8000 Merge branch '4.4' · symfony/symfony@da437e2 · GitHub
[go: up one dir, main page]

Skip to content

Commit da437e2

Browse files
committed
Merge branch '4.4'
* 4.4: [HttpKernel] make ExceptionEvent able to propagate any throwable [Security] Avoid unnecessary usage of Reflection Disallow symfony/contracts v2. minor add missing loop break [Security] Add migrating encoder configuration [Security] Fix defining multiple roles per access_control rule
2 parents 81a177d + 10a349c commit da437e2

31 files changed

+558
-116
lines changed

UPGRADE-4.4.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -154,6 +154,8 @@ HttpKernel
154154
* Marked the `RouterDataCollector::collect()` method as `@final`.
155155
* The `DataCollectorInterface::collect()` and `Profiler::collect()` methods third parameter signature
156156
will be `\Throwable $exception = null` instead of `\Exception $exception = null` in Symfony 5.0.
157+
* Deprecated methods `ExceptionEvent::get/setException()`, use `get/setThrowable()` instead
158+
* Deprecated class `ExceptionListener`, use `ErrorListener` instead
157159

158160
Lock
159161
----

UPGRADE-5.0.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -293,6 +293,8 @@ HttpKernel
293293
* Removed `TranslatorListener` in favor of `LocaleAwareListener`
294294
* The `DebugHandlersListener` class has been made `final`
295295
* Removed `SaveSessionListener` in favor of `AbstractSessionListener`
296+
* Removed methods `ExceptionEvent::get/setException()`, use `get/setThrowable()` instead
297+
* Removed class `ExceptionListener`, use `ErrorListener` instead
296298
* Added new Bundle directory convention consistent with standard skeletons:
297299

