array_replace((array) $event->getData(), [
69-
'username' => $request->getSession()->get(Security::LAST_USERNAME),
69+
'username' => $request->getSession()->get(SecurityContextAttributes::LAST_USERNAME),
7070
]));
7171
});
7272
}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LocalizedController.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
use Psr\Container\ContainerInterface;
1515
use Symfony\Component\HttpFoundation\Request;
1616
use Symfony\Component\HttpFoundation\Response;
17-
use Symfony\Component\Security\Core\Security;
17+
use Symfony\Component\Security\Http\SecurityContextAttributes;
1818
use Symfony\Contracts\Service\ServiceSubscriberInterface;
1919
use Twig\Environment;
2020

@@ -30,15 +30,15 @@ public function __construct(ContainerInterface $container)
3030
public function loginAction(Request $request)
3131
{
3232
// get the login error if there is one
33-
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
34-
$error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
33+
if ($request->attributes->has(SecurityContextAttributes::AUTHENTICATION_ERROR)) {
34+
$error = $request->attributes->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
3535
} else {
36-
$error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
36+
$error = $request->getSession()->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
3737
}
3838

3939
return new Response($this->container->get('twig')->render('@FormLogin/Localized/login.html.twig', [
4040
// last username entered by the user
41-
'last_username' => $request->getSession()->get(Security::LAST_USERNAME),
41+
'last_username' => $request->getSession()->get(SecurityContextAttributes::LAST_USERNAME),
4242
'error' => $error,
4343
]));
4444
}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/FormLoginBundle/Controller/LoginController.php

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,8 @@
1515
use Symfony\Component\HttpFoundation\Request;
1616
use Symfony\Component\HttpFoundation\Response;
1717
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
18-
use Symfony\Component\Security\Core\Security;
1918
use Symfony\Component\Security\Core\User\UserInterface;
19+
use Symfony\Component\Security\Http\SecurityContextAttributes;
2020
use Symfony\Contracts\Service\ServiceSubscriberInterface;
2121
use Twig\Environment;
2222

@@ -32,15 +32,15 @@ public function __construct(ContainerInterface $container)
3232
public function loginAction(Request $request, UserInterface $user = null)
3333
{
3434
// get the login error if there is one
35-
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
36-
$error = $request->attributes->get(Security::AUTHENTICATION_ERROR);
35+
if ($request->attributes->has(SecurityContextAttributes::AUTHENTICATION_ERROR)) {
36+
$error = $request->attributes->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
3737
} else {
38-
$error = $request->getSession()->get(Security::AUTHENTICATION_ERROR);
38+
$error = $request->getSession()->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
3939
}
4040

4141
return new Response($this->container->get('twig')->render('@FormLogin/Login/login.html.twig', [
4242
// last username entered by the user
43-
'last_username' => $request->getSession()->get(Security::LAST_USERNAME),
43+
'last_username' => $request->getSession()->get(SecurityContextAttributes::LAST_USERNAME),
4444
'error' => $error,
4545
]));
4646
}

src/Symfony/Bundle/SecurityBundle/Tests/Security/SecurityTest.php

Lines changed: 89 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,89 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Bundle\SecurityBundle\Tests\Security;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Psr\Container\ContainerInterface;
16+
use Symfony\Bundle\SecurityBundle\Security\Security;
17+
use Symfony\Component\DependencyInjection\ServiceLocator;
18+
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
19+
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
20+
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
21+
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
22+
use Symfony\Component\Security\Core\User\InMemoryUser;
23+
24+
class SecurityTest extends TestCase
25+
{
26+
public function testGetToken()
27+
{
28+
$token = new UsernamePasswordToken(new InMemoryUser('foo', 'bar'), 'provider');
29+
$tokenStorage = $this->createMock(TokenStorageInterface::class);
30+
31+
$tokenStorage->expects($this->once())
32+
->method('getToken')
33+
- 10000 >willReturn($token);
34+
35+
$container = $this->createContainer('security.token_storage', $tokenStorage);
36+
37+
$security = new Security($container);
38+
$this->assertSame($token, $security->getToken());
39+
}
40+
41+
/**
42+
* @dataProvider getUserTests
43+
*/
44+
public function testGetUser($userInToken, $expectedUser)
45+
{
46+
$token = $this->createMock(TokenInterface::class);
47+
$token->expects($this->any())
48+
->method('getUser')
49+
->willReturn($userInToken);
50+
$tokenStorage = $this->createMock(TokenStorageInterface::class);
51+
52+
$tokenStorage->expects($this->once())
53+
->method('getToken')
54+
->willReturn($token);
55+
56+
$container = $this->createContainer('security.token_storage', $tokenStorage);
57+
58+
$security = new Security($container);
59+
$this->assertSame($expectedUser, $security->getUser());
60+
}
61+
62+
public function getUserTests()
63+
{
64+
yield [null, null];
65+
66+
$user = new InMemoryUser('nice_user', 'foo');
67+
yield [$user, $user];
68+
}
69+
70+
public function testIsGranted()
71+
{
72+
$authorizationChecker = $this->createMock(AuthorizationCheckerInterface::class);
73+
74+
$authorizationChecker->expects($this->once())
75+
->method('isGranted')
76+
->with('SOME_ATTRIBUTE', 'SOME_SUBJECT')
77+
->willReturn(true);
78+
79+
$container = $this->createContainer('security.authorization_checker', $authorizationChecker);
80+
81+
$security = new Security($container);
82+
$this->assertTrue($security->isGranted('SOME_ATTRIBUTE', 'SOME_SUBJECT'));
83+
}
84+
85+
private function createContainer(string $serviceId, object $serviceObject): ContainerInterface
86+
{
87+
return new ServiceLocator([$serviceId => fn () => $serviceObject]);
88+
}
89+
}

