Renamed key to secret
This commit is contained in:
WouterJ
parent
515007e941
commit
55f59d55a2
@ -601,7 +601,8 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
|
|
||||||
* The `Resources/` directory was moved to `Core/Resources/`
|
* The `Resources/` directory was moved to `Core/Resources/`
|
||||||
|
|
||||||
* The `key` settings of `anonymous` and `remember_me` are renamed to `secret`.
|
* The `key` settings of `anonymous`, `remember_me` and `http_digest` are
|
||||||
|
renamed to `secret`.
|
||||||
|
|
||||||
Before:
|
Before:
|
||||||
|
|
||||||
@ -614,6 +615,8 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
anonymous: { key: "%secret%" }
|
anonymous: { key: "%secret%" }
|
||||||
remember_me:
|
remember_me:
|
||||||
key: "%secret%"
|
key: "%secret%"
|
||||||
|
http_digest:
|
||||||
|
key: "%secret%"
|
||||||
```
|
```
|
||||||
|
|
||||||
```xml
|
```xml
|
||||||
@ -626,6 +629,7 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
|
|
||||||
<anonymous key="%secret%"/>
|
<anonymous key="%secret%"/>
|
||||||
<remember-me key="%secret%"/>
|
<remember-me key="%secret%"/>
|
||||||
|
<http-digest key="%secret%"/>
|
||||||
</firewall>
|
</firewall>
|
||||||
</config>
|
</config>
|
||||||
```
|
```
|
||||||
@ -638,6 +642,7 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
// ...
|
// ...
|
||||||
'anonymous' => array('key' => '%secret%'),
|
'anonymous' => array('key' => '%secret%'),
|
||||||
'remember_me' => array('key' => '%secret%'),
|
'remember_me' => array('key' => '%secret%'),
|
||||||
|
'http_digest' => array('key' => '%secret%'),
|
||||||
),
|
),
|
||||||
));
|
));
|
||||||
```
|
```
|
||||||
@ -653,6 +658,8 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
anonymous: { secret: "%secret%" }
|
anonymous: { secret: "%secret%" }
|
||||||
remember_me:
|
remember_me:
|
||||||
secret: "%secret%"
|
secret: "%secret%"
|
||||||
|
http_digest:
|
||||||
|
secret: "%secret%"
|
||||||
```
|
```
|
||||||
|
|
||||||
```xml
|
```xml
|
||||||
@ -665,6 +672,7 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
|
|
||||||
<anonymous secret="%secret%"/>
|
<anonymous secret="%secret%"/>
|
||||||
<remember-me secret="%secret%"/>
|
<remember-me secret="%secret%"/>
|
||||||
|
<http-digest secret="%secret%"/>
|
||||||
</firewall>
|
</firewall>
|
||||||
</config>
|
</config>
|
||||||
```
|
```
|
||||||
@ -677,6 +685,7 @@ UPGRADE FROM 2.x to 3.0
|
|||||||
// ...
|
// ...
|
||||||
'anonymous' => array('secret' => '%secret%'),
|
'anonymous' => array('secret' => '%secret%'),
|
||||||
'remember_me' => array('secret' => '%secret%'),
|
'remember_me' => array('secret' => '%secret%'),
|
||||||
|
'http_digest' => array('secret' => '%secret%'),
|
||||||
),
|
),
|
||||||
));
|
));
|
||||||
```
|
```
|
||||||
|
|||||||
@ -4,8 +4,8 @@ CHANGELOG
|
|||||||
2.8.0
|
2.8.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
* deprecated the `key` setting of `anonymous` and `remember_me` in favor of the
|
* deprecated the `key` setting of `anonymous`, `remember_me` and `http_digest`
|
||||||
`secret` setting.
|
in favor of the `secret` setting.