298300
```

src/Symfony/Bundle/FrameworkBundle/Console/Application.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,8 +19,8 @@
1919
use Symfony\Component\Console\Output\ConsoleOutputInterface;
2020
use Symfony\Component\Console\Output\OutputInterface;
2121
use Symfony\Component\Console\Style\SymfonyStyle;
22+
use Symfony\Component\Debug\Exception\FatalThrowableError;
2223
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
23-
use Symfony\Component\ErrorHandler\Exception\ErrorException;
2424
use Symfony\Component\HttpKernel\Bundle\Bundle;
2525
use Symfony\Component\HttpKernel\Kernel;
2626
use Symfony\Component\HttpKernel\KernelInterface;
@@ -211,7 +211,7 @@ private function renderRegistrationErrors(InputInterface $input, OutputInterface
211211
$this->doRenderThrowable($error, $output);
212212
} else {
213213
if (!$error instanceof \Exception) {
214-
$error = new ErrorException($error);
214+
$error = new FatalThrowableError($error);
215215
}
216216

217217
$this->doRenderException($error, $output);

src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@
7575
<argument type="service" id="error_renderer" />
7676
</service>
7777

78-
<service id="exception_listener" class="Symfony\Component\HttpKernel\EventListener\ExceptionListener">
78+
<service id="exception_listener" class="Symfony\Component\HttpKernel\EventListener\ErrorListener">
7979
<tag name="kernel.event_subscriber" />
8080
<tag name="monolog.logger" channel="request" />
8181
<argument>%kernel.error_controller%</argument>

src/Symfony/Bundle/FrameworkBundle/Tests/Kernel/ConcreteMicroKernel.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ class ConcreteMicroKernel extends Kernel implements EventSubscriberInterface
3232

3333
public function onKernelException(ExceptionEvent $event)
3434
{
35-
if ($event->getException() instanceof Danger) {
35+
if ($event->getThrowable() instanceof Danger) {
3636
$event->setResponse(Response::create('It\'s dangerous to go alone. Take this ⚔'));
3737
}
3838
}

src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,7 @@ CHANGELOG
2020
4.4.0
2121
-----
2222

23+
* Added `migrate_from` option to encoders configuration.
2324
* Added new `argon2id` encoder, undeprecated the `bcrypt` and `argon2i` ones (using `auto` is still recommended by default.)
2425
* Deprecated the usage of "query_string" without a "search_dn" and a "search_password" config key in Ldap factories.
2526
* Marked the `SecurityDataCollector` class as `@final`.

src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -363,6 +363,10 @@ private function addEncodersSection(ArrayNodeDefinition $rootNode)
363363
->beforeNormalization()->ifString()->then(function ($v) { return ['algorithm' => $v]; })->end()
364364
->children()
365365
->scalarNode('algorithm')->cannotBeEmpty()->end()
366+
->arrayNode('migrate_from')
367+
->prototype('scalar')->end()
368+
->beforeNormalization()->castToArray()->end()
369+
->end()
366370
->scalarNode('hash_algorithm')->info('Name of hashing algorithm for PBKDF2 (i.e. sha256, sha512, etc..) See hash_algos() for a list of supported algorithms.')->defaultValue('sha512')->end()
367371
->scalarNode('key_length')->defaultValue(40)->end()
368372
->booleanNode('ignore_case')->defaultFalse()->end()

src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -507,6 +507,10 @@ private function createEncoder(array $config)
507507
return new Reference($config['id']);
508508
}
509509

510+
if ($config['migrate_from'] ?? false) {
511+
return $config;
512+
}
513+
510514
// plaintext encoder
511515
if ('plaintext' === $config['algorithm']) {
512516
$arguments = [$config['ignore_case']];

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -285,6 +285,7 @@ public function testEncoders()
285285
'cost' => null,
286286
'memory_cost' => null,
287287
'time_cost' => null,
288+
'migrate_from' => [],
288289
],
289290
'JMS\FooBundle\Entity\User3' => [
290291
'algorithm' => 'md5',
@@ -296,6 +297,7 @@ public function testEncoders()
296297
'cost' => null,
297298
'memory_cost' => null,
298299
'time_cost' => null,
300+
'migrate_from' => [],
299301
],
300302
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
301303
'JMS\FooBundle\Entity\User5' => [
@@ -316,6 +318,7 @@ public function testEncoders()
316318
'cost' => null,
317319
'memory_cost' => null,
318320
'time_cost' => null,
321+
'migrate_from' => [],
319322
],
320323
]], $container->getDefinition('security.encoder_factory.generic')->getArguments());
321324
}
