minor #31782 [Security][Http] Remove BC layers (chalasr)
This PR was merged into the 5.0-dev branch.
Discussion
----------
[Security][Http] Remove BC layers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | yes
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
81e9974855
[Security][Http] Remove BC layers
This commit is contained in:
commit
ebd8f21ced
@ -12,8 +12,6 @@
|
|||||||
namespace Symfony\Bundle\SecurityBundle\Debug;
|
namespace Symfony\Bundle\SecurityBundle\Debug;
|
||||||
|
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\Security\Http\Firewall\LegacyListenerTrait;
|
|
||||||
use Symfony\Component\Security\Http\Firewall\ListenerInterface;
|
|
||||||
use Symfony\Component\VarDumper\Caster\ClassStub;
|
use Symfony\Component\VarDumper\Caster\ClassStub;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -21,22 +19,17 @@ use Symfony\Component\VarDumper\Caster\ClassStub;
|
|||||||
*
|
*
|
||||||
* @author Robin Chalas <robin.chalas@gmail.com>
|
* @author Robin Chalas <robin.chalas@gmail.com>
|
||||||
*
|
*
|
||||||
* @internal since Symfony 4.3
|
* @internal
|
||||||
*/
|
*/
|
||||||
final class WrappedListener implements ListenerInterface
|
final class WrappedListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $response;
|
private $response;
|
||||||
private $listener;
|
private $listener;
|
||||||
private $time;
|
private $time;
|
||||||
private $stub;
|
private $stub;
|
||||||
private static $hasVarDumper;
|
private static $hasVarDumper;
|
||||||
|
|
||||||
/**
|
public function __construct(callable $listener)
|
||||||
* @param callable $listener
|
|
||||||
*/
|
|
||||||
public function __construct($listener)
|
|
||||||
{
|
{
|
||||||
$this->listener = $listener;
|
$this->listener = $listener;
|
||||||
|
|
||||||
@ -45,18 +38,10 @@ final class WrappedListener implements ListenerInterface
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function __invoke(RequestEvent $event)
|
public function __invoke(RequestEvent $event)
|
||||||
{
|
{
|
||||||
$startTime = microtime(true);
|
$startTime = microtime(true);
|
||||||
if (\is_callable($this->listener)) {
|
($this->listener)($event);
|
||||||
($this->listener)($event);
|
|
||||||
} else {
|
|
||||||
@trigger_error(sprintf('Calling the "%s::handle()" method from the firewall is deprecated since Symfony 4.3, implement "__invoke()" instead.', \get_class($this)), E_USER_DEPRECATED);
|
|
||||||
$this->listener->handle($event);
|
|
||||||
}
|
|
||||||
$this->time = microtime(true) - $startTime;
|
$this->time = microtime(true) - $startTime;
|
||||||
$this->response = $event->getResponse();
|
$this->response = $event->getResponse();
|
||||||
}
|
}
|
||||||
|
@ -4,18 +4,22 @@ CHANGELOG
|
|||||||
5.0.0
|
5.0.0
|
||||||
-----
|
-----
|
||||||
|
|
||||||
* Removed the `AdvancedUserInterface`, use a custom user checker instead.
|
* The `FirewallMapInterface::getListeners()` method must return an array of 3 elements.
|
||||||
* Removed `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead
|
* Removed the `ContextListener::setLogoutOnUserChange()` method.
|
||||||
* Removed `BcryptPasswordEncoder`, use `NativePasswordEncoder` instead
|
* Removed the `ListenerInterface`, turn your listeners into callables instead.
|
||||||
* Removed the `has_role()` function from security expressions, use `is_granted()` instead.
|
* Removed the `Firewall::handleRequest()` method, use `Firewall::callListeners()` instead.
|
||||||
* `SimpleAuthenticatorInterface`, `SimpleFormAuthenticatorInterface`, `SimplePreAuthenticatorInterface`,
|
* Removed the `AdvancedUserInterface`, use a custom user checker instead.
