diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] Fixed auth provider authenticate() cannot return void 

The AuthenticationManagerInterface requires that authenticate() must return a TokenInterface, never null.
Several authentication providers are violating this. Changed to throw exception instead.
This commit is contained in:
Gunnstein Lye 2017-10-20 15:38:08 +02:00
parent 45e677e562
commit 6e18b56b77
8 changed files with 27 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Symfony/Component/Security/Core/Authentication/Provider/AnonymousAuthenticationProvider.php
View File

@ -12,6 +12,7 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
@ -38,7 +39,7 @@ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if ($this->key !== $token->getKey()) {

3
src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
View File

@ -13,6 +13,7 @@ namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@ -51,7 +52,7 @@ class PreAuthenticatedAuthenticationProvider implements AuthenticationProviderIn
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if (!$user = $token->getUser()) {

3
src/Symfony/Component/Security/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
View File

@ -14,6 +14,7 @@ namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
class RememberMeAuthenticationProvider implements AuthenticationProviderInterface
@ -40,7 +41,7 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if ($this->key !== $token->getKey()) {

2
src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
View File

@ -56,7 +56,7 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
$username = $token->getUsername();

6
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/AnonymousAuthenticationProviderTest.php
View File

@ -24,11 +24,15 @@ class AnonymousAuthenticationProviderTest extends TestCase
$this->assertFalse($provider->supports($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
* @expectedExceptionMessage The token is not supported by this authentication provider.
*/
public function testAuthenticateWhenTokenIsNotSupported()
{
$provider = $this->getProvider('foo');
$this->assertNull($provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
$provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock());
}
/**

6
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/PreAuthenticatedAuthenticationProviderTest.php
View File

@ -36,11 +36,15 @@ class PreAuthenticatedAuthenticationProviderTest extends TestCase
$this->assertFalse($provider->supports($token));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
* @expectedExceptionMessage The token is not supported by this authentication provider.
*/
public function testAuthenticateWhenTokenIsNotSupported()
{
$provider = $this->getProvider();
$this->assertNull($provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
$provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock());
}
/**

6
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/RememberMeAuthenticationProviderTest.php
View File

@ -26,12 +26,16 @@ class RememberMeAuthenticationProviderTest extends TestCase
$this->assertFalse($provider->supports($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
* @expectedExceptionMessage The token is not supported by this authentication provider.
*/
public function testAuthenticateWhenTokenIsNotSupported()
{
$provider = $this->getProvider();
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$this->assertNull($provider->authenticate($token));
$provider->authenticate($token);
}
/**

6
src/Symfony/Component/Security/Core/Tests/Authentication/Provider/UserAuthenticationProviderTest.php
View File

@ -29,11 +29,15 @@ class UserAuthenticationProviderTest extends TestCase
$this->assertFalse($provider->supports($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException
* @expectedExceptionMessage The token is not supported by this authentication provider.
*/
public function testAuthenticateWhenTokenIsNotSupported()
{
$provider = $this->getProvider();
$this->assertNull($provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock()));
$provider->authenticate($this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock());
}
/**