@@ -343,6 +346,7 @@ public function testEncodersWithLibsodium()
343346
'cost' => null,
344347
'memory_cost' => null,
345348
'time_cost' => null,
349+
'migrate_from' => [],
346350
],
347351
'JMS\FooBundle\Entity\User3' => [
348352
'algorithm' => 'md5',
@@ -354,6 +358,7 @@ public function testEncodersWithLibsodium()
354358
'cost' => null,
355359
'memory_cost' => null,
356360
'time_cost' => null,
361+
'migrate_from' => [],
357362
],
358363
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
359364
'JMS\FooBundle\Entity\User5' => [
@@ -394,6 +399,7 @@ public function testEncodersWithArgon2i()
394399
'cost' => null,
395400
'memory_cost' => null,
396401
'time_cost' => null,
402+
'migrate_from' => [],
397403
],
398404
'JMS\FooBundle\Entity\User3' => [
399405
'algorithm' => 'md5',
@@ -405,6 +411,7 @@ public function testEncodersWithArgon2i()
405411
'cost' => null,
406412
'memory_cost' => null,
407413
'time_cost' => null,
414+
'migrate_from' => [],
408415
],
409416
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
410417
'JMS\FooBundle\Entity\User5' => [
@@ -422,9 +429,71 @@ public function testEncodersWithArgon2i()
422429
]], $container->getDefinition('security.encoder_factory.generic')->getArguments());
423430
}
424431

432+
public function testMigratingEncoder()
433+
{
434+
if (!($sodium = SodiumPasswordEncoder::isSupported() && !\defined('SODIUM_CRYPTO_PWHASH_ALG_ARGON2ID13')) && !\defined('PASSWORD_ARGON2I')) {
435+
$this->markTestSkipped('Argon2i algorithm is not supported.');
436+
}
437+
438+
$container = $this->getContainer('migrating_encoder');
439+
440+
$this->assertEquals([[
441+
'JMS\FooBundle\Entity\User1' => [
442+
'class' => 'Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder',
443+
'arguments' => [false],
444+
],
445+
'JMS\FooBundle\Entity\User2' => [
446+
'algorithm' => 'sha1',
447+
'encode_as_base64' => false,
448+
'iterations' => 5,
449+
'hash_algorithm' => 'sha512',
450+
'key_length' => 40,
451+
'ignore_case' => false,
452+
'cost' => null,
453+
'memory_cost' => null,
454+
'time_cost' => null,
455+
'migrate_from' => [],
456+
],
457+
'JMS\FooBundle\Entity\User3' => [
458+
'algorithm' => 'md5',
459+
'hash_algorithm' => 'sha512',
460+
'key_length' => 40,
461+
'ignore_case' => false,
462+
'encode_as_base64' => true,
463+
'iterations' => 5000,
464+
'cost' => null,
465+
'memory_cost' => null,
466+
'time_cost' => null,
467+
'migrate_from' => [],
468+
],
469+
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
470+
'JMS\FooBundle\Entity\User5' => [
471+
'class' => 'Symfony\Component\Security\Core\Encoder\Pbkdf2PasswordEncoder',
472+
'arguments' => ['sha1', false, 5, 30],
473+
],
474+
'JMS\FooBundle\Entity\User6' => [
475+
'class' => 'Symfony\Component\Security\Core\Encoder\NativePasswordEncoder',
476+
'arguments' => [8, 102400, 15],
477+
],
478+
'JMS\FooBundle\Entity\User7' => [
479+
'algorithm' => 'argon2i',
480+
'hash_algorithm' => 'sha512',
481+
'key_length' => 40,
482+
'ignore_case' => false,
483+
'encode_as_base64' => true,
484+
'iterations' => 5000,
485+
'cost' => null,
486+
'memory_cost' => 256,
487+
'time_cost' => 1,
488+
'migrate_from' => ['bcrypt'],
489+
],
490+
]], $container->getDefinition('security.encoder_factory.generic')->getArguments());
491+
}
492+
425493
public function testEncodersWithBCrypt()
426494
{
427495
$container = $this->getContainer('bcrypt_encoder');
496+
428497
$this->assertEquals([[
429498
'JMS\FooBundle\Entity\User1' => [
430499
'class' => 'Symfony\Component\Security\Core\Encoder\PlaintextPasswordEncoder',
@@ -440,6 +509,7 @@ public function testEncodersWithBCrypt()
440509
'cost' => null,
441510
'memory_cost' => null,
442511
'time_cost' => null,
512+
'migrate_from' => [],
443513
],
444514
'JMS\FooBundle\Entity\User3' => [
445515
'algorithm' => 'md5',
@@ -451,6 +521,7 @@ public function testEncodersWithBCrypt()
451521
'cost' => null,
452522
'memory_cost' => null,
453523
'time_cost' => null,
524+
'migrate_from' => [],
454525
],
455526
'JMS\FooBundle\Entity\User4' => new Reference('security.encoder.foo'),
456527
'JMS\FooBundle\Entity\User5' => [
Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
<?php
2+
3+
$this->load('container1.php', $container);
4+
5+
$container->loadFromExtension('security', [
6+
'encoders' => [
7+
'JMS\FooBundle\Entity\User7' => [
8+
'algorithm' => 'argon2i',
9+
'memory_cost' => 256,
10+
'time_cost' => 1,
11+
'migrate_from' => 'bcrypt',
12+
],
13+
],
14+
]);
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
