From 6ea76cafc273757d527edee5435e7809cc3ba9bf Mon Sep 17 00:00:00 2001 From: Santiago San Martin Date: Mon, 28 Apr 2025 21:14:38 -0300 Subject: [PATCH] Fix: exclude remember_me from security login authenticators --- .../Bundle/SecurityBundle/Security.php | 3 +- .../SecurityBundle/Tests/SecurityTest.php | 48 ++++++++++++++++++- 2 files changed, 48 insertions(+), 3 deletions(-) diff --git a/src/Symfony/Bundle/SecurityBundle/Security.php b/src/Symfony/Bundle/SecurityBundle/Security.php index acb30adba8adf..6b5286f2ea868 100644 --- a/src/Symfony/Bundle/SecurityBundle/Security.php +++ b/src/Symfony/Bundle/SecurityBundle/Security.php @@ -188,8 +188,7 @@ private function getAuthenticator(?string $authenticatorName, string $firewallNa $firewallAuthenticatorLocator = $this->authenticators[$firewallName]; if (!$authenticatorName) { - $authenticatorIds = array_keys($firewallAuthenticatorLocator->getProvidedServices()); - + $authenticatorIds = array_filter(array_keys($firewallAuthenticatorLocator->getProvidedServices()), fn (string $authenticatorId) => $authenticatorId !== \sprintf('security.authenticator.remember_me.%s', $firewallName)); if (!$authenticatorIds) { throw new LogicException(sprintf('No authenticator was found for the firewall "%s".', $firewallName)); } diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php index 35bd329b2297e..c150730c2a8cb 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/SecurityTest.php @@ -155,7 +155,10 @@ public function testLogin() $firewallAuthenticatorLocator ->expects($this->once()) ->method('getProvidedServices') - ->willReturn(['security.authenticator.custom.dev' => $authenticator]) + ->willReturn([ + 'security.authenticator.custom.dev' => $authenticator, + 'security.authenticator.remember_me.main' => $authenticator + ]) ; $firewallAuthenticatorLocator ->expects($this->once()) @@ -274,6 +277,49 @@ public function testLoginWithoutRequestContext() $security->login($user); } + public function testLoginFailsWhenTooManyAuthenticatorsFound() + { + $request = new Request(); + $authenticator = $this->createMock(AuthenticatorInterface::class); + $requestStack = $this->createMock(RequestStack::class); + $firewallMap = $this->createMock(FirewallMap::class); + $firewall = new FirewallConfig('main', 'main'); + $userAuthenticator = $this->createMock(UserAuthenticatorInterface::class); + $user = $this->createMock(UserInterface::class); + $userChecker = $this->createMock(UserCheckerInterface::class); + + $container = $this->createMock(ContainerInterface::class); + $container + ->expects($this->atLeastOnce()) + ->method('get') + ->willReturnMap([ + ['request_stack', $requestStack], + ['security.firewall.map', $firewallMap], + ['security.authenticator.managers_locator', $this->createContainer('main', $userAuthenticator)], + ['security.user_checker_locator', $this->createContainer('main', $userChecker)], + ]) + ; + + $requestStack->expects($this->once())->method('getCurrentRequest')->willReturn($request); + $firewallMap->expects($this->once())->method('getFirewallConfig')->willReturn($firewall); + + $firewallAuthenticatorLocator = $this->createMock(ServiceProviderInterface::class); + $firewallAuthenticatorLocator + ->expects($this->once()) + ->method('getProvidedServices') + ->willReturn([ + 'security.authenticator.custom.main' => $authenticator, + 'security.authenticator.other.main' => $authenticator + ]) + ; + + $security = new Security($container, ['main' => $firewallAuthenticatorLocator]); + + $this->expectException(\LogicException::class); + $this->expectExceptionMessage('Too many authenticators were found for the current firewall "main". You must provide an instance of "Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface" to login programmatically. The available authenticators for the firewall "main" are "security.authenticator.custom.main" ,"security.authenticator.other.main'); + $security->login($user); + } + public function testLogout() { $request = new Request();