[Security] Unserialize $parentData, if needed, to avoid errors
This commit is contained in:
rfaivre
Nicolas Grekas
parent
87c6683a98
commit
b447433b67
|
|
@ -68,6 +68,7 @@ class AnonymousToken extends AbstractToken
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->secret, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ class PreAuthenticatedToken extends AbstractToken
|
|||
/**
|
||||
* @param string|\Stringable|UserInterface $user
|
||||
* @param mixed $credentials
|
||||
* @param string $providerKey
|
||||
* @param string[] $roles
|
||||
*/
|
||||
public function __construct($user, $credentials, string $providerKey, array $roles = [])
|
||||
|
|
@ -88,6 +87,7 @@ class PreAuthenticatedToken extends AbstractToken
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->credentials, $this->providerKey, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -101,6 +101,7 @@ class RememberMeToken extends AbstractToken
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->secret, $this->providerKey, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,6 +54,7 @@ class SwitchUserToken extends UsernamePasswordToken
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->originalToken, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -99,6 +99,7 @@ class UsernamePasswordToken extends AbstractToken
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->credentials, $this->providerKey, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ abstract class AccountStatusException extends AuthenticationException
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->user, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@ class CustomUserMessageAuthenticationException extends AuthenticationException
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$parentData, $this->messageKey, $this->messageData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -71,6 +71,7 @@ class UsernameNotFoundException extends AuthenticationException
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->username, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -83,6 +83,7 @@ class PostAuthenticationGuardToken extends AbstractToken implements GuardTokenIn
|
|||
public function __unserialize(array $data): void
|
||||
{
|
||||
[$this->providerKey, $parentData] = $data;
|
||||
$parentData = \is_array($parentData) ? $parentData : unserialize($parentData);
|
||||
parent::__unserialize($parentData);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Reference in New Issue