|
||||||
|
|
||||||
2.6.0
|
2.6.0
|
||||||
-----
|
-----
|
||||||
|
|||||||
@ -58,10 +58,26 @@ class HttpDigestFactory implements SecurityFactoryInterface
|
|||||||
public function addConfiguration(NodeDefinition $node)
|
public function addConfiguration(NodeDefinition $node)
|
||||||
{
|
{
|
||||||
$node
|
$node
|
||||||
|
->beforeNormalization()
|
||||||
|
->ifTrue(function ($v) { return isset($v['key']); })
|
||||||
|
->then(function ($v) {
|
||||||
|
if (isset($v['secret'])) {
|
||||||
|
throw new \LogicException('Cannot set both key and secret options for http_digest, use only secret instead.');
|
||||||
|
}
|
||||||
|
|
||||||
|
@trigger_error('http_digest.key is deprecated since version 2.8 and will be removed in 3.0. Use http_digest.secret instead.', E_USER_DEPRECATED);
|
||||||
|
|
||||||
|
$v['secret'] = $v['key'];
|
||||||
|
|
||||||
|
unset($v['key']);
|
||||||
|
|
||||||
|
return $v;
|
||||||
|
})
|
||||||
|
->end()
|
||||||
->children()
|
->children()
|
||||||
->scalarNode('provider')->end()
|
->scalarNode('provider')->end()
|
||||||
->scalarNode('realm')->defaultValue('Secured Area')->end()
|
->scalarNode('realm')->defaultValue('Secured Area')->end()
|
||||||
->scalarNode('key')->isRequired()->cannotBeEmpty()->end()
|
->scalarNode('secret')->isRequired()->cannotBeEmpty()->end()
|
||||||
->end()
|
->end()
|
||||||
;
|
;
|
||||||
}
|
}
|
||||||
@ -76,7 +92,7 @@ class HttpDigestFactory implements SecurityFactoryInterface
|
|||||||
$container
|
$container
|
||||||
->setDefinition($entryPointId, new DefinitionDecorator('security.authentication.digest_entry_point'))
|
->setDefinition($entryPointId, new DefinitionDecorator('security.authentication.digest_entry_point'))
|
||||||
->addArgument($config['realm'])
|
->addArgument($config['realm'])
|
||||||
->addArgument($config['key'])
|
->addArgument($config['secret'])
|
||||||
;
|
;
|
||||||
|
|
||||||
return $entryPointId;
|
return $entryPointId;
|
||||||
|
|||||||
@ -64,7 +64,7 @@ $container->loadFromExtension('security', array(
|
|||||||
'simple' => array('pattern' => '/login', 'security' => false),
|
'simple' => array('pattern' => '/login', 'security' => false),
|
||||||
'secure' => array('stateless' => true,
|
'secure' => array('stateless' => true,
|
||||||
'http_basic' => true,
|
'http_basic' => true,
|
||||||
'http_digest' => array('key' => 'TheKey'),
|
'http_digest' => array('secret' => 'TheSecret'),
|
||||||
'form_login' => true,
|
'form_login' => true,
|
||||||
'anonymous' => true,
|
'anonymous' => true,
|
||||||
'switch_user' => true,
|
'switch_user' => true,
|
||||||
|
|||||||
@ -49,7 +49,7 @@
|
|||||||
|
|
||||||
<firewall name="secure" stateless="true">
|
<firewall name="secure" stateless="true">
|
||||||
<http-basic />
|
<http-basic />
|
||||||
<http-digest key="TheKey" />
|
<http-digest secret="TheSecret" />
|
||||||
<form-login />
|
<form-login />
|
||||||
<anonymous />
|
<anonymous />
|
||||||
<switch-user />
|
<switch-user />
|
||||||
|
|||||||
@ -47,7 +47,7 @@ security:
|
|||||||
stateless: true
|
stateless: true
|
||||||
http_basic: true
|
http_basic: true
|
||||||
http_digest:
|
http_digest:
|
||||||
key: TheKey
|
secret: TheSecret
|
||||||
form_login: true
|
form_login: true
|
||||||
anonymous: true
|
anonymous: true
|
||||||
switch_user: true
|
switch_user: true
|
||||||
|
|||||||
@ -4,8 +4,8 @@ CHANGELOG
|
|||||||
2.8.0
|
2.8.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
* deprecated `getKey()` of the `AnonymousToken`, `RememberMeToken` and `AbstractRememberMeServices` classes
|
* deprecated `getKey()` of the `AnonymousToken`, `RememberMeToken`,
|
||||||
in favor of `getSecret()`.
