minor #14491 [2.3][SECURITY] Add remember me cookie configuration (klaascuvelier)
This PR was squashed before being merged into the 2.3 branch (closes #14491).
Discussion
----------
[2.3][SECURITY] Add remember me cookie configuration
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14490
| License | MIT
| Doc PR |
Commits
-------
e8f0e5a
[2.3][SECURITY] Add remember me cookie configuration
This commit is contained in:
commit
4d57d587c1
|
@ -34,7 +34,10 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
|
|||
const COOKIE_DELIMITER = ':';
|
||||
|
||||
protected $logger;
|
||||
protected $options;
|
||||
protected $options = array(
|
||||
'secure' => false,
|
||||
'httponly' => true,
|
||||
);
|
||||
private $providerKey;
|
||||
private $key;
|
||||
private $userProviders;
|
||||
|
@ -65,7 +68,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
|
|||
$this->userProviders = $userProviders;
|
||||
$this->key = $key;
|
||||
$this->providerKey = $providerKey;
|
||||
$this->options = $options;
|
||||
$this->options = array_merge($this->options, $options);
|
||||
$this->logger = $logger;
|
||||
}
|
||||
|
||||
|
|
|
@ -91,11 +91,8 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
|||
$request = new Request();
|
||||
$response = new Response();
|
||||
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
||||
|
||||
$service->logout($request, $response, $token);
|
||||
|
||||
$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
|
||||
|
||||
$this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie);
|
||||
$this->assertTrue($cookie->isCleared());
|
||||
$this->assertSame($options['name'], $cookie->getName());
|
||||
|
@ -286,13 +283,6 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
|||
$userProvider = $this->getProvider();
|
||||
}
|
||||
|
||||
if (!isset($options['secure'])) {
|
||||
$options['secure'] = false;
|
||||
}
|
||||
if (!isset($options['httponly'])) {
|
||||
$options['httponly'] = true;
|
||||
}
|
||||
|
||||
return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
|
||||
array($userProvider), 'fookey', 'fookey', $options, $logger,
|
||||
));
|
||||
|
|
|
@ -313,13 +313,6 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test
|
|||
$userProvider = $this->getProvider();
|
||||
}
|
||||
|
||||
if (!isset($options['secure'])) {
|
||||
$options['secure'] = false;
|
||||
}
|
||||
if (!isset($options['httponly'])) {
|
||||
$options['httponly'] = true;
|
||||
}
|
||||
|
||||
return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
|
||||
}
|
||||
|
||||
|
|
|
@ -266,13 +266,6 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
|||
$userProvider = $this->getProvider();
|
||||
}
|
||||
|
||||
if (!isset($options['secure'])) {
|
||||
$options['secure'] = false;
|
||||
}
|
||||
if (!isset($options['httponly'])) {
|
||||
$options['httponly'] = true;
|
||||
}
|
||||
|
||||
$service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
|
||||
|
||||
return $service;
|
||||
|
|
Reference in New Issue