|
||||||
`SimpleAuthenticationProvider`, `SimpleAuthenticationHandler`, `SimpleFormAuthenticationListener` and
|
* Removed `Argon2iPasswordEncoder`, use `SodiumPasswordEncoder` instead
|
||||||
`SimplePreAuthenticationListener` have been removed. Use Guard instead.
|
* Removed `BcryptPasswordEncoder`, use `NativePasswordEncoder` instead
|
||||||
* Removed the `Role` and `SwitchUserRole` classes. Use strings for roles instead.
|
* Removed the `has_role()` function from security expressions, use `is_granted()` instead.
|
||||||
* Removed the `getReachableRoles()` method from the `RoleHierarchyInterface`. Role hierarchies must implement
|
* `SimpleAuthenticatorInterface`, `SimpleFormAuthenticatorInterface`, `SimplePreAuthenticatorInterface`,
|
||||||
the `getReachableRoleNames()` method instead and return roles as strings.
|
`SimpleAuthenticationProvider`, `SimpleAuthenticationHandler`, `SimpleFormAuthenticationListener` and
|
||||||
* Removed the `getRoles()` method from the `TokenInterface`. Tokens must implement the `getRoleNames()` method
|
`SimplePreAuthenticationListener` have been removed. Use Guard instead.
|
||||||
instead and return roles as strings.
|
* Removed the `Role` and `SwitchUserRole` classes. Use strings for roles instead.
|
||||||
|
* Removed the `getReachableRoles()` method from the `RoleHierarchyInterface`. Role hierarchies must implement
|
||||||
|
the `getReachableRoleNames()` method instead and return roles as strings.
|
||||||
|
* Removed the `getRoles()` method from the `TokenInterface`. Tokens must implement the `getRoleNames()` method
|
||||||
|
instead and return roles as strings.
|
||||||
|
|
||||||
4.4.0
|
4.4.0
|
||||||
-----
|
-----
|
||||||
|
@ -21,8 +21,6 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
|||||||
use Symfony\Component\Security\Guard\AuthenticatorInterface;
|
use Symfony\Component\Security\Guard\AuthenticatorInterface;
|
||||||
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
|
use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
|
||||||
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
|
use Symfony\Component\Security\Guard\Token\PreAuthenticationGuardToken;
|
||||||
use Symfony\Component\Security\Http\Firewall\LegacyListenerTrait;
|
|
||||||
use Symfony\Component\Security\Http\Firewall\ListenerInterface;
|
|
||||||
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
|
use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -31,12 +29,10 @@ use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface;
|
|||||||
* @author Ryan Weaver <ryan@knpuniversity.com>
|
* @author Ryan Weaver <ryan@knpuniversity.com>
|
||||||
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
|
* @author Amaury Leroux de Lens <amaury@lerouxdelens.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class GuardAuthenticationListener implements ListenerInterface
|
class GuardAuthenticationListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $guardHandler;
|
private $guardHandler;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
private $providerKey;
|
private $providerKey;
|
||||||
|
@ -11,14 +11,12 @@
|
|||||||
|
|
||||||
namespace Symfony\Component\Security\Http;
|
namespace Symfony\Component\Security\Http;
|
||||||
|
|
||||||
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
|
||||||
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||||
use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
|
use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
|
||||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\HttpKernel\KernelEvents;
|
use Symfony\Component\HttpKernel\KernelEvents;
|
||||||
use Symfony\Component\Security\Http\Firewall\AccessListener;
|
use Symfony\Component\Security\Http\Firewall\AccessListener;
|
||||||
use Symfony\Component\Security\Http\Firewall\LogoutListener;
|
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Firewall uses a FirewallMap to register security listeners for the given
|
* Firewall uses a FirewallMap to register security listeners for the given
|
||||||
@ -38,17 +36,12 @@ class Firewall implements EventSubscriberInterface
|
|||||||
|
|
||||||
public function __construct(FirewallMapInterface $map, EventDispatcherInterface $dispatcher)
|
public function __construct(FirewallMapInterface $map, EventDispatcherInterface $dispatcher)
|
||||||
{
|
{
|
||||||
