From a7a5885661001a942b147e3847a17c5d6a80ca0b Mon Sep 17 00:00:00 2001 From: Artem Lopata Date: Wed, 4 Dec 2019 11:31:52 +0100 Subject: [PATCH 1/5] Properly handle phpunit arguments for configuration file --- .../Bridge/PhpUnit/bin/simple-phpunit.php | 46 ++++++++++++++++--- 1 file changed, 39 insertions(+), 7 deletions(-) diff --git a/src/Symfony/Bridge/PhpUnit/bin/simple-phpunit.php b/src/Symfony/Bridge/PhpUnit/bin/simple-phpunit.php index 50873b612a..4a8993dc35 100644 --- a/src/Symfony/Bridge/PhpUnit/bin/simple-phpunit.php +++ b/src/Symfony/Bridge/PhpUnit/bin/simple-phpunit.php @@ -24,15 +24,47 @@ $getEnvVar = function ($name, $default = false) use ($argv) { static $phpunitConfig = null; if (null === $phpunitConfig) { - $opt = min(array_search('-c', $opts = array_reverse($argv), true) ?: INF, array_search('--configuration', $opts, true) ?: INF); $phpunitConfigFilename = null; - if (INF !== $opt && isset($opts[$opt - 1])) { - $phpunitConfigFilename = $opts[$opt - 1]; - } elseif (file_exists('phpunit.xml')) { - $phpunitConfigFilename = 'phpunit.xml'; - } elseif (file_exists('phpunit.xml.dist')) { - $phpunitConfigFilename = 'phpunit.xml.dist'; + $getPhpUnitConfig = function ($probableConfig) use (&$getPhpUnitConfig) { + if (!$probableConfig) { + return null; + } + if (is_dir($probableConfig)) { + return $getPhpUnitConfig($probableConfig.DIRECTORY_SEPARATOR.'phpunit.xml'); + } + + if (file_exists($probableConfig)) { + return $probableConfig; + } + if (file_exists($probableConfig.'.dist')) { + return $probableConfig.'.dist'; + } + + return null; + }; + + foreach ($argv as $cliArgumentIndex => $cliArgument) { + if ('--' === $cliArgument) { + break; + } + // long option + if ('--configuration' === $cliArgument && array_key_exists($cliArgumentIndex + 1, $argv)) { + $phpunitConfigFilename = $getPhpUnitConfig($argv[$cliArgumentIndex + 1]); + break; + } + // short option + if (0 === strpos($cliArgument, '-c')) { + if ('-c' === $cliArgument && array_key_exists($cliArgumentIndex + 1, $argv)) { + $phpunitConfigFilename = $getPhpUnitConfig($argv[$cliArgumentIndex + 1]); + } else { + $phpunitConfigFilename = $getPhpUnitConfig(substr($cliArgument, 2)); + } + break; + } } + + $phpunitConfigFilename = $phpunitConfigFilename ?: $getPhpUnitConfig('phpunit.xml'); + if ($phpunitConfigFilename) { $phpunitConfig = new DomDocument(); $phpunitConfig->load($phpunitConfigFilename); From 6b2db6dc305cd1fc08ed3761e5ee1c5a1e210a83 Mon Sep 17 00:00:00 2001 From: Wouter de Jong Date: Sat, 25 Jan 2020 13:51:20 +0100 Subject: [PATCH 2/5] Improved error message when no supported user provider is found --- src/Symfony/Component/Security/Core/User/ChainUserProvider.php | 2 +- .../Component/Security/Http/Firewall/ContextListener.php | 2 +- .../Security/Http/RememberMe/AbstractRememberMeServices.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Symfony/Component/Security/Core/User/ChainUserProvider.php b/src/Symfony/Component/Security/Core/User/ChainUserProvider.php index 5ea8150a30..ad93e53f14 100644 --- a/src/Symfony/Component/Security/Core/User/ChainUserProvider.php +++ b/src/Symfony/Component/Security/Core/User/ChainUserProvider.php @@ -91,7 +91,7 @@ class ChainUserProvider implements UserProviderInterface $e->setUsername($user->getUsername()); throw $e; } else { - throw new UnsupportedUserException(sprintf('The account "%s" is not supported.', \get_class($user))); + throw new UnsupportedUserException(sprintf('There is no user provider for user "%s". Shouldn\'t the "supportsClass()" method of your user provider return true for this classname?', \get_class($user))); } } diff --git a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php index 6a05ee5175..af912c446c 100644 --- a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php @@ -238,7 +238,7 @@ class ContextListener implements ListenerInterface return null; } - throw new \RuntimeException(sprintf('There is no user provider for user "%s".', $userClass)); + throw new \RuntimeException(sprintf('There is no user provider for user "%s". Shouldn\'t the "supportsClass()" method of your user provider return true for this classname?', $userClass)); } private function safelyUnserialize($serializedToken) diff --git a/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php b/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php