|
`AbstractRememberMeServices` and `DigestAuthenticationEntryPoint` classes in favor of `getSecret()`.
|
||||||
* deprecated `Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface`, use
|
* deprecated `Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface`, use
|
||||||
`Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface` instead
|
`Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface` instead
|
||||||
* deprecated `Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface`, use
|
* deprecated `Symfony\Component\Security\Core\Authentication\SimpleFormAuthenticatorInterface`, use
|
||||||
|
|||||||
@ -33,7 +33,7 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
|
|||||||
/**
|
/**
|
||||||
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
|
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException
|
||||||
*/
|
*/
|
||||||
public function testAuthenticateWhenKeyIsNotValid()
|
public function testAuthenticateWhenSecretIsNotValid()
|
||||||
{
|
{
|
||||||
$provider = $this->getProvider('foo');
|
$provider = $this->getProvider('foo');
|
||||||
|
|
||||||
@ -48,19 +48,19 @@ class AnonymousAuthenticationProviderTest extends \PHPUnit_Framework_TestCase
|
|||||||
$this->assertSame($token, $provider->authenticate($token));
|
$this->assertSame($token, $provider->authenticate($token));
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function getSupportedToken($key)
|
protected function getSupportedToken($secret)
|
||||||
{
|
{
|
||||||
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getSecret'), array(), '', false);
|
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\AnonymousToken', array('getSecret'), array(), '', false);
|
||||||
$token->expects($this->any())
|
$token->expects($this->any())
|
||||||
->method('getSecret')
|
->method('getSecret')
|
||||||
->will($this->returnValue($key))
|
->will($this->returnValue($secret))
|
||||||
;
|
;
|
||||||
|
|
||||||
return $token;
|
return $token;
|
||||||
}
|
}
|
||||||
|
|
||||||
protected function getProvider($key)
|
protected function getProvider($secret)
|
||||||
{
|
{
|
||||||
return new AnonymousAuthenticationProvider($key);
|
return new AnonymousAuthenticationProvider($secret);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -24,15 +24,15 @@ use Psr\Log\LoggerInterface;
|
|||||||
*/
|
*/
|
||||||
class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface
|
class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterface
|
||||||
{
|
{
|
||||||
private $key;
|
private $secret;
|
||||||
private $realmName;
|
private $realmName;
|
||||||
private $nonceValiditySeconds;
|
private $nonceValiditySeconds;
|
||||||
private $logger;
|
private $logger;
|
||||||
|
|
||||||
public function __construct($realmName, $key, $nonceValiditySeconds = 300, LoggerInterface $logger = null)
|
public function __construct($realmName, $secret, $nonceValiditySeconds = 300, LoggerInterface $logger = null)
|
||||||
{
|
{
|
||||||
$this->realmName = $realmName;
|
$this->realmName = $realmName;
|
||||||
$this->key = $key;
|
$this->secret = $secret;
|
||||||
$this->nonceValiditySeconds = $nonceValiditySeconds;
|
$this->nonceValiditySeconds = $nonceValiditySeconds;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
}
|
}
|
||||||
@ -43,7 +43,7 @@ class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterfac
|
|||||||
public function start(Request $request, AuthenticationException $authException = null)
|
public function start(Request $request, AuthenticationException $authException = null)
|
||||||
{
|
{
|
||||||
$expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000;
|
$expiryTime = microtime(true) + $this->nonceValiditySeconds * 1000;
|
||||||
$signatureValue = md5($expiryTime.':'.$this->key);
|
$signatureValue = md5($expiryTime.':'.$this->secret);
|
||||||
$nonceValue = $expiryTime.':'.$signatureValue;
|
$nonceValue = $expiryTime.':'.$signatureValue;
|
||||||
$nonceValueBase64 = base64_encode($nonceValue);
|
$nonceValueBase64 = base64_encode($nonceValue);
|
||||||
|
|
||||||
@ -65,11 +65,21 @@ class DigestAuthenticationEntryPoint implements AuthenticationEntryPointInterfac
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return string
|
* @deprecated Since version 2.8, to be removed in 3.0. Use getSecret() instead.