// the type-hint will be updated to the "EventDispatcherInterface" from symfony/contracts in 5.0
|
|
||||||
|
|
||||||
$this->map = $map;
|
$this->map = $map;
|
||||||
$this->dispatcher = $dispatcher;
|
$this->dispatcher = $dispatcher;
|
||||||
$this->exceptionListeners = new \SplObjectStorage();
|
$this->exceptionListeners = new \SplObjectStorage();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
public function onKernelRequest(RequestEvent $event)
|
||||||
* @internal since Symfony 4.3
|
|
||||||
*/
|
|
||||||
public function onKernelRequest(GetResponseEvent $event)
|
|
||||||
{
|
{
|
||||||
if (!$event->isMasterRequest()) {
|
if (!$event->isMasterRequest()) {
|
||||||
return;
|
return;
|
||||||
@ -57,11 +50,6 @@ class Firewall implements EventSubscriberInterface
|
|||||||
// register listeners for this firewall
|
// register listeners for this firewall
|
||||||
$listeners = $this->map->getListeners($event->getRequest());
|
$listeners = $this->map->getListeners($event->getRequest());
|
||||||
|
|
||||||
if (3 !== \count($listeners)) {
|
|
||||||
@trigger_error(sprintf('Not returning an array of 3 elements from %s::getListeners() is deprecated since Symfony 4.2, the 3rd element must be an instance of %s or null.', FirewallMapInterface::class, LogoutListener::class), E_USER_DEPRECATED);
|
|
||||||
$listeners[2] = null;
|
|
||||||
}
|
|
||||||
|
|
||||||
$authenticationListeners = $listeners[0];
|
$authenticationListeners = $listeners[0];
|
||||||
$exceptionListener = $listeners[1];
|
$exceptionListener = $listeners[1];
|
||||||
$logoutListener = $listeners[2];
|
$logoutListener = $listeners[2];
|
||||||
@ -93,16 +81,9 @@ class Firewall implements EventSubscriberInterface
|
|||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
if ($event instanceof RequestEvent) {
|
$this->callListeners($event, $authenticationListeners());
|
||||||
$this->callListeners($event, $authenticationListeners());
|
|
||||||
} else {
|
|
||||||
$this->handleRequest($event, $authenticationListeners());
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @internal since Symfony 4.3
|
|
||||||
*/
|
|
||||||
public function onKernelFinishRequest(FinishRequestEvent $event)
|
public function onKernelFinishRequest(FinishRequestEvent $event)
|
||||||
{
|
{
|
||||||
$request = $event->getRequest();
|
$request = $event->getRequest();
|
||||||
@ -125,22 +106,9 @@ class Firewall implements EventSubscriberInterface
|
|||||||
}
|
}
|
||||||
|
|
||||||
protected function callListeners(RequestEvent $event, iterable $listeners)
|
protected function callListeners(RequestEvent $event, iterable $listeners)
|
||||||
{
|
|
||||||
$this->handleRequest($event, $listeners);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @deprecated since Symfony 4.3, use callListeners instead
|
|
||||||
*/
|
|
||||||
protected function handleRequest(GetResponseEvent $event, $listeners)
|
|
||||||
{
|
{
|
||||||
foreach ($listeners as $listener) {
|
foreach ($listeners as $listener) {
|
||||||
if (\is_callable($listener)) {
|
$listener($event);
|
||||||
$listener($event);
|
|
||||||
} else {
|
|
||||||
@trigger_error(sprintf('Calling the "%s::handle()" method from the firewall is deprecated since Symfony 4.3, implement "__invoke()" instead.', \get_class($this)), E_USER_DEPRECATED);
|
|
||||||
$listener->handle($event);
|
|
||||||
}
|
|
||||||
|
|
||||||
if ($event->hasResponse()) {
|
if ($event->hasResponse()) {
|
||||||
break;
|
break;
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
|
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
@ -49,12 +48,10 @@ use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
|||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||||
*
|
*
|
||||||
* @internal since Symfony 4.3
|
* @internal
|
||||||
*/
|
*/
|
||||||
abstract class AbstractAuthenticationListener implements ListenerInterface
|
abstract class AbstractAuthenticationListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
protected $options;
|
protected $options;
|
||||||
protected $logger;
|
protected $logger;
|
||||||
protected $authenticationManager;
|
protected $authenticationManager;
|
||||||
@ -95,7 +92,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
|
|||||||
'require_previous_session' => true,
|
'require_previous_session' => true,
|
||||||
], $options);
|
], $options);
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->dispatcher = LegacyEventDispatcherProxy::decorate($dispatcher);
