[Security\Core] Fix NoopAuthenticationManager::authenticate() return value

chalasr · nicolas-grekas · commit b05da72a3c87 · 2020-05-16T11:27:00.000+02:00
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -111,6 +111,10 @@ public function load(array $configs, ContainerBuilder $container)
         $loader->load('security_rememberme.xml');
 
         if ($this->authenticatorManagerEnabled = $config['enable_authenticator_manager']) {
+            if ($config['always_authenticate_before_granting']) {
+                throw new InvalidConfigurationException('The security option "always_authenticate_before_granting" cannot be used when "enable_authenticator_manager" is set to true. If you rely on this behavior, set it to false.');
+            }
+
             $loader->load('security_authenticator.xml');
 
             // The authenticator system no longer has anonymous tokens. This makes sure AccessListener
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -505,6 +505,21 @@ public function provideEntryPointRequiredData()
         ];
     }
 
+    public function testAlwaysAuthenticateBeforeGrantingCannotBeTrueWithAuthenticationManager()
+    {
+        $this->expectException(InvalidConfigurationException::class);
+        $this->expectExceptionMessage('The security option "always_authenticate_before_granting" cannot be used when "enable_authenticator_manager" is set to true. If you rely on this behavior, set it to false.');
+
+        $container = $this->getRawContainer();
+        $container->loadFromExtension('security', [
+            'enable_authenticator_manager' => true,
+            'always_authenticate_before_granting' => true,
+            'firewalls' => ['main' => []],
+        ]);
+
+        $container->compile();
+    }
+
     protected function getRawContainer()
     {
         $container = new ContainerBuilder();
diff --git a/src/Symfony/Component/Security/Http/Authentication/NoopAuthenticationManager.php b/src/Symfony/Component/Security/Http/Authentication/NoopAuthenticationManager.php
@@ -29,5 +29,6 @@ class NoopAuthenticationManager implements AuthenticationManagerInterface
 {
     public function authenticate(TokenInterface $token)
     {
+        return $token;
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -29,5 +29,6 @@ class NoopAuthenticationManager implements AuthenticationManagerInterface`
`29`	`29`	`{`
`30`	`30`	`public function authenticate(TokenInterface $token)`
`31`	`31`	`{`
	`32`	`+ return $token;`
`32`	`33`	`}`
`33`	`34`	`}`