diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

minor #40672 [Security] [Passport] improve dx and document AuthenticationException (jrushlow)

Browse Source 
This PR was merged into the 5.2 branch.

Discussion
----------

[Security] [Passport] improve dx and document AuthenticationException

| Q             | A
| ------------- | ---
| Branch?       | 5.2
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | no
| Tickets       | N/A
| License       | MIT
| Doc PR        | tbd

`Passport::getUser()` (Instance of `UserPassportInterface::class`) throws an `AuthenticationException::class`
 if a user does not exist. Let's document that for better DX and visibility.

Use case:

- User login w/ a `username` that does not exist (custom json authenticator)
- Attempt Authentication...
- Auth failed `LoginFailureEvent` dispatched
- snippet below:
```php
// Userland\LoginFailureEventSubscriber::class

public function dispatchFailure(LoginFailureEvent $event): void
{
   $user = $event->getPassport()->getUser();

   $message = new UserlandMessage($user);

  $this->messageBus->dispatch($message);
}
```
- `401` status is returned.

The above subscriber fails silently because a `UsernameNotFoundException` was ultimately thrown from `UserBadge::getUser()`.

Commits
-------

97ceba0f5d improve dx and document auth exception
This commit is contained in:
Wouter de Jong 2021-04-05 14:32:26 +02:00
commit 2ad08d5a02
3 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/UserBadge.php
View File

@ -11,6 +11,7 @@
namespace Symfony\Component\Security\Http\Authenticator\Passport\Badge;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Http\EventListener\UserProviderListener;
@ -55,6 +56,9 @@ class UserBadge implements BadgeInterface
return $this->userIdentifier;
}
/**
* @throws AuthenticationException when the user cannot be found
*/
public function getUser(): UserInterface
{
if (null === $this->user) {

3
src/Symfony/Component/Security/Http/Authenticator/Passport/Passport.php
View File

@ -55,6 +55,9 @@ class Passport implements UserPassportInterface
}
}
/**
* {@inheritdoc}
*/
public function getUser(): UserInterface
{
if (null === $this->user) {

4
src/Symfony/Component/Security/Http/Authenticator/Passport/UserPassportInterface.php
View File

@ -11,6 +11,7 @@
namespace Symfony\Component\Security\Http\Authenticator\Passport;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserInterface;
/**
@ -22,5 +23,8 @@ use Symfony\Component\Security\Core\User\UserInterface;
*/
interface UserPassportInterface extends PassportInterface
{
/**
* @throws AuthenticationException when the user cannot be found
*/
public function getUser(): UserInterface;
}