|
$this->dispatcher = $dispatcher;
|
||||||
$this->httpUtils = $httpUtils;
|
$this->httpUtils = $httpUtils;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
|
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
||||||
@ -33,12 +32,10 @@ use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @internal since Symfony 4.3
|
* @internal
|
||||||
*/
|
*/
|
||||||
abstract class AbstractPreAuthenticatedListener implements ListenerInterface
|
abstract class AbstractPreAuthenticatedListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
protected $logger;
|
protected $logger;
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
@ -52,7 +49,7 @@ abstract class AbstractPreAuthenticatedListener implements ListenerInterface
|
|||||||
$this->authenticationManager = $authenticationManager;
|
$this->authenticationManager = $authenticationManager;
|
||||||
$this->providerKey = $providerKey;
|
$this->providerKey = $providerKey;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->dispatcher = LegacyEventDispatcherProxy::decorate($dispatcher);
|
$this->dispatcher = $dispatcher;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -24,12 +24,10 @@ use Symfony\Component\Security\Http\AccessMapInterface;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class AccessListener implements ListenerInterface
|
class AccessListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $accessDecisionManager;
|
private $accessDecisionManager;
|
||||||
private $map;
|
private $map;
|
||||||
|
@ -24,12 +24,10 @@ use Symfony\Component\Security\Core\Exception\AuthenticationException;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class AnonymousAuthenticationListener implements ListenerInterface
|
class AnonymousAuthenticationListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $secret;
|
private $secret;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
|
@ -27,12 +27,10 @@ use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterfa
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class BasicAuthenticationListener implements ListenerInterface
|
class BasicAuthenticationListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
private $providerKey;
|
private $providerKey;
|
||||||
|
@ -22,12 +22,10 @@ use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class ChannelListener implements ListenerInterface
|
class ChannelListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $map;
|
private $map;
|
||||||
private $authenticationEntryPoint;
|
private $authenticationEntryPoint;
|
||||||
private $logger;
|
private $logger;
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
|
||||||
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
|
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\HttpKernel\KernelEvents;
|
use Symfony\Component\HttpKernel\KernelEvents;
|
||||||
@ -28,6 +27,7 @@ use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
|
|||||||
use Symfony\Component\Security\Core\User\UserInterface;
|
use Symfony\Component\Security\Core\User\UserInterface;
|
||||||
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
use Symfony\Component\Security\Core\User\UserProviderInterface;
|
||||||
use Symfony\Component\Security\Http\Event\DeauthenticatedEvent;
|
use Symfony\Component\Security\Http\Event\DeauthenticatedEvent;
|
||||||
|
use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* ContextListener manages the SecurityContext persistence through a session.
|
* ContextListener manages the SecurityContext persistence through a session.
|
||||||
@ -35,12 +35,10 @@ use Symfony\Component\Security\Http\Event\DeauthenticatedEvent;
|
|||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class ContextListener implements ListenerInterface
|
class ContextListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $sessionKey;
|
private $sessionKey;
|
||||||
private $logger;
|
private $logger;
|
||||||
@ -66,18 +64,6 @@ class ContextListener implements ListenerInterface
|
|||||||
$this->trustResolver = $trustResolver ?: new AuthenticationTrustResolver(AnonymousToken::class, RememberMeToken::class);
|
$this->trustResolver = $trustResolver ?: new AuthenticationTrustResolver(AnonymousToken::class, RememberMeToken::class);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Enables deauthentication during refreshUser when the user has changed.
