diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Verifying if the password field is null

Browse Source
This commit is contained in:
Mbechezi Nawo 2020-06-24 02:54:33 +02:00 committed by Fabien Potencier
parent 58ee4f6fa4
commit e4a14ac89d
2 changed files with 30 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
View File

@ -95,6 +95,10 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL
throw new BadCredentialsException('Invalid username.');
}
if (null === $password) {
throw new \LogicException(sprintf('The key "%s" cannot be null; check that the password field name of the form matches.', $this->options['password_parameter']));
}
$request->getSession()->set(Security::LAST_USERNAME, $username);
return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey));

28
src/Symfony/Component/Security/Http/Tests/Firewall/UsernamePasswordFormAuthenticationListenerTest.php
View File

@ -32,7 +32,7 @@ class UsernamePasswordFormAuthenticationListenerTest extends TestCase
*/
public function testHandleWhenUsernameLength($username, $ok)
{
$request = Request::create('/login_check', 'POST', ['_username' => $username]);
$request = Request::create('/login_check', 'POST', ['_username' => $username, '_password' => 'symfony']);
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
$httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
@ -161,7 +161,31 @@ class UsernamePasswordFormAuthenticationListenerTest extends TestCase
->method('__toString')
->willReturn('someUsername');
$request = Request::create('/login_check', 'POST', ['_username' => $usernameClass]);
$request = Request::create('/login_check', 'POST', ['_username' => $usernameClass, '_password' => 'symfony']);
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
$listener = new UsernamePasswordFormAuthenticationListener(
new TokenStorage(),
$this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')->getMock(),
new SessionAuthenticationStrategy(SessionAuthenticationStrategy::NONE),
$httpUtils = new HttpUtils(),
'foo',
new DefaultAuthenticationSuccessHandler($httpUtils),
new DefaultAuthenticationFailureHandler($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $httpUtils),
['require_previous_session' => false, 'post_only' => $postOnly]
);
$event = new GetResponseEvent($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $request, HttpKernelInterface::MASTER_REQUEST);
$listener->handle($event);
}
/**
* @dataProvider postOnlyDataProvider
*/
public function testHandleWhenPasswordAreNull($postOnly)
{
$this->expectException('LogicException');
$this->expectExceptionMessage('The key "_password" cannot be null; check that the password field name of the form matches.');
$request = Request::create('/login_check', 'POST', ['_username' => 'symfony', 'password' => 'symfony']);
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
$listener = new UsernamePasswordFormAuthenticationListener(
new TokenStorage(),