8000 Merge AuthenticatorManager and AuthenticatorHandler · symfony/symfony@bf1a452 · GitHub
[go: up one dir, main page]

Skip to content

Commit bf1a452

Browse files
committed
Merge AuthenticatorManager and AuthenticatorHandler
The AuthenticatorManager now performs the whole authentication process. This allows for manual authentication without duplicating or publicly exposing parts of the process.
1 parent 44cc76f commit bf1a452

31 files changed

+590
-635
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 5 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -156,8 +156,8 @@ public function load(array $configs, ContainerBuilder $container)
156156
->replaceArgument(2, $this->statelessFirewallKeys);
157157

158158
if ($this->authenticatorManagerEnabled) {
159-
$container->getDefinition('security.authenticator_handler')
160-
->replaceArgument(2, $this->statelessFirewallKeys);
159+
$container->getDefinition(SessionListener::class)
160+
->replaceArgument(1, $this->statelessFirewallKeys);
161161
}
162162

163163
if ($config['encoders']) {
@@ -444,25 +444,19 @@ private function createFirewall(ContainerBuilder $container, string $id, array $
444444
return new Reference($id);
445445
}, $firewallAuthenticationProviders);
446446
$container
447-
->setDefinition($managerId = 'security.authenticator.manager.'.$id, new ChildDefinition('security.authentication.manager.authenticator'))
447+
->setDefinition($managerId = 'security.authenticator.manager.'.$id, new ChildDefinition('security.authenticator.manager'))
448448
->replaceArgument(0, $authenticators)
449+
->replaceArgument(3, $id)
450+
->addTag('monolog.logger', ['channel' => 'security'])
449451
;
450452

451453
$managerLocator = $container->getDefinition('security.authenticator.managers_locator');
452454
$managerLocator->replaceArgument(0, array_merge($managerLocator->getArgument(0), [$id => new ServiceClosureArgument(new Reference($managerId))]));
453455

454456
// authenticator manager listener
455-
$container
456-
->setDefinition('security.firewall.authenticator.'.$id.'.locator', new ChildDefinition('security.firewall.authenticator.locator'))
457-
->setArguments([$authenticators])
458-
->addTag('container.service_locator')
459-
;
460-
461457
$container
462458
->setDefinition('security.firewall.authenticator.'.$id, new ChildDefinition('security.firewall.authenticator'))
463459
->replaceArgument(0, new Reference($managerId))
464-
->replaceArgument(2, new Reference('security.firewall.authenticator.'.$id.'.locator'))
465-
->replaceArgument(3, $id)
466460
;
467461

468462
$listeners[] = new Reference('security.firewall.authenticator.'.$id);

src/Symfony/Bundle/SecurityBundle/EventListener/LazyAuthenticatorManagerListener.php

Lines changed: 0 additions & 64 deletions
This file was deleted.

src/Symfony/Bundle/SecurityBundle/Resources/config/guard.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88
<defaults public="false" />
99

1010
<service id="security.authentication.guard_handler"
11-
class="Symfony\Component\Security\Guard\GuardHandler"
11+
class="Symfony\Component\Security\Guard\GuardAuthenticatorHandler"
1212
>
1313
<argument type="service" id="security.token_storage" />
1414
<argument type="service" id="event_dispatcher" on-invalid="null" />
@@ -18,7 +18,7 @@
1818
</call>
1919
</service>
2020

21-
<service id="AuthenticatorHandler" alias="security.authentication.guard_handler" />
21+
<service id="Symfony\Component\Security\Guard\GuardAuthenticatorHandler" alias="security.authentication.guard_handler" />
2222

2323
<!-- See GuardAuthenticationFactory -->
2424
<service id="security.authentication.provider.guard"

src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.xml

Lines changed: 17 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -6,56 +6,39 @@
66
<services>
77
<!-- Manager -->
88