|
|
||||||
*
|
|
||||||
* @param bool $logoutOnUserChange
|
|
||||||
*
|
|
||||||
* @deprecated since Symfony 4.1
|
|
||||||
*/
|
|
||||||
public function setLogoutOnUserChange($logoutOnUserChange)
|
|
||||||
{
|
|
||||||
@trigger_error(sprintf('The "%s()" method is deprecated since Symfony 4.1.', __METHOD__), E_USER_DEPRECATED);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Reads the Security Token from the session.
|
* Reads the Security Token from the session.
|
||||||
*/
|
*/
|
||||||
|
@ -15,7 +15,7 @@ use Psr\Log\LoggerInterface;
|
|||||||
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
|
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
|
||||||
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
||||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||||
@ -39,7 +39,7 @@ use Symfony\Component\Security\Http\Util\TargetPathTrait;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3, EventDispatcherInterface type-hints will be updated to the interface from symfony/contracts in 5.0
|
* @final
|
||||||
*/
|
*/
|
||||||
class ExceptionListener
|
class ExceptionListener
|
||||||
{
|
{
|
||||||
@ -87,7 +87,7 @@ class ExceptionListener
|
|||||||
/**
|
/**
|
||||||
* Handles security related exceptions.
|
* Handles security related exceptions.
|
||||||
*/
|
*/
|
||||||
public function onKernelException(GetResponseForExceptionEvent $event)
|
public function onKernelException(ExceptionEvent $event)
|
||||||
{
|
{
|
||||||
$exception = $event->getException();
|
$exception = $event->getException();
|
||||||
do {
|
do {
|
||||||
@ -101,7 +101,7 @@ class ExceptionListener
|
|||||||
} while (null !== $exception = $exception->getPrevious());
|
} while (null !== $exception = $exception->getPrevious());
|
||||||
}
|
}
|
||||||
|
|
||||||
private function handleAuthenticationException(GetResponseForExceptionEvent $event, AuthenticationException $exception): void
|
private function handleAuthenticationException(ExceptionEvent $event, AuthenticationException $exception): void
|
||||||
{
|
{
|
||||||
if (null !== $this->logger) {
|
if (null !== $this->logger) {
|
||||||
$this->logger->info('An AuthenticationException was thrown; redirecting to authentication entry point.', ['exception' => $exception]);
|
$this->logger->info('An AuthenticationException was thrown; redirecting to authentication entry point.', ['exception' => $exception]);
|
||||||
@ -115,7 +115,7 @@ class ExceptionListener
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private function handleAccessDeniedException(GetResponseForExceptionEvent $event, AccessDeniedException $exception)
|
private function handleAccessDeniedException(ExceptionEvent $event, AccessDeniedException $exception)
|
||||||
{
|
{
|
||||||
$event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
|
$event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
|
||||||
|
|
||||||
|
@ -1,60 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This file is part of the Symfony package.
|
|
||||||
*
|
|
||||||
* (c) Fabien Potencier <fabien@symfony.com>
|
|
||||||
*
|
|
||||||
* For the full copyright and license information, please view the LICENSE
|
|
||||||
* file that was distributed with this source code.
