diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
index 611b0285c0..e3711a9b25 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
@@ -30,12 +30,15 @@ abstract class AbstractFactory implements SecurityFactoryInterface
'check_path' => '/login_check',
'login_path' => '/login',
'use_forward' => false,
+ 'failure_path' => null,
+ 'failure_forward' => false,
+ );
+
+ protected $defaultSuccessHandlerOptions = array(
'always_use_default_target_path' => false,
'default_target_path' => '/',
'target_path_parameter' => '_target_path',
'use_referer' => false,
- 'failure_path' => null,
- 'failure_forward' => false,
);
public function create(ContainerBuilder $container, $id, $config, $userProviderId, $defaultEntryPointId)
@@ -71,7 +74,7 @@ abstract class AbstractFactory implements SecurityFactoryInterface
->scalarNode('failure_handler')->end()
;
- foreach ($this->options as $name => $default) {
+ foreach (array_merge($this->options, $this->defaultSuccessHandlerOptions) as $name => $default) {
if (is_bool($default)) {
$builder->booleanNode($name)->defaultValue($default);
} else {
@@ -149,12 +152,8 @@ abstract class AbstractFactory implements SecurityFactoryInterface
$listenerId = $this->getListenerId();
$listener = new DefinitionDecorator($listenerId);
$listener->replaceArgument(4, $id);
- $listener->replaceArgument(5, array_intersect_key($config, $this->options));
-
- // success handler
- if (isset($config['success_handler'])) {
- $listener->replaceArgument(6, new Reference($config['success_handler']));
- }
+ $listener->replaceArgument(5, new Reference($this->createAuthenticationSuccessHandler($container, $id, $config)));
+ $listener->replaceArgument(6, array_intersect_key($config, $this->options));
// failure handler
if (isset($config['failure_handler'])) {
@@ -166,4 +165,20 @@ abstract class AbstractFactory implements SecurityFactoryInterface
return $listenerId;
}
+
+ protected function createAuthenticationSuccessHandler($container, $id, $config)
+ {
+ // success handler
+ if (isset($config['success_handler'])) {
+
+ return $config['success_handler'];
+ }
+
+ $id = 'security.authentication.success_handler.'.$id;
+
+ $successHandler = $container->setDefinition($id, new DefinitionDecorator('security.authentication.success_handler'));
+ $successHandler->replaceArgument(1, array_intersect_key($config, $this->defaultSuccessHandlerOptions));
+
+ return $id;
+ }
}
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
index b6cd02007a..f3a4f37858 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
@@ -37,6 +37,8 @@
Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider
Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider
+
+ Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler
@@ -98,13 +100,18 @@
+
-
+
+
+
+
+
getFactory();
+ list($container,
+ $authProviderId,
+ $listenerId,
+ $entryPointId) = $this->callFactory('foo', array('use_forward' => true, 'failure_path' => '/foo', 'success_handler' => 'foo', 'remember_me' => true), 'user_provider', 'entry_point');
+
+ // auth provider
+ $this->assertEquals('auth_provider', $authProviderId);
+
+ // listener
+ $this->assertEquals('abstract_listener.foo', $listenerId);
+ $this->assertTrue($container->hasDefinition('abstract_listener.foo'));
+ $definition = $container->getDefinition('abstract_listener.foo');
+ $this->assertEquals(array(
+ 'index_4' => 'foo',
+ 'index_5' => new Reference('foo'),
+ 'index_6' => array(
+ 'use_forward' => true,
+ 'failure_path' => '/foo',
+ ),
+ ), $definition->getArguments());
+
+ // entry point
+ $this->assertEquals('entry_point', $entryPointId, '->create() does not change the default entry point.');
+ }
+
+ public function testDefaultSuccessHandler()
+ {
+ list($container,
+ $authProviderId,
+ $listenerId,
+ $entryPointId) = $this->callFactory('foo', array('remember_me' => true), 'user_provider', 'entry_point');
+
+ $definition = $container->getDefinition('abstract_listener.foo');
+ $arguments = $definition->getArguments();
+ $this->assertEquals(new Reference('security.authentication.success_handler.foo'), $arguments['index_5']);
+ }
+
+ protected function callFactory($id, $config, $userProviderId, $defaultEntryPointId)
+ {
+ $factory = $this->getMockForAbstractClass('Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory', array());
$factory
->expects($this->once())
@@ -37,30 +76,8 @@ class AbstractFactoryTest extends \PHPUnit_Framework_TestCase
list($authProviderId,
$listenerId,
$entryPointId
- ) = $factory->create($container, 'foo', array('use_forward' => true, 'failure_path' => '/foo', 'success_handler' => 'foo', 'remember_me' => true), 'user_provider', 'entry_point');
+ ) = $factory->create($container, $id, $config, $userProviderId, $defaultEntryPointId);
- // auth provider
- $this->assertEquals('auth_provider', $authProviderId);
-
- // listener
- $this->assertEquals('abstract_listener.foo', $listenerId);
- $this->assertTrue($container->hasDefinition('abstract_listener.foo'));
- $definition = $container->getDefinition('abstract_listener.foo');
- $this->assertEquals(array(
- 'index_4' => 'foo',
- 'index_5' => array(
- 'use_forward' => true,
- 'failure_path' => '/foo',
- ),
- 'index_6' => new Reference('foo'),
- ), $definition->getArguments());
-
- // entry point
- $this->assertEquals('entry_point', $entryPointId, '->create() does not change the default entry point.');
- }
-
- protected function getFactory()
- {
- return $this->getMockForAbstractClass('Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory', array());
+ return array($container, $authProviderId, $listenerId, $entryPointId);
}
}
diff --git a/src/Symfony/Component/Security/Http/Authentication/AuthenticationSuccessHandlerInterface.php b/src/Symfony/Component/Security/Http/Authentication/AuthenticationSuccessHandlerInterface.php
index 8917f3e7ea..99b1ae6c24 100644
--- a/src/Symfony/Component/Security/Http/Authentication/AuthenticationSuccessHandlerInterface.php
+++ b/src/Symfony/Component/Security/Http/Authentication/AuthenticationSuccessHandlerInterface.php
@@ -33,7 +33,7 @@ interface AuthenticationSuccessHandlerInterface
* @param Request $request
* @param TokenInterface $token
*
- * @return Response|null the response to return
+ * @return Response never null
*/
function onAuthenticationSuccess(Request $request, TokenInterface $token);
}
diff --git a/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
new file mode 100644
index 0000000000..5d414c6df2
--- /dev/null
+++ b/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
@@ -0,0 +1,84 @@
+
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\HttpUtils;
+
+/**
+ * Class with the default authentication success handling logic.