9-
<service id="security.authentication.manager.authenticator"
9+
<service id="security.authenticator.manager"
1010
class="Symfony\Component\Security\Http\Authentication\AuthenticatorManager"
1111
abstract="true"
1212
>
1313
<argument type="abstract">authenticators</argument>
14+
<argument type="service" id="security.token_storage" />
1415
<argument type="service" id="event_dispatcher" />
16+
<argument type="abstract">provider key</argument>
17+
<argument type="service" id="logger" on-invalid="null" />
1518
<argument>%security.authentication.manager.erase_credentials%</argument>
16-
<call method="setEventDispatcher">
17-
<argument type="service" id="event_dispatcher" />
18-
</call>
1919
</service>
2020

2121
<service id="security.authenticator.managers_locator"
2222
class="Symfony\Component\DependencyInjection\ServiceLocator">
2323
<argument type="collection" />
2424
</service>
2525

26-
<service id="security.authentication.manager"
27-
class="Symfony\Bundle\SecurityBundle\Security\FirewallAwareAuthenticatorManager">
26+
<service id="security.user_authenticator"
27+
class="Symfony\Bundle\SecurityBundle\Security\UserAuthenticator">
2828
<argument type="service" id="security.firewall.map" />
2929
<argument type="service" id="security.authenticator.managers_locator" />
3030
<argument type="service" id="request_stack" />
3131
</service>
32-
<service id="Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface" alias="security.authentication.manager" />
32+
<service id="Symfony\Component\Security\Http\Authentication\UserAuthenticatorInterface" alias="security.user_authenticator" />
3333

34-
<service id="security.authenticator_handler"
35-
class="Symfony\Component\Security\Http\Authentication\AuthenticatorHandler"
36-
>
37-
<argument type="service" id="security.token_storage" />
38-
<argument type="service" id="event_dispatcher" on-invalid="null" />
39-
<argument /> <!-- stateless firewall keys -->
40-
<call method="setSessionAuthenticationStrategy">
41-
<argument type="service" id="security.authentication.session_strategy" />
42-
</call>
43-
</service>
44-
45-
<service id="security.firewall.authenticator.locator"
46-
class="Symfony\Component\DependencyInjection\ServiceLocator"
47-
abstract="true" />
34+
<service id="security.authentication.manager"
35+
class="Symfony\Component\Security\Http\Authentication\NoopAuthenticationManager"/>
36+
<service id="Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface" alias="security.authentication.manager" />
4837

4938
<service id="security.firewall.authenticator"
50-
class="Symfony\Bundle\SecurityBundle\EventListener\LazyAuthenticatorManagerListener"
39+
class="Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener"
5140
abstract="true">
52-
<tag name="monolog.logger" channel="security" />
5341
<argument type="abstract">authenticator manager</argument>
54-
<argument type="service" id="security.authenticator_handler" />
55-
<argument/> <!-- authenticator locator -->
56-
<argument/> <!-- provider key -->
57-
<argument type="service" id="event_dispatcher" />
58-
<argument type="service" id="logger" on-invalid="null" />
5942
</service>
6043

6144
<!-- Listeners -->
@@ -75,6 +58,12 @@
7558
<argument type="service" id="Symfony\Component\Security\Core\User\UserCheckerInterface" />
7659
</service>
7760

61+
<service id="security.listener.session" class="Symfony\Component\Security\Http\EventListener\SessionStrategyListener">
62+
<tag name="kernel.event_subscriber" />
63+
<argument type="service" id="security.authentication.session_strategy" />
64+
<argument type="abstract">stateless firewall keys</argument>
65+
</service>
66+
7867
<service id="security.listener.remember_me"
7968
class="Symfony\Component\Security\Http\EventListener\RememberMeListener"
8069
abstract="true">