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Symfony\Component\Security\Http\Firewall;
|
|
||||||
|
|
||||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @deprecated
|
|
||||||
*
|
|
||||||
* @internal
|
|
||||||
*/
|
|
||||||
trait LegacyListenerTrait
|
|
||||||
{
|
|
||||||
/**
|
|
||||||
* @deprecated since Symfony 4.3, use __invoke() instead
|
|
||||||
*/
|
|
||||||
public function handle(GetResponseEvent $event)
|
|
||||||
{
|
|
||||||
@trigger_error(sprintf('The "%s()" method is deprecated since Symfony 4.3, use __invoke() instead.', __METHOD__), E_USER_DEPRECATED);
|
|
||||||
|
|
||||||
if (!$event instanceof RequestEvent) {
|
|
||||||
$event = new class($event) extends RequestEvent {
|
|
||||||
private $event;
|
|
||||||
|
|
||||||
public function __construct(GetResponseEvent $event)
|
|
||||||
{
|
|
||||||
parent::__construct($event->getKernel(), $event->getRequest(), $event->getRequestType());
|
|
||||||
$this->event = $event;
|
|
||||||
}
|
|
||||||
|
|
||||||
public function getResponse()
|
|
||||||
{
|
|
||||||
return $this->event->getResponse();
|
|
||||||
}
|
|
||||||
|
|
||||||
public function setResponse(Response $response)
|
|
||||||
{
|
|
||||||
$this->event->setResponse($response);
|
|
||||||
}
|
|
||||||
|
|
||||||
public function hasResponse()
|
|
||||||
{
|
|
||||||
return $this->event->hasResponse();
|
|
||||||
}
|
|
||||||
};
|
|
||||||
}
|
|
||||||
|
|
||||||
$this->__invoke($event);
|
|
||||||
}
|
|
||||||
}
|
|
@ -1,26 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
/*
|
|
||||||
* This file is part of the Symfony package.
|
|
||||||
*
|
|
||||||
* (c) Fabien Potencier <fabien@symfony.com>
|
|
||||||
*
|
|
||||||
* For the full copyright and license information, please view the LICENSE
|
|
||||||
* file that was distributed with this source code.
|
|
||||||
*/
|
|
||||||
|
|
||||||
namespace Symfony\Component\Security\Http\Firewall;
|
|
||||||
|
|
||||||
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Interface that must be implemented by firewall listeners.
|
|
||||||
*
|
|
||||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
|
||||||
*
|
|
||||||
* @deprecated since Symfony 4.3, turn listeners into callables instead
|
|
||||||
*/
|
|
||||||
interface ListenerInterface
|
|
||||||
{
|
|
||||||
public function handle(GetResponseEvent $event);
|
|
||||||
}
|
|
@ -28,12 +28,10 @@ use Symfony\Component\Security\Http\ParameterBagUtils;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class LogoutListener implements ListenerInterface
|
class LogoutListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $options;
|
private $options;
|
||||||
private $handlers;
|
private $handlers;
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
|
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||||
@ -31,10 +30,8 @@ use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
|||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final since Symfony 4.3
|
||||||
*/
|
*/
|
||||||
class RememberMeListener implements ListenerInterface
|
class RememberMeListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $rememberMeServices;
|
private $rememberMeServices;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
@ -49,7 +46,7 @@ class RememberMeListener implements ListenerInterface
|
|||||||
$this->rememberMeServices = $rememberMeServices;
|
$this->rememberMeServices = $rememberMeServices;
|
||||||
$this->authenticationManager = $authenticationManager;
|
$this->authenticationManager = $authenticationManager;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->dispatcher = LegacyEventDispatcherProxy::decorate($dispatcher);
|
$this->dispatcher = $dispatcher;
|
||||||
$this->catchExceptions = $catchExceptions;
|
$this->catchExceptions = $catchExceptions;
|
||||||
$this->sessionStrategy = null === $sessionStrategy ? new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE) : $sessionStrategy;
|
$this->sessionStrategy = null === $sessionStrategy ? new SessionAuthenticationStrategy(SessionAuthenticationStrategy::MIGRATE) : $sessionStrategy;
|
||||||
}
|
}
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
|
|
||||||
use Symfony\Component\HttpFoundation\RedirectResponse;
|