+ *
+ * Can be optionally be extended from by the developer to alter the behaviour
+ * while keeping the default behaviour.
+ *
+ * @author Alexander
+ */
+class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
+{
+ /**
+ * Constructor.
+ *
+ * @param HttpUtils $httpUtils HttpUtils
+ * @param array $options Options for processing a successful authentication attempt.
+ */
+ public function __construct(HttpUtils $httpUtils, array $options)
+ {
+ $this->httpUtils = $httpUtils;
+
+ $this->options = array_merge(array(
+ 'always_use_default_target_path' => false,
+ 'default_target_path' => '/',
+ 'target_path_parameter' => '_target_path',
+ 'use_referer' => false,
+ ), $options);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function onAuthenticationSuccess(Request $request, TokenInterface $token)
+ {
+ return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
+ }
+
+ /**
+ * Builds the target URL according to the defined options.
+ *
+ * @param Request $request
+ *
+ * @return string
+ */
+ protected function determineTargetUrl(Request $request)
+ {
+ if ($this->options['always_use_default_target_path']) {
+ return $this->options['default_target_path'];
+ }
+
+ if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
+ return $targetUrl;
+ }
+
+ $session = $request->getSession();
+ if ($targetUrl = $session->get('_security.target_path')) {
+ $session->remove('_security.target_path');
+
+ return $targetUrl;
+ }
+
+ if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
+ return $targetUrl;
+ }
+
+ return $this->options['default_target_path'];
+ }
+}
diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
index 1caaf0af0b..1e27f89af7 100644
--- a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@@ -77,7 +77,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
* @param LoggerInterface $logger A LoggerInterface instance
* @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance
*/
- public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
+ public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, array $options = array(), AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
{
if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.');
@@ -92,10 +92,6 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
$this->options = array_merge(array(
'check_path' => '/login_check',
'login_path' => '/login',
- 'always_use_default_target_path' => false,
- 'default_target_path' => '/',
- 'target_path_parameter' => '_target_path',
- 'use_referer' => false,
'failure_path' => null,
'failure_forward' => false,
), $options);
@@ -238,13 +234,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
$this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent);
}
- $response = null;
- if (null !== $this->successHandler) {
- $response = $this->successHandler->onAuthenticationSuccess($request, $token);
- }
- if (null === $response) {
- $response = $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
- }
+ $response = $this->successHandler->onAuthenticationSuccess($request, $token);
if (null !== $this->rememberMeServices) {
$this->rememberMeServices->loginSuccess($request, $response, $token);
@@ -252,35 +242,4 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
return $response;
}
-
- /**
- * Builds the target URL according to the defined options.
- *
- * @param Request $request
- *
- * @return string
- */
- private function determineTargetUrl(Request $request)
- {
- if ($this->options['always_use_default_target_path']) {
- return $this->options['default_target_path'];
- }
-
- if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
- return $targetUrl;
- }
-
- $session = $request->getSession();
- if ($targetUrl = $session->get('_security.' . $this->providerKey . '.target_path')) {
- $session->remove('_security.' . $this->providerKey . '.target_path');
-
- return $targetUrl;
- }
-
- if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
- return $targetUrl;
- }
-
- return $this->options['default_target_path'];
- }
}
diff --git a/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
index 35b0b11c35..c0fb79eef2 100644
--- a/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
@@ -37,15 +37,15 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL
/**
* {@inheritdoc}
*/
- public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, CsrfProviderInterface $csrfProvider = null)
+ public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler = null, array $options = array(), AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, CsrfProviderInterface $csrfProvider = null)
{
- parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, array_merge(array(
+ parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, array_merge(array(
'username_parameter' => '_username',
'password_parameter' => '_password',
'csrf_parameter' => '_csrf_token',
'intention' => 'authenticate',
'post_only' => true,
- ), $options), $successHandler, $failureHandler, $logger, $dispatcher);
+ ), $options), $failureHandler, $logger, $dispatcher);
$this->csrfProvider = $csrfProvider;
}