[Security/Http] fix parsing X509 emailAddress

2019-09-30 14:24:32 +02:00 · 2019-09-30 14:24:32 +02:00 · fceb86bde6
parent 03f2adcb4e
commit fceb86bde6
2 changed files with 2 additions and 1 deletions
--- a/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php
@ -46,7 +46,7 @@ class X509AuthenticationListener extends AbstractPreAuthenticatedListener
            $user = $request->server->get($this->userKey);
        } elseif (
            $request->server->has($this->credentialKey)
-            && preg_match('#emailAddress=(.+\@.+\.[^,/]+)($|,|/)#', $request->server->get($this->credentialKey), $matches)
+            && preg_match('#emailAddress=([^,/@]++@[^,/]++)#', $request->server->get($this->credentialKey), $matches)
        ) {
            $user = $matches[1];
        }
--- a/src/Symfony/Component/Security/Http/Tests/Firewall/X509AuthenticationListenerTest.php
+++ b/src/Symfony/Component/Security/Http/Tests/Firewall/X509AuthenticationListenerTest.php
@ -81,6 +81,7 @@ class X509AuthenticationListenerTest extends TestCase
        yield ['cert+something@example.com', 'CN=Sample certificate DN,emailAddress=cert+something@example.com'];
        yield ['cert+something@example.com', 'emailAddress=cert+something@example.com,CN=Sample certificate DN'];
        yield ['cert+something@example.com', 'emailAddress=cert+something@example.com'];
+        yield ['firstname.lastname@mycompany.co.uk', 'emailAddress=firstname.lastname@mycompany.co.uk,CN=Firstname.Lastname,OU=london,OU=company design and engineering,OU=Issuer London,OU=Roaming,OU=Interactive,OU=Users,OU=Standard,OU=Business,DC=england,DC=core,DC=company,DC=co,DC=uk'];
    }

    public function testGetPreAuthenticatedDataNoData()