index bf69f3012b..e47e181221 100644 --- a/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php +++ b/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php @@ -239,7 +239,7 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface } } - throw new UnsupportedUserException(sprintf('There is no user provider that supports class "%s".', $class)); + throw new UnsupportedUserException(sprintf('There is no user provider for user "%s". Shouldn\'t the "supportsClass()" method of your user provider return true for this classname?', $class)); } /** From ad5f427bed252b5f98616c7aa4d62868e260fdc2 Mon Sep 17 00:00:00 2001 From: Matthias Pigulla Date: Fri, 10 Jan 2020 23:18:38 +0000 Subject: [PATCH 3/5] =?UTF-8?q?[HttpKernel]=C2=A0Fix=20stale-if-error=20be?= =?UTF-8?q?havior,=20add=20tests?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../Component/HttpFoundation/Response.php | 2 +- .../HttpKernel/HttpCache/HttpCache.php | 30 +++- .../Tests/HttpCache/HttpCacheTest.php | 162 ++++++++++++++++++ 3 files changed, 190 insertions(+), 4 deletions(-) diff --git a/src/Symfony/Component/HttpFoundation/Response.php b/src/Symfony/Component/HttpFoundation/Response.php index 26e3a3378e..0f361bac3d 100644 --- a/src/Symfony/Component/HttpFoundation/Response.php +++ b/src/Symfony/Component/HttpFoundation/Response.php @@ -649,7 +649,7 @@ class Response } /** - * Returns true if the response must be revalidated by caches. + * Returns true if the response must be revalidated by shared caches once it has become stale. * * This method indicates that the response must not be served stale by a * cache in any circumstance without first revalidating with the origin. diff --git a/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php b/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php index da60e74642..3471758525 100644 --- a/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php +++ b/src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php @@ -452,13 +452,37 @@ class HttpCache implements HttpKernelInterface, TerminableInterface // always a "master" request (as the real master request can be in cache) $response = SubRequestHandler::handle($this->kernel, $request, HttpKernelInterface::MASTER_REQUEST, $catch); - // we don't implement the stale-if-error on Requests, which is nonetheless part of the RFC - if (null !== $entry && \in_array($response->getStatusCode(), [500, 502, 503, 504])) { + /* + * Support stale-if-error given on Responses or as a config option. + * RFC 7234 summarizes in Section 4.2.4 (but also mentions with the individual + * Cache-Control directives) that + * + * A cache MUST NOT generate a stale response if it is prohibited by an + * explicit in-protocol directive (e.g., by a "no-store" or "no-cache" + * cache directive, a "must-revalidate" cache-response-directive, or an + * applicable "s-maxage" or "proxy-revalidate" cache-response-directive; + * see Section 5.2.2). + * + * https://tools.ietf.org/html/rfc7234#section-4.2.4 + * + * We deviate from this in one detail, namely that we *do* serve entries in the + * stale-if-error case even if they have a `s-maxage` Cache-Control directive. + */ + if (null !== $entry + && \in_array($response->getStatusCode(), [500, 502, 503, 504]) + && !$entry->headers->hasCacheControlDirective('no-cache') + && !$entry->mustRevalidate() + ) { if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) { $age = $this->options['stale_if_error']; } - if (abs($entry->getTtl()) < $age) { + /* + * stale-if-error gives the (extra) time that the Response may be used *after* it has become stale. + * So we compare the time the $entry has been sitting in the cache already with the + * time it was fresh plus the allowed grace period. + */ + if ($entry->getAge() <= $entry->getMaxAge() + $age) { $this->record($request, 'stale-if-error'); return $entry; diff --git a/src/Symfony/Component/HttpKernel/Tests/HttpCache/HttpCacheTest.php b/src/Symfony/Component/HttpKernel/Tests/HttpCache/HttpCacheTest.php index ef201de6cf..cac06a80e5 100644 --- a/src/Symfony/Component/HttpKernel/Tests/HttpCache/HttpCacheTest.php +++ b/src/Symfony/Component/HttpKernel/Tests/HttpCache/HttpCacheTest.php @@ -1523,6 +1523,168 @@ class HttpCacheTest extends HttpCacheTestCase // Surrogate request $cache->handle($request, HttpKernelInterface::SUB_REQUEST); } + + public