diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed being logged out on failed attempt in guard

Browse Source
This commit is contained in:
Iltar van der Berg 2018-02-02 08:30:49 +01:00
parent 49b94cc995
commit 4fc0ecbf90
2 changed files with 5 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Symfony/Component/Security/Guard/GuardAuthenticatorHandler.php
View File

@ -18,7 +18,6 @@ use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInt
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
use Symfony\Component\Security\Http\Event\InteractiveLoginEvent; use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\Security\Http\SecurityEvents;
@ -116,11 +115,6 @@ class GuardAuthenticatorHandler
*/ */
public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey) public function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, GuardAuthenticatorInterface $guardAuthenticator, $providerKey)
{ {
$token = $this->tokenStorage->getToken();
if ($token instanceof PostAuthenticationGuardToken && $providerKey === $token->getProviderKey()) {
$this->tokenStorage->setToken(null);
}
$response = $guardAuthenticator->onAuthenticationFailure($request, $authenticationException); $response = $guardAuthenticator->onAuthenticationFailure($request, $authenticationException);
if ($response instanceof Response || null === $response) { if ($response instanceof Response || null === $response) {
// returning null is ok, it means they want the request to continue // returning null is ok, it means they want the request to continue

15
src/Symfony/Component/Security/Guard/Tests/GuardAuthenticatorHandlerTest.php
View File

@ -81,7 +81,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
/** /**
* @dataProvider getTokenClearingTests * @dataProvider getTokenClearingTests
*/ */
public function testHandleAuthenticationClearsToken($tokenClass, $tokenProviderKey, $actualProviderKey, $shouldTokenBeCleared) public function testHandleAuthenticationClearsToken($tokenClass, $tokenProviderKey, $actualProviderKey)
{ {
$token = $this->getMockBuilder($tokenClass) $token = $this->getMockBuilder($tokenClass)
->disableOriginalConstructor() ->disableOriginalConstructor()
@ -90,12 +90,7 @@ class GuardAuthenticatorHandlerTest extends TestCase
->method('getProviderKey') ->method('getProviderKey')
->will($this->returnValue($tokenProviderKey)); ->will($this->returnValue($tokenProviderKey));
// make the $token be the current token $this->tokenStorage->expects($this->never())
$this->tokenStorage->expects($this->once())
->method('getToken')
->will($this->returnValue($token));
$this->tokenStorage->expects($shouldTokenBeCleared ? $this->once() : $this->never())
->method('setToken') ->method('setToken')
->with(null); ->with(null);
$authException = new AuthenticationException('Bad password!'); $authException = new AuthenticationException('Bad password!');
@ -115,9 +110,9 @@ class GuardAuthenticatorHandlerTest extends TestCase
{ {
$tests = array(); $tests = array();
// correct token class and matching firewall => clear the token // correct token class and matching firewall => clear the token
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'the_firewall_key', true); $tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'the_firewall_key');
$tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'different_key', false); $tests[] = array('Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken', 'the_firewall_key', 'different_key');
$tests[] = array('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', 'the_firewall_key', 'the_firewall_key', false); $tests[] = array('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', 'the_firewall_key', 'the_firewall_key');
return $tests; return $tests;
} }