use Symfony\Component\HttpFoundation\RedirectResponse;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
@ -36,12 +35,10 @@ use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
|||||||
*
|
*
|
||||||
* @author Fabien Potencier <fabien@symfony.com>
|
* @author Fabien Potencier <fabien@symfony.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class SwitchUserListener implements ListenerInterface
|
class SwitchUserListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
const EXIT_VALUE = '_exit';
|
const EXIT_VALUE = '_exit';
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
@ -69,7 +66,7 @@ class SwitchUserListener implements ListenerInterface
|
|||||||
$this->usernameParameter = $usernameParameter;
|
$this->usernameParameter = $usernameParameter;
|
||||||
$this->role = $role;
|
$this->role = $role;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->dispatcher = LegacyEventDispatcherProxy::decorate($dispatcher);
|
$this->dispatcher = $dispatcher;
|
||||||
$this->stateless = $stateless;
|
$this->stateless = $stateless;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -12,7 +12,6 @@
|
|||||||
namespace Symfony\Component\Security\Http\Firewall;
|
namespace Symfony\Component\Security\Http\Firewall;
|
||||||
|
|
||||||
use Psr\Log\LoggerInterface;
|
use Psr\Log\LoggerInterface;
|
||||||
use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
|
|
||||||
use Symfony\Component\HttpFoundation\JsonResponse;
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
@ -42,12 +41,10 @@ use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
|
|||||||
*
|
*
|
||||||
* @author Kévin Dunglas <dunglas@gmail.com>
|
* @author Kévin Dunglas <dunglas@gmail.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class UsernamePasswordJsonAuthenticationListener implements ListenerInterface
|
class UsernamePasswordJsonAuthenticationListener
|
||||||
{
|
{
|
||||||
use LegacyListenerTrait;
|
|
||||||
|
|
||||||
private $tokenStorage;
|
private $tokenStorage;
|
||||||
private $authenticationManager;
|
private $authenticationManager;
|
||||||
private $httpUtils;
|
private $httpUtils;
|
||||||
@ -69,14 +66,11 @@ class UsernamePasswordJsonAuthenticationListener implements ListenerInterface
|
|||||||
$this->successHandler = $successHandler;
|
$this->successHandler = $successHandler;
|
||||||
$this->failureHandler = $failureHandler;
|
$this->failureHandler = $failureHandler;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->eventDispatcher = LegacyEventDispatcherProxy::decorate($eventDispatcher);
|
$this->eventDispatcher = $eventDispatcher;
|
||||||
$this->options = array_merge(['username_path' => 'username', 'password_path' => 'password'], $options);
|
$this->options = array_merge(['username_path' => 'username', 'password_path' => 'password'], $options);
|
||||||
$this->propertyAccessor = $propertyAccessor ?: PropertyAccess::createPropertyAccessor();
|
$this->propertyAccessor = $propertyAccessor ?: PropertyAccess::createPropertyAccessor();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* {@inheritdoc}
|
|
||||||
*/
|
|
||||||
public function __invoke(RequestEvent $event)
|
public function __invoke(RequestEvent $event)
|
||||||
{
|
{
|
||||||
$request = $event->getRequest();
|
$request = $event->getRequest();
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
namespace Symfony\Component\Security\Http\RememberMe;
|
namespace Symfony\Component\Security\Http\RememberMe;
|
||||||
|
|
||||||
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
||||||
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
|
use Symfony\Component\HttpKernel\Event\ResponseEvent;
|
||||||
use Symfony\Component\HttpKernel\KernelEvents;
|
use Symfony\Component\HttpKernel\KernelEvents;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -20,11 +20,11 @@ use Symfony\Component\HttpKernel\KernelEvents;
|
|||||||
*
|
*
|
||||||
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
|
||||||
*
|
*
|
||||||
* @final since Symfony 4.3
|
* @final
|
||||||
*/
|
*/
|
||||||
class ResponseListener implements EventSubscriberInterface
|
class ResponseListener implements EventSubscriberInterface
|
||||||
{
|
{
|
||||||
public function onKernelResponse(FilterResponseEvent $event)
|
public function onKernelResponse(ResponseEvent $event)
|
||||||
{