src/Symfony/Bundle/SecurityBundle/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
"symfony/password-hasher": "^5.4|^6.0",
2828
"symfony/security-core": "^5.4|^6.0",
2929
"symfony/security-csrf": "^5.4|^6.0",
30-
"symfony/security-http": "^5.4|^6.0"
30+
"symfony/security-http": "^6.2"
3131
},
3232
"require-dev": {
3333
"doctrine/annotations": "^1.10.4",

src/Symfony/Component/Security/Core/CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,11 @@
11
CHANGELOG
22
=========
33

4+
6.2
5+
---
6+
7+
* Deprecate the `Security` class, use `Symfony\Bundle\SecurityBundle\Security\Security` instead
8+
49
6.0
510
---
611

src/Symfony/Component/Security/Core/Security.php

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,27 +12,34 @@
1212
namespace Symfony\Component\Security\Core;
1313

1414
use Psr\Container\ContainerInterface;
15+
use Symfony\Bundle\SecurityBundle\Security\Security as NewSecurityHelper;
1516
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
1617
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
1718
use Symfony\Component\Security\Core\User\UserInterface;
1819

1920
/**
2021
* Helper class for commonly-needed security tasks.
2122
*
22-
* @final
23+
* @deprecated since Symfony 6.2, use {@see NewSecurityHelper} instead
2324
*/
2425
class Security implements AuthorizationCheckerInterface
2526
{
27+
// @deprecated In 7.0, move these constants to the NewSecurityHelper class and
28+
// make them reference SecurityContextAttributes:* constants.
2629
public const ACCESS_DENIED_ERROR = '_security.403_error';
2730
public const AUTHENTICATION_ERROR = '_security.last_error';
2831
public const LAST_USERNAME = '_security.last_username';
2932
public const MAX_USERNAME_LENGTH = 4096;
3033

3134
private ContainerInterface $container;
3235

33-
public function __construct(ContainerInterface $container)
36+
public function __construct(ContainerInterface $container, bool $triggerDeprecation = true)
3437
{
3538
$this->container = $container;
39+
40+
if ($triggerDeprecation) {
41+
trigger_deprecation('symfony/security-core', '6.2', 'The "%s" class is deprecated, use "%s" instead.', __CLASS__, NewSecurityHelper::class);
42+
}
3643
}
3744

3845
public function getUser(): ?UserInterface

src/Symfony/Component/Security/Core/Tests/SecurityTest.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,9 @@
2020
use Symfony\Component\Security\Core\Security;
2121
use Symfony\Component\Security\Core\User\InMemoryUser;
2222

23+
/**
24+
* @group legacy
25+
*/
2326
class SecurityTest extends TestCase
2427
{
2528
public function testGetToken()

src/Symfony/Component/Security/Http/Authentication/AuthenticationUtils.php

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
use Symfony\Component\HttpFoundation\Request;
1515
use Symfony\Component\HttpFoundation\RequestStack;
1616
use Symfony\Component\Security\Core\Exception\AuthenticationException;
17-
use Symfony\Component\Security\Core\Security;
17+
use Symfony\Component\Security\Http\SecurityContextAttributes;
1818

1919
/**
2020
* Extracts Security Errors from Request.
@@ -35,13 +35,13 @@ public function getLastAuthenticationError(bool $clearSession = true): ?Authenti
3535
$request = $this->getRequest();
3636
$authenticationException = null;
3737

38-
if ($request->attributes->has(Security::AUTHENTICATION_ERROR)) {
39-
$authenticationException = $request->attributes->get(Security::AUTHENTICATION_ERROR);
40-
} elseif ($request->hasSession() && ($session = $request->getSession())->has(Security::AUTHENTICATION_ERROR)) {
41-
$authenticationException = $session->get(Security::AUTHENTICATION_ERROR);
38+
if ($request->attributes->has(SecurityContextAttributes::AUTHENTICATION_ERROR)) {
39+
$authenticationException = $request->attributes->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
40+
} elseif ($request->hasSession() && ($session = $request->getSession())->has(SecurityContextAttributes::AUTHENTICATION_ERROR)) {
41+
$authenticationException = $session->get(SecurityContextAttributes::AUTHENTICATION_ERROR);
4242

4343
if ($clearSession) {
44-
$session->remove(Security::AUTHENTICATION_ERROR);
44+
$session->remove(SecurityContextAttributes::AUTHENTICATION_ERROR);
4545
}
4646
}
4747

@@ -52,11 +52,11 @@ public function getLastUsername(): string
5252
{
5353
$request = $this->getRequest();
5454

55-
if ($request->attributes->has(Security::LAST_USERNAME)) {
56-
return $request->attributes->get(Security::LAST_USERNAME, '');
55+
if ($request->attributes->has(SecurityContextAttributes::LAST_USERNAME)) {
56+
return $request->attributes->get(SecurityContextAttributes::LAST_USERNAME, '');
5757
}
5858

59-
return $request->hasSession() ? $request->getSession()->get(Security::LAST_USERNAME, '') : '';
59+
return $request->hasSession() ? $request->getSession()->get(SecurityContextAttributes::LAST_USERNAME, '') : '';
6060
}
6161

6262
/**

0 commit comments

Comments
 (0)
0