8000 Reverted changes to the Guard component · symfony/symfony@f5e11e5 · GitHub
[go: up one dir, main page]
Skip to content

Commit f5e11e5

Browse files
wouterjwouterj
committed
Reverted changes to the Guard component
1 parent ba3754a commit f5e11e5

File tree

5 files changed

+55
-69
lines changed

5 files changed

+55
-69
lines changed

src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php

Lines changed: 26 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@
2020
use Symfony\Component\Security\Core\Exception\AuthenticationException;
2121
use Symfony\Component\Security\Guard\AuthenticatorInterface;
2222
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
23-
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken as GuardPreAuthenticationGuardToken;
23+
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
2424
use Symfony\Component\Security\Http\Firewall\AbstractListener;
2525
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
2626

@@ -37,7 +37,7 @@ class GuardAuthenticationListener extends AbstractListener
3737
private $guardHandler;
3838
private $authenticationManager;
3939
private $providerKey;
40-
private $authenticators;
40+
private $guardAuthenticators;
4141
private $logger;
4242
private $rememberMeServices;
4343

@@ -54,7 +54,7 @@ public function __construct(GuardAuthenticatorHandler $guardHandler, Authenticat
5454
$this->guardHandler = $guardHandler;
5555
$this->authenticationManager = $authenticationManager;
5656
$this->providerKey = $providerKey;
57-
$this->authenticators = $guardAuthenticators;
57+
$this->guardAuthenticators = $guardAuthenticators;
5858
$this->logger = $logger;
5959
}
6060

@@ -66,23 +66,24 @@ public function supports(Request $request): ?bool
6666
if (null !== $this->logger) {
6767
$context = ['firewall_key' => $this->providerKey];
6868

69-
if ($this->authenticators instanceof \Countable || \is_array($this->authenticators)) {
70-
$context['authenticators'] = \count($this->authenticators);
69+
if ($this->guardAuthenticators instanceof \Countable || \is_array($this->guardAuthenticators)) {
70+
$context['authenticators'] = \count($this->guardAuthenticators);
7171
}
7272

7373
$this->logger->debug('Checking for guard authentication credentials.', $context);
7474
}
7575

7676
$guardAuthenticators = [];
77-
foreach ($this->authenticators as $key => $authenticator) {
77+
78+
foreach ($this->guardAuthenticators as $key => $guardAuthenticator) {
7879
if (null !== $this->logger) {
79-
$this->logger->debug('Checking support on authenticator.', ['firewall_key' => $this->providerKey, 'authenticator' => \get_class($authenticator)]);
80+
$this->logger->debug('Checking support on guard authenticator.', ['firewall_key' => $this->providerKey, 'authenticator' => \get_class($guardAuthenticator)]);
8081
}
8182

82-
if ($authenticator->supports($request)) {
83-
$guardAuthenticators[$key] = $authenticator;
83+
if ($guardAuthenticator->supports($request)) {
84+
$guardAuthenticators[$key] = $guardAuthenticator;
8485
} elseif (null !== $this->logger) {
85-
$this->logger->debug('Authenticator does not support the request.', ['firewall_key' => $this->providerKey, 'authenticator' => \get_class($authenticator)]);
86+
$this->logger->debug('Guard authenticator does not support the request.', ['firewall_key' => $this->providerKey, 'authenticator' => \get_class($guardAuthenticator)]);
8687
}
8788
}
8889

@@ -104,23 +105,9 @@ public function authenticate(RequestEvent $event)
104105
$guardAuthenticators = $request->attributes->get('_guard_authenticators');
105106
$request->attributes->remove('_guard_authenticators');
106107

107-
$this->executeGuardAuthenticators($guardAuthenticators, $event);
108-
}
109-
110-
/**
111-
* Should be called if this listener will support remember me.
112-
*/
113-
public function setRememberMeServices(RememberMeServicesInterface $rememberMeServices)
114-
{
115-
$this->rememberMeServices = $rememberMeServices;
116-
}
117-
118-
/**
119-
* @param AuthenticatorInterface[] $guardAuthenticators
120-
*/
121-
protected function executeGuardAuthenticators(array $guardAuthenticators, RequestEvent $event): void
122-
{
123108
foreach ($guardAuthenticators as $key => $guardAuthenticator) {
109+
// get a key that's unique to *this* guard authenticator
110+
// this MUST be the same as GuardAuthenticationProvider
124111
$uniqueGuardKey = $this->providerKey.'_'.$key;
125112

126113
$this->executeGuardAuthenticator($uniqueGuardKey, $guardAuthenticator, $event);
@@ -151,7 +138,7 @@ private function executeGuardAuthenticator(string $uniqueGuardKey, Authenticator
151138
}
152139