<?xml version="1.0" encoding="UTF-8"?>
2+
3+
<container xmlns="http://symfony.com/schema/dic/services"
4+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
5+
xmlns:sec="http://symfony.com/schema/dic/security"
6+
xsi:schemaLocation="http://symfony.com/schema/dic/services https://symfony.com/schema/dic/services/services-1.0.xsd">
7+
8+
<imports>
9+
<import resource="container1.xml"/>
10+
</imports>
11+
12+
<sec:config>
13+
<sec:encoder class="JMS\FooBundle\Entity\User7" algorithm="argon2i" memory-cost="256" time-cost="1">
14+
<sec:migrate-from>bcrypt</sec:migrate-from>
15+
</sec:encoder>
16+
</sec:config>
17+
18+
</container>
Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
imports:
2+
- { resource: container1.yml }
3+
4+
security:
5+
encoders:
6+
JMS\FooBundle\Entity\User7:
7+
algorithm: argon2i
8+
memory_cost: 256
9+
time_cost: 1
10+
migrate_from: bcrypt

src/Symfony/Component/ErrorHandler/Exception/ErrorException.php

Lines changed: 0 additions & 42 deletions
This file was deleted.

src/Symfony/Component/ErrorRenderer/Exception/FlattenException.php

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@
1111

1212
namespace Symfony\Component\ErrorRenderer\Exception;
1313

14-
use Symfony\Component\ErrorHandler\Exception\ErrorException;
1514
use Symfony\Component\HttpFoundation\Exception\RequestExceptionInterface;
1615
use Symfony\Component\HttpFoundation\Response;
1716
use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
@@ -75,7 +74,7 @@ public static function createFromThrowable(\Throwable $exception, int $statusCod
7574
$e->setStatusCode($statusCode);
7675
$e->setHeaders($headers);
7776
$e->setTraceFromThrowable($exception);
78-
$e->setClass($exception instanceof ErrorException ? $exception->getOriginalClassName() : \get_class($exception));
77+
$e->setClass(\get_class($exception));
7978
$e->setFile($exception->getFile());
8079
$e->setLine($exception->getLine());
8180

src/Symfony/Component/ErrorRenderer/Tests/Exception/FlattenExceptionTest.php

Lines changed: 0 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,6 @@
1212
namespace Symfony\Component\ErrorRenderer\Tests\Exception;
1313

1414
use PHPUnit\Framework\TestCase;
15-
use Symfony\Component\ErrorHandler\Exception\ErrorException;
1615
use Symfony\Component\ErrorRenderer\Exception\FlattenException;
1716
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
1817
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
@@ -130,16 +129,6 @@ public function testFlattenHttpException(\Throwable $exception)
130129
$this->assertInstanceOf($flattened->getClass(), $exception, 'The class is set to the class of the original exception');
131130
}
132131

133-
public function testWrappedThrowable()
134-
{
135-
$exception = new ErrorException(new \DivisionByZeroError('Ouch', 42));
136-
$flattened = FlattenException::createFromThrowable($exception);
137-
138-
$this->assertSame('Ouch', $flattened->getMessage(), 'The message is copied from the original error.');
139-
$this->assertSame(42, $flattened->getCode(), 'The code is copied from the original error.');
140-
$this->assertSame('DivisionByZeroError', $flattened->getClass(), 'The class is set to the class of the original error');
141-
}
142-
143132
public function testThrowable()
144133
{
145134
$error = new \DivisionByZeroError('Ouch', 42);

src/Symfony/Component/HttpKernel/CHANGELOG.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -48,6 +48,8 @@ CHANGELOG
4848
* Marked the `RouterDataCollector::collect()` method as `@final`.
4949
* The `DataCollectorInterface::collect()` and `Profiler::collect()` methods third parameter signature
5050
will be `\Throwable $exception = null` instead of `\Exception $exception = null` in Symfony 5.0.
51+
* Deprecated methods `ExceptionEvent::get/setException()`, use `get/setThrowable()` instead
52+
* Deprecated class `ExceptionListener`, use `ErrorListener` instead
5153

5254
4.3.0
5355
-----

src/Symfony/Component/HttpKernel/Controller/ErrorController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ public function preview(Request $request, int $code): Response
5252

5353
/*
5454
* This Request mimics the parameters set by
55-
* \Symfony\Component\HttpKernel\EventListener\ExceptionListener::duplicateRequest, with
55+
* \Symfony\Component\HttpKernel\EventListener\ErrorListener::duplicateRequest, with
5656
* the additional "showException" flag.
5757
*/
5858
$subRequest = $request->duplicate(null, null, [

0 commit comments

Comments
 (0)
0