8000 Merge branch '5.4' into 6.0 · symfony/symfony@ba3dd7f · GitHub
[go: up one dir, main page]
Skip to content

Commit ba3dd7f

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '5.4' into 6.0
* 5.4: Only trigger for the correct firewall in ContextListener::onKernelResponse()
2 parents ccf4e7b + 86a0672 commit ba3dd7f

File tree

5 files changed

+43
-5
lines changed

5 files changed

+43
-5
lines changed

src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticatorTest.php

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,4 +87,17 @@ public function provideEmailsWithFirewalls()
8787
yield ['jane@example.org', 'main'];
8888
yield ['john@example.org', 'custom'];
8989
}
90+
91+
public function testMultipleFirewalls()
92+
{
93+
$client = $this->createClient(['test_case' => 'Authenticator', 'root_config' => 'multiple_firewalls.yml']);
94+
95+
$client->request('POST', '/firewall1/login', [
96+
'_username' => 'jane@example.org',
97+
'_password' => 'test',
98+
]);
99+
100+
$client->request('GET', '/firewall2/profile');
101+
$this->assertResponseRedirects('http://localhost/login');
102+
}
90103
}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Authenticator/multiple_firewalls.yml

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
imports:
2+
- { resource: ./config.yml }
3+
- { resource: ./security.yml }
4+
5+
security:
6+
enable_authenticator_manager: true
7+
firewalls:
8+
firewall1:
9+
pattern: /firewall1
10+
provider: in_memory
11+
form_login:
12+
check_path: /firewall1/login
13+
firewall2:
14+
pattern: /firewall2
15+
provider: in_memory2
16+
form_login:
17+
check_path: /firewall2/login

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Authenticator/routing.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,3 +18,11 @@ security_main_profile:
1818
security_custom_profile:
1919
path: /custom/user_profile
2020
defaults: { _controller: Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\AuthenticatorBundle\SecurityController::profileAction }
21+
22+
firewall1_login:
23+
path: /firewall1/login
24+
25+
firewall2_profile:
26+
path: /firewall2/profile
27+
defaults:
28+
_controller: Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\AuthenticatorBundle\ProfileController

src/Symfony/Component/Security/Http/Firewall/ContextListener.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -93,7 +93,7 @@ public function authenticate(RequestEvent $event)
9393
$request = $event->getRequest();
9494
$session = $request->hasPreviousSession() && $request->hasSession() ? $request->getSession() : null;
9595

96-
$request->attributes->set('_security_firewall_run', true);
96+
$request->attributes->set('_security_firewall_run', $this->sessio 8000 nKey);
9797

9898
if (null !== $session) {
9999
$usageIndexValue = $session instanceof Session ? $usageIndexReference = &$session->getUsageIndex() : 0;
@@ -167,7 +167,7 @@ public function onKernelResponse(ResponseEvent $event)
167167

168168
$request = $event->getRequest();
169169

170-
if (!$request->hasSession() || !$request->attributes->get('_security_firewall_run', false)) {
170+
if (!$request->hasSession() || $request->attributes->get('_security_firewall_run') !== $this->sessionKey) {
171171
return;
172172
}
173173

src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -106,7 +106,7 @@ public function testOnKernelResponseWithoutSession()
106106
$tokenStorage = new TokenStorage();
107107
$tokenStorage->setToken(new UsernamePasswordToken('test1', 'pass1', 'phpunit'));
108108
$request = new Request();
109-
$request->attributes->set('_security_firewall_run', true);
109+
$request->attributes->set('_security_firewall_run', '_security_session');
110110
$session = new Session(new MockArraySessionStorage());
111111
$request->setSession($session);
112112

@@ -212,7 +212,7 @@ public function testOnKernelResponseListenerRemovesItself()
212212
$listener = new ContextListener($tokenStorage, [], 'key123', null, $dispatcher);
213213

214214
$request = new Request();
215-
$request->attributes->set('_security_firewall_run', true);
215+
$request->attributes->set('_security_firewall_run', '_security_key123');
216216
$request->setSession($session);
217217

218218
$event = new ResponseEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST, new Response());
@@ -370,7 +370,7 @@ protected function runSessionOnKernelResponse($newToken, $original = null)
370370
{
371371
$session = new Session(new MockArraySessionStorage());
372372
$request = new Request();
373-
$request->attributes->set('_security_firewall_run', true);
373+
$request->attributes->set('_security_firewall_run', '_security_session');
374374
$request->setSession($session);
375375
$requestStack = new RequestStack();
376376
$requestStack->push($request);

0 commit comments

Comments
 (0)
0