minor #14491 [2.3][SECURITY] Add remember me cookie configuration (klaascuvelier)
This PR was squashed before being merged into the 2.3 branch (closes #14491).
Discussion
----------
[2.3][SECURITY] Add remember me cookie configuration
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14490
| License | MIT
| Doc PR |
Commits
-------
e8f0e5a
[2.3][SECURITY] Add remember me cookie configuration
This commit is contained in:
commit
4d57d587c1
|
@ -34,7 +34,10 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
|
||||||
const COOKIE_DELIMITER = ':';
|
const COOKIE_DELIMITER = ':';
|
||||||
|
|
||||||
protected $logger;
|
protected $logger;
|
||||||
protected $options;
|
protected $options = array(
|
||||||
|
'secure' => false,
|
||||||
|
'httponly' => true,
|
||||||
|
);
|
||||||
private $providerKey;
|
private $providerKey;
|
||||||
private $key;
|
private $key;
|
||||||
private $userProviders;
|
private $userProviders;
|
||||||
|
@ -65,7 +68,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
|
||||||
$this->userProviders = $userProviders;
|
$this->userProviders = $userProviders;
|
||||||
$this->key = $key;
|
$this->key = $key;
|
||||||
$this->providerKey = $providerKey;
|
$this->providerKey = $providerKey;
|
||||||
$this->options = $options;
|
$this->options = array_merge($this->options, $options);
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -91,11 +91,8 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
||||||
$request = new Request();
|
$request = new Request();
|
||||||
$response = new Response();
|
$response = new Response();
|
||||||
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
|
||||||
|
|
||||||
$service->logout($request, $response, $token);
|
$service->logout($request, $response, $token);
|
||||||
|
|
||||||
$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
|
$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
|
||||||
|
|
||||||
$this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie);
|
$this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie);
|
||||||
$this->assertTrue($cookie->isCleared());
|
$this->assertTrue($cookie->isCleared());
|
||||||
$this->assertSame($options['name'], $cookie->getName());
|
$this->assertSame($options['name'], $cookie->getName());
|
||||||
|
@ -286,13 +283,6 @@ class AbstractRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
||||||
$userProvider = $this->getProvider();
|
$userProvider = $this->getProvider();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($options['secure'])) {
|
|
||||||
$options['secure'] = false;
|
|
||||||
}
|
|
||||||
if (!isset($options['httponly'])) {
|
|
||||||
$options['httponly'] = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
|
return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
|
||||||
array($userProvider), 'fookey', 'fookey', $options, $logger,
|
array($userProvider), 'fookey', 'fookey', $options, $logger,
|
||||||
));
|
));
|
||||||
|
|
|
@ -313,13 +313,6 @@ class PersistentTokenBasedRememberMeServicesTest extends \PHPUnit_Framework_Test
|
||||||
$userProvider = $this->getProvider();
|
$userProvider = $this->getProvider();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($options['secure'])) {
|
|
||||||
$options['secure'] = false;
|
|
||||||
}
|
|
||||||
if (!isset($options['httponly'])) {
|
|
||||||
$options['httponly'] = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
|
return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -266,13 +266,6 @@ class TokenBasedRememberMeServicesTest extends \PHPUnit_Framework_TestCase
|
||||||
$userProvider = $this->getProvider();
|
$userProvider = $this->getProvider();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!isset($options['secure'])) {
|
|
||||||
$options['secure'] = false;
|
|
||||||
}
|
|
||||||
if (!isset($options['httponly'])) {
|
|
||||||
$options['httponly'] = true;
|
|
||||||
}
|
|
||||||
|
|
||||||
$service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
|
$service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
|
||||||
|
|
||||||
return $service;
|
return $service;
|
||||||
|
|
Reference in New Issue