bug #26014 [Security] Fixed being logged out on failed attempt in guard (iltar)
This PR was merged into the 2.8 branch.
Discussion
----------
[Security] Fixed being logged out on failed attempt in guard
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25992
| License | MIT
| Doc PR | ~
This fixes the issue described in the ticket. After this fix, guard will no longer "forget" your authentication when your next attempt fails.
Commits
-------
4fc0ecbf90
Fixed being logged out on failed attempt in guard
This commit is contained in:
commit
4057067b99
@ -18,7 +18,6 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInt
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
|
||||
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
|
||||
use Symfony\Component\Security\Http\SecurityEvents;
|
||||
|
||||
@ -116,11 +115,6 @@ class GuardAuthenticatorHandler
|
||||
*/
|
||||
public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey)
|
||||
{
|
||||
$token = $this->tokenStorage->getToken();
|
||||
if ($token instanceof PostAuthenticationGuardToken && $providerKey === $token->getProviderKey()) {
|
||||
$this->tokenStorage->setToken(null);
|
||||
}
|
||||
|
||||
$response = $guardAuthenticator->onAuthenticationFailure($request, $authenticationException);
|
||||
if ($response instanceof Response || null === $response) {
|
||||
// returning null is ok, it means they want the request to continue
|
||||
|
@ -81,7 +81,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
|
||||
/**
|
||||
* @dataProvider getTokenClearingTests
|
||||
*/
|
||||
public function testHandleAuthenticationClearsToken($tokenClass, $tokenProviderKey, $actualProviderKey, $shouldTokenBeCleared)
|
||||
public function testHandleAuthenticationClearsToken($tokenClass, $tokenProviderKey, $actualProviderKey)
|
||||
{
|
||||
$token = $this->getMockBuilder($tokenClass)
|
||||
->disableOriginalConstructor()
|
||||
@ -90,12 +90,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
|
||||
->method('getProviderKey')
|
||||
->will($this->returnValue($tokenProviderKey));
|
||||
|
||||
// make the $token be the current token
|
||||
$this->tokenStorage->expects($this->once())
|
||||
->method('getToken')
|
||||
->will($this->returnValue($token));
|
||||
|
||||
$this->tokenStorage->expects($shouldTokenBeCleared ? $this->once() : $this->never())
|
||||
$this->tokenStorage->expects($this->never())
|
||||
->method('setToken')
|
||||
->with(null);
|
||||
$authException = new AuthenticationException('Bad password!');
|
||||
@ -115,9 +110,9 @@ class GuardAuthenticatorHandlerTest extends TestCase
|
||||
{
|
||||
$tests = array();
|
||||
// correct token class and matching firewall => clear the token
|
||||
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'the_firewall_key', true);
|
||||
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'different_key', false);
|
||||
$tests[] = array('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', 'the_firewall_key', 'the_firewall_key', false);
|
||||
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'the_firewall_key');
|
||||
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'different_key');
|
||||
$tests[] = array('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', 'the_firewall_key', 'the_firewall_key');
|
||||
|
||||
return $tests;
|
||||
}
|
||||
|
Reference in New Issue
Block a user