153140
// create a token with the unique key, so that the provider knows which authenticator to use
154-
$token = new GuardPreAuthenticationGuardToken($credentials, $uniqueGuardKey, $this->providerKey);
141+
$token = new PreAuthenticationGuardToken($credentials, $uniqueGuardKey);
155142

156143
if (null !== $this->logger) {
157144
$this->logger->debug('Passing guard token information to the GuardAuthenticationProvider', ['firewall_key' => $this->providerKey, 'authenticator' => \get_class($guardAuthenticator)]);
@@ -200,12 +187,20 @@ private function executeGuardAuthenticator(string $uniqueGuardKey, Authenticator
200187
$this->triggerRememberMe($guardAuthenticator, $request, $token, $response);
201188
}
202189

203-
protected function triggerRememberMe($guardAuthenticator, Request $request, TokenInterface $token, Response $response = null)
190+
/**
191+
* Should be called if this listener will support remember me.
192+
*/
193+
public function setRememberMeServices(RememberMeServicesInterface $rememberMeServices)
204194
{
205-
if (!$guardAuthenticator instanceof AuthenticatorInterface && !$guardAuthenticator instanceof CoreAuthenticatorInterface) {
206-
throw new \UnexpectedValueException('Invalid guard authenticator passed to '.__METHOD__.'. Expected AuthenticatorInterface of either Security Core or Security Guard.');
207-
}
195+
$this->rememberMeServices = $rememberMeServices;
196+
}
208197

198+
/**
199+
* Checks to see if remember me is supported in the authenticator and
200+
* on the firewall. If it is, the RememberMeServicesInterface is notified.
201+
*/
202+
private function triggerRememberMe(AuthenticatorInterface $guardAuthenticator, Request $request, TokenInterface $token, Response $response = null)
203+
{
209204
if (null === $this->rememberMeServices) {
210205
if (null !== $this->logger) {
211206
$this->logger->debug('Remember me skipped: it is not configured for the firewall.', ['authenticator' => \get_class($guardAuthenticator)]);

src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php

Lines changed: 26 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,6 @@
2626
use Symfony\Component\Security\Guard\PasswordAuthenticatedInterface;
2727
use Symfony\Component\Security\Guard\Token\GuardTokenInterface;
2828
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
29-
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
3029

3130
/**
3231
* Responsible for accepting the PreAuthenticationGuardToken and calling
@@ -39,20 +38,19 @@ class GuardAuthenticationProvider implements AuthenticationProviderInterface
3938
/**
4039
* @var AuthenticatorInterface[]
4140
*/
42-
private $authenticators;
41+
private $guardAuthenticators;
4342
private $userProvider;
4443
private $providerKey;
4544
private $userChecker;
4645
private $passwordEncoder;
47-
private $rememberMeServices;
4846

4947
/**
5048
* @param iterable|AuthenticatorInterface[] $guardAuthenticators The authenticators, with keys that match what's passed to GuardAuthenticationListener
5149
* @param string $providerKey The provider (i.e. firewall) key
5250
*/
5351
public function __construct(iterable $guardAuthenticators, UserProviderInterface $userProvider, string $providerKey, UserCheckerInterface $userChecker, UserPasswordEncoderInterface $passwordEncoder = null)
5452
{
55-
$this->authenticators = $guardAuthenticators;
53+
$this->guardAuthenticators = $guardAuthenticators;
5654
$this->userProvider = $userProvider;
5755
$this->providerKey = $providerKey;
5856
$this->userChecker = $userChecker;
@@ -98,27 +96,14 @@ public function authenticate(TokenInterface $token)
9896
throw new AuthenticationException(sprintf('Token with provider key "%s" did not originate from any of the guard authenticators of provider "%s".', $token->getGuardProviderKey(), $this->providerKey));
9997
}
10098

101-
return $this->authenticateViaGuard($guardAuthenticator, $token, $this->providerKey);
99+
return $this->authenticateViaGuard($guardAuthenticator, $token);
102100
}
103101

104-
public function supports(TokenInterface $token)
105-
{
106-
if ($token instanceof PreAuthenticationGuardToken) {
107-
return null !== $this->findOriginatingAuthenticator($token);
108-
}
109-
110-
return $token instanceof GuardTokenInterface;
111-
}
112-
113-
public function setRememberMeServices(RememberMeServicesInterface $rememberMeServices)
114-
{
115-
$this->rememberMeServices = $rememberMeServices;
116-
}
117-
118-
private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator, PreAuthenticationGuardToken $token, string $providerKey): TokenInterface
102+
private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator, PreAuthenticationGuardToken $token): GuardTokenInterface
119103
{
120104
// get the user from the GuardAuthenticator
121105
$user = $guardAuthenticator->getUser($token->getCredentials(), $this->userProvider);
106+
122107
if (null === $user) {
123108
throw new UsernameNotFoundException(sprintf('Null returned from "%s::getUser()".', get_debug_type($guardAuthenticator)));
124109
}
@@ -135,14 +120,13 @@ private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator
135120

