[Security/Http] don't require the session to be started when tracking its id
This commit is contained in:
parent
46e441ff8d
commit
c39188a7cc
@ -115,10 +115,10 @@ class ContextListener extends AbstractListener implements ListenerInterface
|
|||||||
|
|
||||||
if (null !== $session) {
|
if (null !== $session) {
|
||||||
$usageIndexValue = method_exists(Request::class, 'getPreferredFormat') && $session instanceof Session ? $usageIndexReference = &$session->getUsageIndex() : 0;
|
$usageIndexValue = method_exists(Request::class, 'getPreferredFormat') && $session instanceof Session ? $usageIndexReference = &$session->getUsageIndex() : 0;
|
||||||
$sessionId = $session->getId();
|
$sessionId = $request->cookies->get($session->getName());
|
||||||
$token = $session->get($this->sessionKey);
|
$token = $session->get($this->sessionKey);
|
||||||
|
|
||||||
if ($this->sessionTrackerEnabler && $session->getId() === $sessionId) {
|
if ($this->sessionTrackerEnabler && \in_array($sessionId, [true, $session->getId()], true)) {
|
||||||
$usageIndexReference = $usageIndexValue;
|
$usageIndexReference = $usageIndexValue;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -344,6 +344,26 @@ class ContextListenerTest extends TestCase
|
|||||||
$this->assertNull($tokenStorage->getToken());
|
$this->assertNull($tokenStorage->getToken());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @requires function \Symfony\Component\HttpFoundation\Request::getPreferredFormat
|
||||||
|
*/
|
||||||
|
public function testWithPreviousNotStartedSession()
|
||||||
|
{
|
||||||
|
$session = new Session(new MockArraySessionStorage());
|
||||||
|
|
||||||
|
$request = new Request();
|
||||||
|
$request->setSession($session);
|
||||||
|
$request->cookies->set('MOCKSESSID', true);
|
||||||
|
|
||||||
|
$usageIndex = $session->getUsageIndex();
|
||||||
|
|
||||||
|
$tokenStorage = new TokenStorage();
|
||||||
|
$listener = new ContextListener($tokenStorage, [], 'context_key', null, null, null, [$tokenStorage, 'getToken']);
|
||||||
|
$listener(new RequestEvent($this->getMockBuilder(HttpKernelInterface::class)->getMock(), $request, HttpKernelInterface::MASTER_REQUEST));
|
||||||
|
|
||||||
|
$this->assertSame($usageIndex, $session->getUsageIndex());
|
||||||
|
}
|
||||||
|
|
||||||
protected function runSessionOnKernelResponse($newToken, $original = null)
|
protected function runSessionOnKernelResponse($newToken, $original = null)
|
||||||
{
|
{
|
||||||
$session = new Session(new MockArraySessionStorage());
|
$session = new Session(new MockArraySessionStorage());
|
||||||
|
Reference in New Issue
Block a user