10000 [SecurityHttp] Fix incompatibility with 6.0 · symfony/symfony@a2f9279 · GitHub
[go: up one dir, main page]
Skip to content

Commit a2f9279

Browse files
wouterjwouterj
committed
[SecurityHttp] Fix incompatibility with 6.0
1 parent 6ace47c commit a2f9279

File tree

5 files changed

+34
-14
lines changed

5 files changed

+34
-14
lines changed

src/Symfony/Component/Security/Http/Authenticator/Token/PostAuthenticationToken.php

+4-2
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,10 @@ public function __construct(UserInterface $user, string $firewallName, array $ro
3535
$this->firewallName = $firewallName;
3636

3737
// @deprecated since Symfony 5.4
38-
// this token is meant to be used after authentication success, so it is always authenticated
39-
$this->setAuthenticated(true, false);
38+
if (method_exists($this, 'setAuthenticated')) {
39+
// this token is meant to be used after authentication success, so it is always authenticated
40+
$this->setAuthenticated(true, false);
41+
}
4042
}
4143

4244
/**

src/Symfony/Component/Security/Http/EventListener/CheckCredentialsListener.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ public function checkPassport(CheckPassportEvent $event): void
7474
throw new BadCredentialsException('The presented password is invalid.');
7575
}
7676

77-
$salt = $user->getSalt();
77+
$salt = method_exists($user, 'getSalt') ? $user->getSalt() : '';
7878
if ($salt && !$user instanceof LegacyPasswordAuthenticatedUserInterface) {
7979
trigger_deprecation('symfony/security-http', '5.3', 'Returning a string from "getSalt()" without implementing the "%s" interface is deprecated, the "%s" class should implement it.', LegacyPasswordAuthenticatedUserInterface::class, get_debug_type($user));
8080
}

src/Symfony/Component/Security/Http/Firewall/AccessListener.php

+20-6
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,7 @@ public function __construct(TokenStorageInterface $tokenStorage, AccessDecisionM
5454
$this->tokenStorage = $tokenStorage;
5555
$this->accessDecisionManager = $accessDecisionManager;
5656
$this->map = $map;
57-
$this->authManager = $authManager ?? new NoopAuthenticationManager();
57+
$this->authManager = $authManager ?? (class_exists(AuthenticationManagerInterface::class) ? new NoopAuthenticationManager() : null);
5858
$this->exceptionOnNoToken = $exceptionOnNoToken;
5959
}
6060

@@ -66,7 +66,14 @@ public function supports(Request $request): ?bool
6666
[$attributes] = $this->map->getPatterns($request);
6767
$request->attributes->set('_access_control_attributes', $attributes);
6868

69-
return $attributes && ([AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] !== $attributes && [AuthenticatedVoter::PUBLIC_ACCESS] !== $attributes) ? true : null;
69+
if ($attributes && (
70+
(defined(AuthenticatedVoter::class.'::IS_AUTHENTICATED_ANONYMOUSLY') ? [AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] !== $attributes : true)
71+
&& [AuthenticatedVoter::PUBLIC_ACCESS] !== $attributes
72+
)) {
73+
return true;
74+
}
75+
76+
return null;
7077
}
7178

7279
/**
@@ -86,7 +93,11 @@ public function authenticate(RequestEvent $event)
8693
$attributes = $request->attributes->get('_access_control_attributes');
8794
$request->attributes->remove('_access_control_attributes');
8895

89-
if (!$attributes || ([AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] === $attributes && $event instanceof LazyResponseEvent)) {
96+
if (!$attributes || ((
97+
(defined(AuthenticatedVoter::class.'::IS_AUTHENTICATED_ANONYMOUSLY') ? [AuthenticatedVoter::IS_AUTHENTICATED_ANONYMOUSLY] === $attributes : false)
98+
|| [AuthenticatedVoter::PUBLIC_ACCESS] === $attributes
99+
) && $event instanceof LazyResponseEvent
100+
)) {
90101
return;
91102
}
92103

@@ -103,10 +114,13 @@ public function authenticate(RequestEvent $event)
103114
}
104115

105116
// @deprecated since Symfony 5.4
106-
if (!$token->isAuthenticated(false)) {
117+
if (method_exists($token, 'isAuthenticated') && !$token->isAuthenticated(false)) {
107118
trigger_deprecation('symfony/core', '5.4', 'Returning false from "%s()" is deprecated and won\'t have any effect in Symfony 6.0 as security tokens will always be considered authenticated.');
108-
$token = $this->authManager->authenticate($token);
109-
$this->tokenStorage->setToken($token);
119+
120+
if ($this->authManager) {
121+
$token = $this->authManager->authenticate($token);
122+
$this->tokenStorage->setToken($token);
123+
}
110124
}
111125

112126
if (!$this->accessDecisionManager->decide($token, $attributes, $request, true)) {

src/Symfony/Component/Security/Http/Firewall/ContextListener.php

+3-1
Original file line numberDiff line numberDiff line change
@@ -240,7 +240,9 @@ protected function refreshUser(TokenInterface $token): ?TokenInterface
240240
if ($this->hasUserChanged($user, $newToken)) {
241241
$userDeauthenticated = true;
242242
// @deprecated since Symfony 5.4
243-
$newToken->setAuthenticated(false, false);
243+
if (method_exists($newToken, 'setAuthenticated')) {
244+
$newToken->setAuthenticated(false, false);
245+
}
244246

245247
if (null !== $this->logger) {
246248
// @deprecated since Symfony 5.3, change to $refreshedUser->getUserIdentifier() in 6.0

src/Symfony/Component/Security/Http/Tests/Firewall/AccessListenerTest.php

+6-4
Original file line numberDiff line numberDiff line change
@@ -166,10 +166,12 @@ public function testHandleWhenThereIsNoAccessMapEntryMatchingTheRequest()
166166
;
167167

168168
$token = $this->createMock(TokenInterface::class);
169-
$token
170-
->expects($this->never())
171-
->method('isAuthenticated')
172-
;
169+
if (method_exists(TokenInterface::class, 'isAuthenticated')) {
170+
$token
171+
->expects($this->never())
172+
->method('isAuthenticated')
173+
;
174+
}
173175

174176
$tokenStorage = $this->createMock(TokenStorageInterface::class);
175177
$tokenStorage

0 commit comments

Comments
 (0)
0