[Security] Skip user checks if not implementing UserInterface
This commit is contained in:
parent
e775871d82
commit
384acf9f7f
@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Core\Authentication\Provider;
|
|||||||
|
|
||||||
use Symfony\Component\Security\Core\User\UserChecker;
|
use Symfony\Component\Security\Core\User\UserChecker;
|
||||||
use Symfony\Component\Security\Core\User\UserCheckerInterface;
|
use Symfony\Component\Security\Core\User\UserCheckerInterface;
|
||||||
|
use Symfony\Component\Security\Core\User\UserInterface;
|
||||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
|
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
|
||||||
@ -45,6 +46,11 @@ class SimpleAuthenticationProvider implements AuthenticationProviderInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
$user = $authToken->getUser();
|
$user = $authToken->getUser();
|
||||||
|
|
||||||
|
if (!$user instanceof UserInterface) {
|
||||||
|
return $authToken;
|
||||||
|
}
|
||||||
|
|
||||||
$this->userChecker->checkPreAuth($user);
|
$this->userChecker->checkPreAuth($user);
|
||||||
$this->userChecker->checkPostAuth($user);
|
$this->userChecker->checkPostAuth($user);
|
||||||
|
|
||||||
|
@ -15,6 +15,7 @@ use PHPUnit\Framework\TestCase;
|
|||||||
use Symfony\Component\Security\Core\Exception\DisabledException;
|
use Symfony\Component\Security\Core\Exception\DisabledException;
|
||||||
use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
|
use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
|
||||||
use Symfony\Component\Security\Core\Exception\LockedException;
|
use Symfony\Component\Security\Core\Exception\LockedException;
|
||||||
|
use Symfony\Component\Security\Core\User\UserChecker;
|
||||||
|
|
||||||
class SimpleAuthenticationProviderTest extends TestCase
|
class SimpleAuthenticationProviderTest extends TestCase
|
||||||
{
|
{
|
||||||
@ -72,6 +73,20 @@ class SimpleAuthenticationProviderTest extends TestCase
|
|||||||
$provider->authenticate($token);
|
$provider->authenticate($token);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testAuthenticateSkipsUserChecksForNonUserInterfaceObjects()
|
||||||
|
{
|
||||||
|
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
|
||||||
|
$token->expects($this->any())
|
||||||
|
->method('getUser')
|
||||||
|
->will($this->returnValue('string-user'));
|
||||||
|
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
|
||||||
|
$authenticator->expects($this->once())
|
||||||
|
->method('authenticateToken')
|
||||||
|
->will($this->returnValue($token));
|
||||||
|
|
||||||
|
$this->assertSame($token, $this->getProvider($authenticator, null, new UserChecker())->authenticate($token));
|
||||||
|
}
|
||||||
|
|
||||||
protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
|
protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
|
||||||
{
|
{
|
||||||
if (null === $userChecker) {
|
if (null === $userChecker) {
|
||||||
|
Reference in New Issue
Block a user