136121
throw new BadCredentialsException(sprintf('Authentication failed because "%s::checkCredentials()" did not return true.', get_debug_type($guardAuthenticator)));
137122
}
138-
139123
if ($this->userProvider instanceof PasswordUpgraderInterface && $guardAuthenticator instanceof PasswordAuthenticatedInterface && null !== $this->passwordEncoder && (null !== $password = $guardAuthenticator->getPassword($token->getCredentials())) && method_exists($this->passwordEncoder, 'needsRehash') && $this->passwordEncoder->needsRehash($user)) {
140124
$this->userProvider->upgradePassword($user, $this->passwordEncoder->encodePassword($user, $password));
141125
}
142126
$this->userChecker->checkPostAuth($user);
143127

144128
// turn the UserInterface into a TokenInterface
145-
$authenticatedToken = $guardAuthenticator->createAuthenticatedToken($user, $providerKey);
129+
$authenticatedToken = $guardAuthenticator->createAuthenticatedToken($user, $this->providerKey);
146130
if (!$authenticatedToken instanceof TokenInterface) {
147131
throw new \UnexpectedValueException(sprintf('The "%s::createAuthenticatedToken()" method must return a TokenInterface. You returned "%s".', get_debug_type($guardAuthenticator), get_debug_type($authenticatedToken)));
148132
}
@@ -152,18 +136,29 @@ private function authenticateViaGuard(AuthenticatorInterface $guardAuthenticator
152136

153137
private function findOriginatingAuthenticator(PreAuthenticationGuardToken $token): ?AuthenticatorInterface
154138
{
155-
// find the *one* Authenticator that this token originated from
156-
foreach ($this->authenticators as $key => $authenticator) {
157-
// get a key that's unique to *this* authenticator
158-
// this MUST be the same as AuthenticatorManagerListener
159-
$uniqueAuthenticatorKey = $this->providerKey.'_'.$key;
160-
161-
if ($uniqueAuthenticatorKey === $token->getGuardProviderKey()) {
162-
return $authenticator;
139+
// find the *one* GuardAuthenticator that this token originated from
140+
foreach ($this->guardAuthenticators as $key => $guardAuthenticator) {
141+
// get a key that's unique to *this* guard authenticator
142+
// this MUST be the same as GuardAuthenticationListener
143+
$uniqueGuardKey = $this->providerKey.'_'.$key;
144+
145+
if ($uniqueGuardKey === $token->getGuardProviderKey()) {
146+
return $guardAuthenticator;
163147
}
164148
}
165149

166-
// no matching authenticator found
150+
// no matching authenticator found - but there will be multiple GuardAuthenticationProvider
151+
// instances that will be checked if you have multiple firewalls.
152+
167153
return null;
168154
}
155+
156+
public function supports(TokenInterface $token)
157+
{
158+
if ($token instanceof PreAuthenticationGuardToken) {
159+
return null !== $this->findOriginatingAuthenticator($token);
160+
}
161+
162+
return $token instanceof GuardTokenInterface;
163+
}
169164
}

src/Symfony/Component/Security/Guard/Tests/Firewall/GuardAuthenticationListenerTest.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -266,9 +266,7 @@ protected function setUp(): void
266266
->disableOriginalConstructor()
267267
->getMock();
268268

269-
$this->guardAuthenticatorHandler = $this->getMockBuilder(
270-
'Symfony\Component\Security\Guard\GuardAuthenticatorHandler'
271-
)
269+
$this->guardAuthenticatorHandler = $this->getMockBuilder('Symfony\Component\Security\Guard\GuardAuthenticatorHandler')
272270
->disableOriginalConstructor()
273271
->getMock();
274272

src/Symfony/Component/Security/Guard/Tests/Provider/GuardAuthenticationProviderTest.php

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -170,9 +170,7 @@ protected function setUp(): void
170170
{
171171
$this->userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
172172
$this->userChecker = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserCheckerInterface')->getMock();
173-
$this->preAuthenticationToken = $this->getMockBuilder(
174-
'Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken'
175-
)
173+
$this->preAuthenticationToken = $this->getMockBuilder('Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken')
176174
->disableOriginalConstructor()
177175
->getMock();
178176
}

src/Symfony/Component/Security/Guard/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
],
1818
"require": {
1919
"php": "^7.2.5",
20-
"symfony/security-core": "^5.1",
20+
"symfony/security-core": "^5.0",
2121
"symfony/security-http": "^4.4.1|^5.0.1",
2222
"symfony/polyfill-php80": "^1.15"
2323
},

0 commit comments

Comments
 (0)
0