From efa4cb9a66eca0f3bc533b6253a441b57e510e8a Mon Sep 17 00:00:00 2001
From: Robin Chalas <robin.chalas@elao.com>
Date: Sat, 9 Sep 2017 08:49:11 +0200
Subject: [PATCH] [SecurityBundle] Fix valid provider considered undefined

---
 .../DependencyInjection/SecurityExtension.php | 10 ++++----
 .../CompleteConfigurationTest.php             | 12 ++++++++++
 .../Fixtures/php/firewall_provider.php        | 24 +++++++++++++++++++
 .../Fixtures/php/listener_provider.php        | 16 +++++++++++++
 .../Fixtures/xml/firewall_provider.xml        | 20 ++++++++++++++++
 .../Fixtures/xml/listener_provider.xml        | 20 ++++++++++++++++
 .../Fixtures/yml/firewall_provider.yml        | 16 +++++++++++++
 .../Fixtures/yml/listener_provider.yml        | 10 ++++++++
 8 files changed, 123 insertions(+), 5 deletions(-)
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/listener_provider.php
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/firewall_provider.xml
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/listener_provider.xml
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/firewall_provider.yml
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/listener_provider.yml

diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
index adfe5b2357..73a1cef128 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -331,10 +331,10 @@ class SecurityExtension extends Extension
 
         // Provider id (take the first registered provider if none defined)
         if (isset($firewall['provider'])) {
-            $defaultProvider = $this->getUserProviderId($firewall['provider']);
-            if (!in_array($defaultProvider, $providerIds, true)) {
+            if (!isset($providerIds[$normalizedName = str_replace('-', '_', $firewall['provider'])])) {
                 throw new InvalidConfigurationException(sprintf('Invalid firewall "%s": user provider "%s" not found.', $id, $firewall['provider']));
             }
+            $defaultProvider = $providerIds[$normalizedName];
         } else {
             $defaultProvider = reset($providerIds);
         }
@@ -491,10 +491,10 @@ class SecurityExtension extends Extension
 
                 if (isset($firewall[$key])) {
                     if (isset($firewall[$key]['provider'])) {
-                        if (!in_array($firewall[$key]['provider'], $providerIds, true)) {
+                        if (!isset($providerIds[$normalizedName = str_replace('-', '_', $firewall[$key]['provider'])])) {
                             throw new InvalidConfigurationException(sprintf('Invalid firewall "%s": user provider "%s" not found.', $id, $firewall[$key]['provider']));
                         }
-                        $userProvider = $this->getUserProviderId($firewall[$key]['provider']);
+                        $userProvider = $providerIds[$normalizedName];
                     } else {
                         $userProvider = $defaultProvider;
                     }
@@ -596,7 +596,7 @@ class SecurityExtension extends Extension
         $providerIds = array();
         foreach ($config['providers'] as $name => $provider) {
             $id = $this->createUserDaoProvider($name, $provider, $container);
-            $providerIds[] = $id;
+            $providerIds[str_replace('-', '_', $name)] = $id;
         }
 
         return $providerIds;
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
index 202107a57a..1cb5a6acda 100644
--- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
@@ -405,6 +405,18 @@ abstract class CompleteConfigurationTest extends TestCase
         $this->getContainer('listener_undefined_provider');
     }
 
+    public function testFirewallWithUserProvider()
+    {
+        $this->getContainer('firewall_provider');
+        $this->addToAssertionCount(1);
+    }
+
+    public function testFirewallListenerWithProvider()
+    {
+        $this->getContainer('listener_provider');
+        $this->addToAssertionCount(1);
+    }
+
     protected function getContainer($file)
     {
         $file = $file.'.'.$this->getFileExtension();
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php
new file mode 100644
index 0000000000..ff9d9f6b89
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php
@@ -0,0 +1,24 @@
+<?php
+
+$container->loadFromExtension('security', array(
+    'providers' => array(
+        'default' => array(
+            'memory' => $memory = array(
+                'users' => array('foo' => array('password' => 'foo', 'roles' => 'ROLE_USER')),
+            ),
+        ),
+        'with-dash' => array(
+            'memory' => $memory,
+        ),
+    ),
+    'firewalls' => array(
+        'main' => array(
+            'provider' => 'default',
+            'form_login' => true,
+        ),
+        'other' => array(
+            'provider' => 'with-dash',
+            'form_login' => true,
+        ),
+    ),
+));
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/listener_provider.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/listener_provider.php
new file mode 100644
index 0000000000..d7f1cd6973
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/listener_provider.php
@@ -0,0 +1,16 @@
+<?php
+
+$container->loadFromExtension('security', array(
+    'providers' => array(
+        'default' => array(
+            'memory' => array(
+                'users' => array('foo' => array('password' => 'foo', 'roles' => 'ROLE_USER')),
+            ),
+        ),
+    ),
+    'firewalls' => array(
+        'main' => array(
+            'form_login' => array('provider' => 'default'),
+        ),
+    ),
+));
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/firewall_provider.xml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/firewall_provider.xml
new file mode 100644
index 0000000000..bd87fee4ab
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/firewall_provider.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<container xmlns="http://symfony.com/schema/dic/services"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:sec="http://symfony.com/schema/dic/security"
+           xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
+
+    <sec:config>
+        <sec:providers>
+            <sec:provider name="with-dash" id="foo" />
+        </sec:providers>
+
+        <sec:firewalls>
+            <sec:firewall name="main" provider="with-dash">
+                <sec:form_login />
+            </sec:firewall>
+        </sec:firewalls>
+    </sec:config>
+
+</container>
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/listener_provider.xml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/listener_provider.xml
new file mode 100644
index 0000000000..b1bcd8eae8
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/listener_provider.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<container xmlns="http://symfony.com/schema/dic/services"
+           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+           xmlns:sec="http://symfony.com/schema/dic/security"
+           xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">
+
+    <sec:config>
+        <sec:providers>
+            <sec:provider name="default" id="foo" />
+        </sec:providers>
+
+        <sec:firewalls>
+            <sec:firewall name="main">
+                <sec:form_login provider="default" />
+            </sec:firewall>
+        </sec:firewalls>
+    </sec:config>
+
+</container>
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/firewall_provider.yml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/firewall_provider.yml
new file mode 100644
index 0000000000..11c329aa8e
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/firewall_provider.yml
@@ -0,0 +1,16 @@
+security:
+    providers:
+        default:
+            memory:
+                users: { foo: { password: foo, roles: ROLE_USER } }
+        with-dash:
+            memory:
+                users: { foo: { password: foo, roles: ROLE_USER } }
+
+    firewalls:
+        main:
+            provider: default
+            form_login: true
+        other:
+            provider: with-dash
+            form_login: true
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/listener_provider.yml b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/listener_provider.yml
new file mode 100644
index 0000000000..652f23b5f0
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/listener_provider.yml
@@ -0,0 +1,10 @@
+security:
+    providers:
+        default:
+            memory:
+                users: { foo: { password: foo, roles: ROLE_USER } }
+
+    firewalls:
+        main:
+            form_login:
+                provider: default