[Security] Load the user before pre/post auth checks when needed
This commit is contained in:
Robin Chalas
parent
34bb83db0a
commit
c318306b44
@ -11,8 +11,11 @@
|
||||
|
||||
namespace Symfony\Component\Security\Core\Authentication\Provider;
|
||||
|
||||
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
|
||||
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
||||
use Symfony\Component\Security\Core\User\UserChecker;
|
||||
use Symfony\Component\Security\Core\User\UserCheckerInterface;
|
||||
use Symfony\Component\Security\Core\User\UserInterface;
|
||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
|
||||
@ -45,6 +48,24 @@ class SimpleAuthenticationProvider implements AuthenticationProviderInterface
|
||||
}
|
||||
|
||||
$user = $authToken->getUser();
|
||||
|
||||
if (!$user instanceof UserInterface) {
|
||||
try {
|
||||
$user = $this->userProvider->loadUserByUsername($user);
|
||||
|
||||
if (!$user instanceof UserInterface) {
|
||||
throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
|
||||
}
|
||||
} catch (UsernameNotFoundException $e) {
|
||||
$e->setUsername($user);
|
||||
throw $e;
|
||||
} catch (\Exception $e) {
|
||||
$e = new AuthenticationServiceException($e->getMessage(), 0, $e);
|
||||
$e->setToken($token);
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
$this->userChecker->checkPreAuth($user);
|
||||
$this->userChecker->checkPostAuth($user);
|
||||
|
||||
|
||||
@ -15,6 +15,7 @@ use PHPUnit\Framework\TestCase;
|
||||
use Symfony\Component\Security\Core\Exception\DisabledException;
|
||||
use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
|
||||
use Symfony\Component\Security\Core\Exception\LockedException;
|
||||
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
||||
|
||||
class SimpleAuthenticationProviderTest extends TestCase
|
||||
{
|
||||
@ -72,6 +73,54 @@ class SimpleAuthenticationProviderTest extends TestCase
|
||||
$provider->authenticate($token);
|
||||
}
|
||||
|
||||
public function testAuthenticateFromString()
|
||||
{
|
||||
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
|
||||
|
||||
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
|
||||
$token->expects($this->any())
|
||||
->method('getUser')
|
||||
->will($this->returnValue('foo'));
|
||||
|
||||
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
|
||||
$authenticator->expects($this->once())
|
||||
->method('authenticateToken')
|
||||
->will($this->returnValue($token));
|
||||
|
||||
$userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
|
||||
$userProvider->expects($this->once())
|
||||
->method('loadUserByUsername')
|
||||
->willReturn($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock());
|
||||
$provider = $this->getProvider($authenticator, $userProvider);
|
||||
|
||||
$this->assertSame($token, $provider->authenticate($token));
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException
|
||||
*/
|
||||
public function testUsernameNotFound()
|
||||
{
|
||||
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
|
||||
|
||||
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
|
||||
$token->expects($this->any())
|
||||
->method('getUser')
|
||||
->will($this->returnValue('foo'));
|
||||
|
||||
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
|
||||
$authenticator->expects($this->once())
|
||||
->method('authenticateToken')
|
||||
->will($this->returnValue($token));
|
||||
|
||||
$userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
|
||||
$userProvider->expects($this->once())
|
||||
->method('loadUserByUsername')
|
||||
->willThrowException(new UsernameNotFoundException());
|
||||
|
||||
$this->getProvider($authenticator, $userProvider)->authenticate($token);
|
||||
}
|
||||
|
||||
protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
|
||||
{
|
||||
if (null === $userChecker) {
|
||||
|
||||
Reference in New Issue
Block a user