function testStaleIfErrorMustNotResetLifetime() + { + // Make sure we don't accidentally treat the response as fresh (revalidated) again + // when stale-if-error handling kicks in. + + $responses = [ + [ + 'status' => 200, + 'body' => 'OK', + // This is cacheable and can be used in stale-if-error cases: + 'headers' => ['Cache-Control' => 'public, max-age=10', 'ETag' => 'some-etag'], + ], + [ + 'status' => 500, + 'body' => 'FAIL', + 'headers' => [], + ], + [ + 'status' => 500, + 'body' => 'FAIL', + 'headers' => [], + ], + ]; + + $this->setNextResponses($responses); + $this->cacheConfig['stale_if_error'] = 10; + + $this->request('GET', '/'); // warm cache + + sleep(15); // now the entry is stale, but still within the grace period (10s max-age + 10s stale-if-error) + + $this->request('GET', '/'); // hit backend error + $this->assertEquals(200, $this->response->getStatusCode()); // stale-if-error saved the day + $this->assertEquals(15, $this->response->getAge()); + + sleep(10); // now we're outside the grace period + + $this->request('GET', '/'); // hit backend error + $this->assertEquals(500, $this->response->getStatusCode()); // fail + } + + /** + * @dataProvider getResponseDataThatMayBeServedStaleIfError + */ + public function testResponsesThatMayBeUsedStaleIfError($responseHeaders, $sleepBetweenRequests = null) + { + $responses = [ + [ + 'status' => 200, + 'body' => 'OK', + 'headers' => $responseHeaders, + ], + [ + 'status' => 500, + 'body' => 'FAIL', + 'headers' => [], + ], + ]; + + $this->setNextResponses($responses); + $this->cacheConfig['stale_if_error'] = 10; // after stale, may be served for 10s + + $this->request('GET', '/'); // warm cache + + if ($sleepBetweenRequests) { + sleep($sleepBetweenRequests); + } + + $this->request('GET', '/'); // hit backend error + + $this->assertEquals(200, $this->response->getStatusCode()); + $this->assertEquals('OK', $this->response->getContent()); + $this->assertTraceContains('stale-if-error'); + } + + public function getResponseDataThatMayBeServedStaleIfError() + { + // All data sets assume that a 10s stale-if-error grace period has been configured + yield 'public, max-age expired' => [['Cache-Control' => 'public, max-age=60'], 65]; + yield 'public, validateable with ETag, no TTL' => [['Cache-Control' => 'public', 'ETag' => 'some-etag'], 5]; + yield 'public, validateable with Last-Modified, no TTL' => [['Cache-Control' => 'public', 'Last-Modified' => 'yesterday'], 5]; + yield 'public, s-maxage will be served stale-if-error, even if the RFC mandates otherwise' => [['Cache-Control' => 'public, s-maxage=20'], 25]; + } + + /** + * @dataProvider getResponseDataThatMustNotBeServedStaleIfError + */ + public function testResponsesThatMustNotBeUsedStaleIfError($responseHeaders, $sleepBetweenRequests = null) + { + $responses = [ + [ + 'status' => 200, + 'body' => 'OK', + 'headers' => $responseHeaders, + ], + [ + 'status' => 500, + 'body' => 'FAIL', + 'headers' => [], + ], + ]; + + $this->setNextResponses($responses); + $this->cacheConfig['stale_if_error'] = 10; // after stale, may be served for 10s + $this->cacheConfig['strict_smaxage'] = true; // full RFC compliance for this feature + + $this->request('GET', '/'); // warm cache + + if ($sleepBetweenRequests) { + sleep($sleepBetweenRequests); + } + + $this->request('GET', '/'); // hit backend error + + $this->assertEquals(500, $this->response->getStatusCode()); + } + + public function getResponseDataThatMustNotBeServedStaleIfError() + { + // All data sets assume that a 10s stale-if-error grace period has been configured + yield 'public, no TTL but beyond grace period' => [['Cache-Control' => 'public'], 15]; + yield 'public, validateable with ETag, no TTL but beyond grace period' => [['Cache-Control' => 'public', 'ETag' => 'some-etag'], 15]; + yield 'public, validateable with Last-Modified, no TTL but beyond grace period' => [['Cache-Control' => 'public', 'Last-Modified' => 'yesterday'], 15]; + yield 'public, stale beyond grace period' => [['Cache-Control' => 'public, max-age=10'], 30]; + + // Cache-control values that prohibit serving stale responses or responses without positive validation - + // see https://tools.ietf.org/html/rfc7234#section-4.2.4 and + // https://tools.ietf.org/html/rfc7234#section-5.2.2 + yield 'no-cache requires positive