|
||||||
*/
|
*/
|
||||||
public function getKey()
|
public function getKey()
|
||||||
{
|
{
|
||||||
return $this->key;
|
@trigger_error(__method__.'() is deprecated since version 2.8 and will be removed in 3.0. Use getSecret() instead.', E_USER_DEPRECATED);
|
||||||
|
|
||||||
|
return $this->getSecret();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getSecret()
|
||||||
|
{
|
||||||
|
return $this->secret;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
@ -27,14 +27,14 @@ use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
|
|||||||
class AnonymousAuthenticationListener implements ListenerInterface
|
class AnonymousAuthenticationListener implements ListenerInterface
|
||||||
{
|
{
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $key;
|
private $secret;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
private $logger;
|
private $logger;
|
||||||
|
|
||||||
public function __construct(TokenStorageInterface $tokenStorage, $key, LoggerInterface $logger = null, AuthenticationManagerInterface $authenticationManager = null)
|
public function __construct(TokenStorageInterface $tokenStorage, $secret, LoggerInterface $logger = null, AuthenticationManagerInterface $authenticationManager = null)
|
||||||
{
|
{
|
||||||
$this->tokenStorage = $tokenStorage;
|
$this->tokenStorage = $tokenStorage;
|
||||||
$this->key = $key;
|
$this->secret = $secret;
|
||||||
$this->authenticationManager = $authenticationManager;
|
$this->authenticationManager = $authenticationManager;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
}
|
}
|
||||||
@ -51,7 +51,7 @@ class AnonymousAuthenticationListener implements ListenerInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
$token = new AnonymousToken($this->key, 'anon.', array());
|
$token = new AnonymousToken($this->secret, 'anon.', array());
|
||||||
if (null !== $this->authenticationManager) {
|
if (null !== $this->authenticationManager) {
|
||||||
$token = $this->authenticationManager->authenticate($token);
|
$token = $this->authenticationManager->authenticate($token);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -23,7 +23,7 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
$authenticationException = new AuthenticationException('TheAuthenticationExceptionMessage');
|
$authenticationException = new AuthenticationException('TheAuthenticationExceptionMessage');
|
||||||
|
|
||||||
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey');
|
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheSecret');
|
||||||
$response = $entryPoint->start($request, $authenticationException);
|
$response = $entryPoint->start($request, $authenticationException);
|
||||||
|
|
||||||
$this->assertEquals(401, $response->getStatusCode());
|
$this->assertEquals(401, $response->getStatusCode());
|
||||||
@ -34,7 +34,7 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$request = $this->getMock('Symfony\Component\HttpFoundation\Request');
|
$request = $this->getMock('Symfony\Component\HttpFoundation\Request');
|
||||||
|
|
||||||
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey');
|
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheSecret');
|
||||||
$response = $entryPoint->start($request);
|
$response = $entryPoint->start($request);
|
||||||
|
|
||||||
$this->assertEquals(401, $response->getStatusCode());
|
$this->assertEquals(401, $response->getStatusCode());
|
||||||
@ -47,7 +47,7 @@ class DigestAuthenticationEntryPointTest extends \PHPUnit_Framework_TestCase
|
|||||||
|
|
||||||
$nonceExpiredException = new NonceExpiredException('TheNonceExpiredExceptionMessage');
|
$nonceExpiredException = new NonceExpiredException('TheNonceExpiredExceptionMessage');
|
||||||
|
|
||||||
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheKey');
|
$entryPoint = new DigestAuthenticationEntryPoint('TheRealmName', 'TheSecret');
|
||||||
$response = $entryPoint->start($request, $nonceExpiredException);
|
$response = $entryPoint->start($request, $nonceExpiredException);
|
||||||
|
|
||||||
$this->assertEquals(401, $response->getStatusCode());
|
$this->assertEquals(401, $response->getStatusCode());
|
||||||
|
|||||||
Reference in New Issue
Block a user