|
{
|
||||||
if (!$event->isMasterRequest()) {
|
if (!$event->isMasterRequest()) {
|
||||||
return;
|
return;
|
||||||
|
@ -15,7 +15,6 @@ use PHPUnit\Framework\TestCase;
|
|||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
|
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
|
||||||
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
|
|
||||||
use Symfony\Component\HttpKernel\Exception\HttpException;
|
use Symfony\Component\HttpKernel\Exception\HttpException;
|
||||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||||
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
|
use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
|
||||||
@ -191,11 +190,7 @@ class ExceptionListenerTest extends TestCase
|
|||||||
$kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
|
$kernel = $this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock();
|
||||||
}
|
}
|
||||||
|
|
||||||
if (class_exists(ExceptionEvent::class)) {
|
return new ExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception);
|
||||||
return new ExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception);
|
|
||||||
}
|
|
||||||
|
|
||||||
return new GetResponseForExceptionEvent($kernel, Request::create('/'), HttpKernelInterface::MASTER_REQUEST, $exception);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private function createExceptionListener(TokenStorageInterface $tokenStorage = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null)
|
private function createExceptionListener(TokenStorageInterface $tokenStorage = null, AuthenticationTrustResolverInterface $trustResolver = null, HttpUtils $httpUtils = null, AuthenticationEntryPointInterface $authenticationEntryPoint = null, $errorPage = null, AccessDeniedHandlerInterface $accessDeniedHandler = null)
|
||||||
|
@ -12,14 +12,10 @@
|
|||||||
namespace Symfony\Component\Security\Http\Tests;
|
namespace Symfony\Component\Security\Http\Tests;
|
||||||
|
|
||||||
use PHPUnit\Framework\TestCase;
|
use PHPUnit\Framework\TestCase;
|
||||||
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
|
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
use Symfony\Component\HttpKernel\Event\RequestEvent;
|
||||||
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
use Symfony\Component\HttpKernel\HttpKernelInterface;
|
||||||
use Symfony\Component\Security\Http\Firewall;
|
use Symfony\Component\Security\Http\Firewall;
|
||||||
use Symfony\Component\Security\Http\Firewall\ExceptionListener;
|
|
||||||
use Symfony\Component\Security\Http\FirewallMapInterface;
|
|
||||||
|
|
||||||
class FirewallTest extends TestCase
|
class FirewallTest extends TestCase
|
||||||
{
|
{
|
||||||
@ -111,33 +107,4 @@ class FirewallTest extends TestCase
|
|||||||
|
|
||||||
$this->assertFalse($event->hasResponse());
|
$this->assertFalse($event->hasResponse());
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @group legacy
|
|
||||||
* @expectedDeprecation Not returning an array of 3 elements from Symfony\Component\Security\Http\FirewallMapInterface::getListeners() is deprecated since Symfony 4.2, the 3rd element must be an instance of Symfony\Component\Security\Http\Firewall\LogoutListener or null.
|
|
||||||
*/
|
|
||||||
public function testMissingLogoutListener()
|
|
||||||
{
|
|
||||||
$dispatcher = $this->getMockBuilder(EventDispatcherInterface::class)->getMock();
|
|
||||||
|
|
||||||
$listener = $this->getMockBuilder(ExceptionListener::class)->disableOriginalConstructor()->getMock();
|
|
||||||
$listener
|
|
||||||
->expects($this->once())
|
|
||||||
->method('register')
|
|
||||||
->with($this->equalTo($dispatcher))
|
|
||||||
;
|
|
||||||
|
|
||||||
$request = new Request();
|
|
||||||
|
|
||||||
$map = $this->getMockBuilder(FirewallMapInterface::class)->getMock();
|
|
||||||
$map
|
|
||||||
->expects($this->once())
|
|
||||||
->method('getListeners')
|
|
||||||
->with($this->equalTo($request))
|
|
||||||
->willReturn([[], $listener])
|
|
||||||
;
|
|
||||||
|
|
||||||
$firewall = new Firewall($map, $dispatcher);
|
|
||||||
$firewall->onKernelRequest(new RequestEvent($this->getMockBuilder(HttpKernelInterface::class)->getMock(), $request, HttpKernelInterface::MASTER_REQUEST));
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user