validation' => [['Cache-Control' => 'public, no-cache', 'ETag' => 'some-etag']]; + yield 'no-cache requires positive validation, even if fresh' => [['Cache-Control' => 'public, no-cache, max-age=10']]; + yield 'must-revalidate requires positive validation once stale' => [['Cache-Control' => 'public, max-age=10, must-revalidate'], 15]; + yield 'proxy-revalidate requires positive validation once stale' => [['Cache-Control' => 'public, max-age=10, proxy-revalidate'], 15]; + } + + public function testStaleIfErrorWhenStrictSmaxageDisabled() + { + $responses = [ + [ + 'status' => 200, + 'body' => 'OK', + 'headers' => ['Cache-Control' => 'public, s-maxage=20'], + ], + [ + 'status' => 500, + 'body' => 'FAIL', + 'headers' => [], + ], + ]; + + $this->setNextResponses($responses); + $this->cacheConfig['stale_if_error'] = 10; + $this->cacheConfig['strict_smaxage'] = false; + + $this->request('GET', '/'); // warm cache + sleep(25); + $this->request('GET', '/'); // hit backend error + + $this->assertEquals(200, $this->response->getStatusCode()); + $this->assertEquals('OK', $this->response->getContent()); + $this->assertTraceContains('stale-if-error'); + } } class TestKernel implements HttpKernelInterface From cd0db78ab554639f5f08b119c4c53daea5782ee6 Mon Sep 17 00:00:00 2001 From: noniagriconomie Date: Thu, 30 Jan 2020 17:47:09 +0100 Subject: [PATCH 4/5] [HttpClient] Fix regex bearer --- src/Symfony/Component/HttpClient/HttpClientTrait.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpClient/HttpClientTrait.php b/src/Symfony/Component/HttpClient/HttpClientTrait.php index 2914ab20b6..298ebc741b 100644 --- a/src/Symfony/Component/HttpClient/HttpClientTrait.php +++ b/src/Symfony/Component/HttpClient/HttpClientTrait.php @@ -86,7 +86,7 @@ trait HttpClientTrait throw new InvalidArgumentException(sprintf('Option "auth_basic" must be string or an array, %s given.', \gettype($options['auth_basic']))); } - if (isset($options['auth_bearer']) && (!\is_string($options['auth_bearer']) || !preg_match('{^[-._~+/0-9a-zA-Z]++=*+$}', $options['auth_bearer']))) { + if (isset($options['auth_bearer']) && (!\is_string($options['auth_bearer']) || !preg_match('{^[-._=~+/0-9a-zA-Z]++$}', $options['auth_bearer']))) { throw new InvalidArgumentException(sprintf('Option "auth_bearer" must be a string containing only characters from the base 64 alphabet, %s given.', \is_string($options['auth_bearer']) ? 'invalid string' : \gettype($options['auth_bearer']))); } From 1edecf77c115fc1a5e7163ad1a829ed271d1ca9c Mon Sep 17 00:00:00 2001 From: Ivan Grigoriev Date: Fri, 31 Jan 2020 00:43:04 +0300 Subject: [PATCH 5/5] [Validator] fix access to uninitialized property when getting value --- .../Validator/Mapping/PropertyMetadata.php | 8 +++++++- .../Validator/Tests/Fixtures/Entity_74.php | 8 ++++++++ .../Tests/Mapping/PropertyMetadataTest.php | 13 +++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 src/Symfony/Component/Validator/Tests/Fixtures/Entity_74.php diff --git a/src/Symfony/Component/Validator/Mapping/PropertyMetadata.php b/src/Symfony/Component/Validator/Mapping/PropertyMetadata.php index b03a059f84..872bd067be 100644 --- a/src/Symfony/Component/Validator/Mapping/PropertyMetadata.php +++ b/src/Symfony/Component/Validator/Mapping/PropertyMetadata.php @@ -48,7 +48,13 @@ class PropertyMetadata extends MemberMetadata */ public function getPropertyValue($object) { - return $this->getReflectionMember($object)->getValue($object); + $reflProperty = $this->getReflectionMember($object); + + if (\PHP_VERSION_ID >= 70400 && !$reflProperty->isInitialized($object)) { + return null; + } + + return $reflProperty->getValue($object); } /** diff --git a/src/Symfony/Component/Validator/Tests/Fixtures/Entity_74.php b/src/Symfony/Component/Validator/Tests/Fixtures/Entity_74.php new file mode 100644 index 0000000000..cb22fb7f72 --- /dev/null +++ b/src/Symfony/Component/Validator/Tests/Fixtures/Entity_74.php @@ -0,0 +1,8 @@ +expectException('Symfony\Component\Validator\Exception\ValidatorException'); $metadata->getPropertyValue($entity); } + + /** + * @requires PHP 7.4 + */ + public function testGetPropertyValueFromUninitializedProperty() + { + $entity = new Entity_74(); + $metadata = new PropertyMetadata(self::CLASSNAME_74, 'uninitialized'); + + $this->assertNull($metadata->getPropertyValue($entity)); + } }