[Security\Http] Fix handling secure: auto
using the new RememberMeAuthenticator
This commit is contained in:
parent
bbb0a694fb
commit
3fdc15474c
@ -104,6 +104,10 @@ class RememberMeFactory implements SecurityFactoryInterface, AuthenticatorFactor
|
|||||||
$loader->load('security_authenticator_remember_me.php');
|
$loader->load('security_authenticator_remember_me.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ('auto' === $config['secure']) {
|
||||||
|
$config['secure'] = null;
|
||||||
|
}
|
||||||
|
|
||||||
// create remember me handler (which manage the remember-me cookies)
|
// create remember me handler (which manage the remember-me cookies)
|
||||||
$rememberMeHandlerId = 'security.authenticator.remember_me_handler.'.$firewallName;
|
$rememberMeHandlerId = 'security.authenticator.remember_me_handler.'.$firewallName;
|
||||||
if (isset($config['service']) && isset($config['token_provider'])) {
|
if (isset($config['service']) && isset($config['token_provider'])) {
|
||||||
|
@ -19,8 +19,23 @@ class RememberMeCookieTest extends AbstractWebTestCase
|
|||||||
]);
|
]);
|
||||||
|
|
||||||
$cookies = $client->getResponse()->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
|
$cookies = $client->getResponse()->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
|
||||||
|
$this->assertSame($expectedSecureFlag, $cookies['']['/']['REMEMBERME']->isSecure());
|
||||||
|
}
|
||||||
|
|
||||||
$this->assertEquals($expectedSecureFlag, $cookies['']['/']['REMEMBERME']->isSecure());
|
/** @dataProvider getSessionRememberMeSecureCookieFlagAutoHttpsMap */
|
||||||
|
public function testOldSessionRememberMeSecureCookieFlagAuto($https, $expectedSecureFlag)
|
||||||
|
{
|
||||||
|
$client = $this->createClient(['test_case' => 'RememberMeCookie', 'root_config' => 'legacy_config.yml']);
|
||||||
|
|
||||||
|
$client->request('POST', '/login', [
|
||||||
|
'_username' => 'test',
|
||||||
|
'_password' => 'test',
|
||||||
|
], [], [
|
||||||
|
'HTTPS' => (int) $https,
|
||||||
|
]);
|
||||||
|
|
||||||
|
$cookies = $client->getResponse()->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
|
||||||
|
$this->assertSame($expectedSecureFlag, $cookies['']['/']['REMEMBERME']->isSecure());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function getSessionRememberMeSecureCookieFlagAutoHttpsMap()
|
public function getSessionRememberMeSecureCookieFlagAutoHttpsMap()
|
||||||
|
@ -2,6 +2,7 @@ imports:
|
|||||||
- { resource: ./../config/framework.yml }
|
- { resource: ./../config/framework.yml }
|
||||||
|
|
||||||
security:
|
security:
|
||||||
|
enable_authenticator_manager: true
|
||||||
password_hashers:
|
password_hashers:
|
||||||
Symfony\Component\Security\Core\User\InMemoryUser: plaintext
|
Symfony\Component\Security\Core\User\InMemoryUser: plaintext
|
||||||
|
|
||||||
@ -22,4 +23,3 @@ security:
|
|||||||
secret: key
|
secret: key
|
||||||
secure: auto
|
secure: auto
|
||||||
logout: ~
|
logout: ~
|
||||||
anonymous: ~
|
|
||||||
|
@ -0,0 +1,25 @@
|
|||||||
|
imports:
|
||||||
|
- { resource: ./../config/framework.yml }
|
||||||
|
|
||||||
|
security:
|
||||||
|
password_hashers:
|
||||||
|
Symfony\Component\Security\Core\User\InMemoryUser: plaintext
|
||||||
|
|
||||||
|
providers:
|
||||||
|
in_memory:
|
||||||
|
memory:
|
||||||
|
users:
|
||||||
|
test: { password: test, roles: [ROLE_USER] }
|
||||||
|
|
||||||
|
firewalls:
|
||||||
|
default:
|
||||||
|
form_login:
|
||||||
|
check_path: login
|
||||||
|
remember_me: true
|
||||||
|
require_previous_session: false
|
||||||
|
remember_me:
|
||||||
|
always_remember_me: true
|
||||||
|
secret: key
|
||||||
|
secure: auto
|
||||||
|
logout: ~
|
||||||
|
anonymous: ~
|
Reference in New Issue
Block a user