Fix: exclude remember_me from security login authenticators

santysisi · santysisi · commit fabc0e321a83 · 2025-05-09T18:01:00.000-03:00
diff --git a/src/Symfony/Bundle/SecurityBundle/Security.php b/src/Symfony/Bundle/SecurityBundle/Security.php
@@ -188,8 +188,7 @@ private function getAuthenticator(?string $authenticatorName, string $firewallNa
         $firewallAuthenticatorLocator = $this->authenticators[$firewallName];
 
         if (!$authenticatorName) {
-            $authenticatorIds = array_keys($firewallAuthenticatorLocator->getProvidedServices());
-
+            $authenticatorIds = array_filter(array_keys($firewallAuthenticatorLocator->getProvidedServices()), fn (string $authenticatorId) => $authenticatorId !== \sprintf('security.authenticator.remember_me.%s', $firewallName));
             if (!$authenticatorIds) {
                 throw new LogicException(sprintf('No authenticator was found for the firewall "%s".', $firewallName));
             }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php
@@ -155,7 +155,10 @@ public function testLogin()
         $firewallAuthenticatorLocator
             ->expects($this->once())
             ->method('getProvidedServices')
-            ->willReturn(['security.authenticator.custom.dev' => $authenticator])
+            ->willReturn([
+                'security.authenticator.custom.dev' => $authenticator,
+                'security.authenticator.remember_me.main' => $authenticator
+            ])
         ;
         $firewallAuthenticatorLocator
             ->expects($this->once())
@@ -274,6 +277,49 @@ public function testLoginWithoutRequestContext()
         $security->login($user);
     }
 
+    public function testLoginFailsWhenTooManyAuthenticatorsFound()
+    {
+        $request = new Request();
+        $authenticator = $this->createMock(AuthenticatorInterface::class);
+        $requestStack = $this->createMock(RequestStack::class);
+        $firewallMap = $this->createMock(FirewallMap::class);
+        $firewall = new FirewallConfig('main', 'main');
+        $userAuthenticator = $this->createMock(UserAuthenticatorInterface::class);
+        $user = $this->createMock(UserInterface::class);
+        $userChecker = $this->createMock(UserCheckerInterface::class);
+
+        $container = $this->createMock(ContainerInterface::class);
+        $container
+            ->expects($this->atLeastOnce())
+            ->method('get')
+            ->willReturnMap([
+                ['request_stack', $requestStack],
+                ['security.firewall.map', $firewallMap],
+                ['security.authenticator.managers_locator', $this->createContainer('main', $userAuthenticator)],
+                ['security.user_checker_locator', $this->createContainer('main', $userChecker)],
+            ])
+        ;
+
+        $requestStack->expects($this->once())->method('getCurrentRequest')->willReturn($request);
+        $firewallMap->expects($this->once())->method('getFirewallConfig')->willReturn($firewall);
+
+        $firewallAuthenticatorLocator = $this->createMock(ServiceProviderInterface::class);
+        $firewallAuthenticatorLocator
+            ->expects($this->once())
+            ->method('getProvidedServices')
+            ->willReturn([
+                'security.authenticator.custom.main' => $authenticator,
+                'security.authenticator.other.main' => $authenticator
+            ])
+        ;
+
+        $security = new Security($container, ['main' => $firewallAuthenticatorLocator]);
+
+        $this->expectException(\LogicException::class);
+        $this->expectExceptionMessage('Too many authenticators were found for the current firewall "main". You must provide an instance of "Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface" to login programmatically. The available authenticators for the firewall "main" are "security.authenticator.custom.main" ,"security.authenticator.other.main');
+        $security->login($user);
+    }
+
     public function testLogout()
     {
         $request = new Request();

Original file line number	Diff line number	Diff line change
`@@ -188,8 +188,7 @@ private function getAuthenticator(?string $authenticatorName, string $firewallNa`
`188`	`188`	`$firewallAuthenticatorLocator = $this->authenticators[$firewallName];`
`189`	`189`
`190`	`190`	`if (!$authenticatorName) {`
`191`		`- $authenticatorIds = array_keys($firewallAuthenticatorLocator->getProvidedServices());`
`192`		`-`
	`191`	`+ $authenticatorIds = array_filter(array_keys($firewallAuthenticatorLocator->getProvidedServices()), fn (string $authenticatorId) => $authenticatorId !== \sprintf('security.authenticator.remember_me.%s', $firewallName));`
`193`	`192`	`if (!$authenticatorIds) {`
`194`	`193`	`throw new LogicException(sprintf('No authenticator was found for the firewall "%s".', $firewallName));`
`195`	`194`	`}`