8000 [SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners by rjkip · Pull Request #12296 · symfony/symfony · GitHub
[go: up one dir, main page]

Skip to content

[SecurityBundle] Authentication entry point is only registered with firewall exception listener, not with authentication listeners #12296

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 2 commits into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -349,8 +349,11 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a
;
}

// Determine default entry point
$defaultEntryPoint = isset($firewall['entry_point']) ? $firewall['entry_point'] : null;

// Authentication listeners
list($authListeners, $defaultEntryPoint) = $this->createAuthenticationListeners($container, $id, $firewall, $authenticationProviders, $defaultProvider);
list($authListeners, $defaultEntryPoint) = $this->createAuthenticationListeners($container, $id, $firewall, $authenticationProviders, $defaultProvider, $defaultEntryPoint);

$listeners = array_merge($listeners, $authListeners);

Expand All @@ -362,11 +365,6 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a
// Access listener
$listeners[] = new Reference('security.access_listener');

// Determine default entry point
if (isset($firewall['entry_point'])) {
$defaultEntryPoint = $firewall['entry_point'];
}

// Exception listener
$exceptionListener = new Reference($this->createExceptionListener($container, $firewall, $id, $defaultEntryPoint));

Expand All @@ -386,11 +384,10 @@ private function createContextListener($container, $contextKey)
return $this->contextListeners[$contextKey] = $listenerId;
}

private function createAuthenticationListeners($container, $id, $firewall, &$authenticationProviders, $defaultProvider)
private function createAuthenticationListeners($container, $id, $firewall, &$authenticationProviders, $defaultProvider, $defaultEntryPoint)
{
$listeners = array();
$hasListeners = false;
$defaultEntryPoint = null;

foreach ($this->listenerPositions as $position) {
foreach ($this->factories[$position] as $factory) {
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle\DependencyInjection;

use Symfony\Component\Config\FileLocator;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Loader\XmlFileLoader;
use Symfony\Component\HttpKernel\DependencyInjection\Extension;

class FirewallEntryPointExtension extends Extension
{
public function load(array $config, ContainerBuilder $container)
{
$loader = new XmlFileLoader($container, new FileLocator(__DIR__.'/../Resources/config'));
$loader->load('services.xml');
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle;

use Symfony\Component\HttpKernel\Bundle\Bundle;

class FirewallEntryPointBundle extends Bundle
{
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
<services>
<service id="firewall_entry_point.entry_point.stub"
class="Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle\Security\EntryPointStub"
/>
</services>
</container>
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle\Security;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;

class EntryPointStub implements AuthenticationEntryPointInterface
{
const RESPONSE_TEXT = '2be8e651259189d841a19eecdf37e771e2431741';

public function start(Request $request, AuthenticationException $authException = null)
{
return new Response(self::RESPONSE_TEXT);
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
<?php

/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/

namespace Symfony\Bundle\SecurityBundle\Tests\Functional;

use Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle\Security\EntryPointStub;

/**
* @group functional
*/
class FirewallEntryPointTest extends WebTestCase
{
public function testItUsesTheConfiguredEntryPointWhenUsingUnknownCredentials()
{
$client = $this->createClient(array('test_case' => 'FirewallEntryPoint'));
$client->insulate();

$client->request('GET', '/secure/resource', array(), array(), array(
'PHP_AUTH_USER' => 'unknown',
'PHP_AUTH_PW' => 'credentials',
));

$this->assertEquals(
EntryPointStub::RESPONSE_TEXT,
$client->getResponse()->getContent(),
"Custom entry point wasn't started"
);
}

protected function setUp()
{
parent::setUp();

$this->deleteTmpDir('FirewallEntryPoint');
}

protected function tearDown()
{
parent::tearDown();

$this->deleteTmpDir('FirewallEntryPoint');
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
<?php

return array(
new Symfony\Bundle\FrameworkBundle\FrameworkBundle(),
new Symfony\Bundle\SecurityBundle\SecurityBundle(),
new Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\FirewallEntryPointBundle\FirewallEntryPointBundle(),
);
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
framework:
secret: test
csrf_protection:
enabled: true
router: { resource: "%kernel.root_dir%/%kernel.test_case%/routing.yml" }
validation: { enabled: true, enable_annotations: true }
form: ~
test: ~
default_locale: en
session:
storage_id: session.storage.mock_file
profiler: { only_exceptions: false }

services:
logger: { class: Symfony\Component\HttpKernel\Log\NullLogger }

security:
firewalls:
secure:
pattern: ^/secure/
http_basic: { realm: "Secure Gateway API" }
entry_point: firewall_entry_point.entry_point.stub
default:
anonymous: ~
access_control:
- { path: ^/secure/, roles: ROLE_SECURE }
providers:
in_memory:
memory:
users:
john: { password: doe, roles: [ROLE_SECURE] }
encoders:
Symfony\Component\Security\Core\User\User: plaintext
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
secure_resource:
path: /secure/resource
0