src/Symfony/Bundle/SecurityBundle/Security/FirewallAwareAuthenticatorManager.php

Lines changed: 0 additions & 48 deletions
This file was deleted.
Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Bundle\SecurityBundle\Security;
13+
14+
use Psr\Container\ContainerInterface;
15+
use Symfony\Component\HttpFoundation\Request;
16+
use Symfony\Component\HttpFoundation\RequestStack;
17+
use Symfony\Component\HttpFoundation\Response;
18+
use Symfony\Component\Security\Core\Exception\LogicException;
19+
use Symfony\Component\Security\Core\User\UserInterface;
20+
use Symfony\Component\Security\Http\Authentication\UserAuthenticatorInterface;
21+
use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
22+
23+
/**
24+
* A decorator that delegates all method calls to the authenticator
25+
* manager of the current firewall.
26+
*
27+
* @author Wouter de Jong <wouter@wouterj.nl>
28+
*
29+
* @final
30+
* @experimental in Symfony 5.1
31+
*/
32+
class UserAuthenticator implements UserAuthenticatorInterface
33+
{
34+
private $firewallMap;
35+
private $userAuthenticators;
36+
private $requestStack;
37+
38+
public function __construct(FirewallMap $firewallMap, ContainerInterface $userAuthenticators, RequestStack $requestStack)
39+
{
40+
$this->firewallMap = $firewallMap;
41+
$this->userAuthenticators = $userAuthenticators;
42+
$this->requestStack = $requestStack;
43+
}
44+
45+
public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request): ?Response
46+
{
47+
return $this->getUserAuthenticator()->authenticateUser($user, $authenticator, $request);
48+
}
49+
50+
private function getUserAuthenticator(): UserAuthenticatorInterface
51+
{
52+
$firewallConfig = $this->firewallMap->getFirewallConfig($this->requestStack->getMasterRequest());
53+
if (null === $firewallConfig) {
54+
throw new LogicException('Cannot call authenticate on this request, as it is not behind a firewall.');
55+
}
56+
57+
return $this->userAuthenticators->get($firewallConfig->getName());
58+
}
59+
}

src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
2020
use Symfony\Component\Security\Core\Exception\AuthenticationException;
2121
use Symfony\Component\Security\Guard\AuthenticatorInterface;
22-
use Symfony\Component\Security\Guard\GuardHandler;
23-
use Symfony\Component\Security\Guard\Token\PreAuthenticationToken as GuardPreAuthenticationGuardToken;
22+
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
23+
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken as GuardPreAuthenticationGuardToken;
2424
use Symfony\Component\Security\Http\Firewall\AbstractListener;
2525
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
2626

@@ -45,7 +45,7 @@ class GuardAuthenticationListener extends AbstractListener
4545
* @param string $providerKey The provider (i.e. firewall) key
4646
* @param iterable|AuthenticatorInterface[] $guardAuthenticators The authenticators, with keys that match what's passed to GuardAuthenticationProvider
4747
*/
48-
public function __construct(GuardHandler $guardHandler, AuthenticationManagerInterface $authenticationManager, string $providerKey, iterable $guardAuthenticators, LoggerInterface $logger = null)
48+
public function __construct(GuardAuthenticatorHandler $guardHandler, AuthenticationManagerInterface $authenticationManager, string $providerKey, iterable $guardAuthenticators, LoggerInterface $logger = null)
4949
{
5050
if (empty($providerKey)) {
5151
throw new \InvalidArgumentException('$providerKey must not be empty.');
@@ -121,7 +121,7 @@ public function setRememberMeServices(RememberMeServicesInterface $rememberMeSer
121121
protected function executeGuardAuthenticators(array $guardAuthenticators, RequestEvent $event): void
122122
{
123123
foreach ($guardAuthenticators as $key => $guardAuthenticator) {
124-
$uniqueGuardKey = $this->providerKey.'_'.$key;;
124+
$uniqueGuardKey = $this->providerKey.'_'.$key;
125125

126126
$this->executeGuardAuthenticator($uniqueGuardKey, $guardAuthenticator, $event);
127127

0 commit comments

Comments
 (0)
0