[Security] Remove hard dependency on $providerKey for default auth success handler #4865
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@asm89 this PR need to be rebased according to github |
|
@stof Done :) |
| @@ -60,6 +58,23 @@ public function onAuthenticationSuccess(Request $request, TokenInterface $token) | |||
| return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request)); | |||
| } | |||
|
|
|||
|
|
|||
| /** | |||
| * @return string | |||
There was a problem hiding this comment.
Can you add the missing parts of the phpdoc? (same for the setter)
|
@fabpot Done. |
fabpot
added a commit
that referenced
this pull request
Jul 12, 2012
Commits ------- 5e6c06f [Security] Remove hard dependency on $providerKey for default auth success handler Discussion ---------- [Security] Remove hard dependency on $providerKey for default auth success handler Bug fix: yes? Feature addition: yes? Backwards compatibility break: no Symfony2 tests pass: [](http://travis-ci.org/asm89/symfony) License of the code: MIT In 8ffaafa a hard dependency was introduced between the default authentication success handling code and the active firewall. This makes sense. However, for people implementing their own success handler this makes it impossible to extend the default class as the `$providerKey` is set in the extension of the security bundle. This PR makes the dependency a soft one so people can extend the class and use the default definition as a parent for their own service. However it is the responsibility of the developers to set the appropriate `$providerKey` if they want to use the target url saved in the session. Imo this is the right way as the developer should also set the appropriate options for the parent class in the overriding constructor. --------------------------------------------------------------------------- by stof at 2012-07-11T19:01:12Z @asm89 this PR need to be rebased according to github --------------------------------------------------------------------------- by asm89 at 2012-07-11T19:13:09Z @stof Done :) --------------------------------------------------------------------------- by asm89 at 2012-07-12T10:07:53Z @fabpot Done.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bug fix: yes?
Feature addition: yes?
Backwards compatibility break: no
Symfony2 tests pass:
License of the code: MIT
In 8ffaafa a hard dependency was introduced between the default authentication success handling code and the active firewall. This makes sense. However, for people implementing their own success handler this makes it impossible to extend the default class as the
$providerKeyis set in the extension of the security bundle.This PR makes the dependency a soft one so people can extend the class and use the default definition as a parent for their own service. However it is the responsibility of the developers to set the appropriate
$providerKeyif they want to use the target url saved in the session. Imo this is the right way as the developer should also set the appropriate options for the parent class in the overriding constructor.