[Security] Skip user checks if not implementing UserInterface
This commit is contained in:
parent
e775871d82
commit
384acf9f7f
|
@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Core\Authentication\Provider;
|
|||
|
||||
use Symfony\Component\Security\Core\User\UserChecker;
|
||||
use Symfony\Component\Security\Core\User\UserCheckerInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
|
||||
|
@ -45,6 +46,11 @@ class SimpleAuthenticationProvider implements AuthenticationProviderInterface
|
|||
}
|
||||
|
||||
$user = $authToken->getUser();
|
||||
|
||||
if (!$user instanceof UserInterface) {
|
||||
return $authToken;
|
||||
}
|
||||
|
||||
$this->userChecker->checkPreAuth($user);
|
||||
$this->userChecker->checkPostAuth($user);
|
||||
|
||||
|
|
|
@ -15,6 +15,7 @@ use PHPUnit\Framework\TestCase;
|
|||
use Symfony\Component\Security\Core\Exception\DisabledException;
|
||||
use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
|
||||
use Symfony\Component\Security\Core\Exception\LockedException;
|
||||
use Symfony\Component\Security\Core\User\UserChecker;
|
||||
|
||||
class SimpleAuthenticationProviderTest extends TestCase
|
||||
{
|
||||
|
@ -72,6 +73,20 @@ class SimpleAuthenticationProviderTest extends TestCase
|
|||
$provider->authenticate($token);
|
||||
}
|
||||
|
||||
public function testAuthenticateSkipsUserChecksForNonUserInterfaceObjects()
|
||||
{
|
||||
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
|
||||
$token->expects($this->any())
|
||||
->method('getUser')
|
||||
->will($this->returnValue('string-user'));
|
||||
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
|
||||
$authenticator->expects($this->once())
|
||||
->method('authenticateToken')
|
||||
->will($this->returnValue($token));
|
||||
|
||||
$this->assertSame($token, $this->getProvider($authenticator, null, new UserChecker())->authenticate($token));
|
||||
}
|
||||
|
||||
protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
|
||||
{
|
||||
if (null === $userChecker) {
|
||||
|
|
Reference in New Issue