symfony

Archived

forked from https://github.com/symfony/symfony

This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

Fabien Potencier afdb97e864 feature #37337 [Security] Configurable execution order for firewall listeners (scheb) This PR was merged into the 5.2-dev branch. Discussion ---------- [Security] Configurable execution order for firewall listeners \| Q \| A \| ------------- \| --- \| Branch? \| master \| Bug fix? \| no \| New feature? \| yes \| Deprecations? \| no \| License \| MIT \| Doc PR \| n/a Hello there, I'm the author of `scheb/two-factor-bundle`, which extends Symfony's security layer with two-factor authentication. I've been closely following the recent changes by @wouterj to rework the security layer with "authenticators" (great work!). While I managed to make my bundle work with authenticators, I see some limitations in the security layer that I'd like to address to make such extensions easier to implement. In #37336 I've submitted a draft to let security factories add their own authentication listeners to the firewall. This PR is intended to address the issue of execution order. If you look at the `Firewall` class `f64f59a9c0/src/Symfony/Component/Security/Http/Firewall.php (L62-L82)` authentication listeners are executed in the order of their creation. Additionally, there's hardcoded logic to execute `Symfony\Component\Security\Http\Firewall\AccessListener` always last and the logout listener second to last. I'd like to have a more flexible approach, to remove the hardcoded order and give authentication listeners the ability to determine their execution order. I've added an optional interface to provide a priority to sort all registered authenitication listeners. Sorting is done in a compiler pass, so no time is wasted at runtime. This is a draft, so I'd like to hear your opinion on this :) Commits ------- `91388e871b` Add ability to prioritize firewall listeners		2020-09-02 13:06:53 +02:00
.github	Merge branch '4.4' into 5.1	2020-07-29 16:51:18 +02:00
src/Symfony	feature #37337 [Security] Configurable execution order for firewall listeners (scheb)	2020-09-02 13:06:53 +02:00
.appveyor.yml	Merge branch '5.0'	2020-04-12 11:49:11 +02:00
.editorconfig	Update .editorconfig	2018-09-06 16:22:56 +02:00
.gitignore	Run the phpunit-bridge from a PR	2019-08-02 17:46:19 +02:00
.php_cs.dist	[Serializer] Add CompiledClassMetadataFactory	2020-08-11 12:10:04 +02:00
.travis.yml	clean up HHVM instructions	2020-07-08 16:52:52 +02:00
CHANGELOG-4.0.md	Merge branch '3.4' into 4.1	2018-08-01 18:22:14 +02:00
CHANGELOG-4.1.md	updated CHANGELOG for 4.1.10	2019-01-06 17:16:07 +01:00
CHANGELOG-4.2.md	updated CHANGELOG for 4.2.10	2019-06-26 16:19:37 +02:00
CHANGELOG-4.3.md	updated CHANGELOG for 4.3.10	2020-01-21 14:13:32 +01:00
CHANGELOG-4.4.md	Update CHANGELOG for 4.4.12	2020-08-31 08:09:33 +02:00
CHANGELOG-5.0.md	Merge branch '5.0' into 5.1	2020-06-15 13:50:15 +02:00
CHANGELOG-5.1.md	Update CHANGELOG for 5.1.4	2020-08-31 08:18:02 +02:00
CODE_OF_CONDUCT.md	Added the Code of Conduct file	2018-10-10 03:13:30 -07:00
composer.json	bug #37578 [HttpClient] fix pausing AmpResponse (kelunik)	2020-08-27 16:48:24 +02:00
CONTRIBUTING.md	Mention the community review guide	2016-12-18 22:02:35 +01:00
CONTRIBUTORS.md	Update CONTRIBUTORS for 3.4.44	2020-08-31 07:52:54 +02:00
LICENSE	Update year in license files	2020-01-01 12:03:25 +01:00
link	Merge branch '3.4' into 4.4	2020-08-26 10:30:46 +02:00
phpunit	Use PHPUnit 9.3 on php 8.	2020-08-10 10:16:22 +02:00
phpunit.xml.dist	[Uid] minor improvements	2020-03-20 20:42:05 +01:00
README.md	Minor improvement	2020-07-29 07:57:47 +02:00
UPGRADE-5.0.md	Typo: somes styles fixed	2020-08-06 09:00:23 +02:00
UPGRADE-5.1.md	Added deprecation for RememberMe services without logout() method	2020-05-16 13:05:23 +02:00
UPGRADE-5.2.md	Renamed $providerKey to $firewallName	2020-08-26 17:34:05 +02:00
UPGRADE-6.0.md	Renamed $providerKey to $firewallName	2020-08-26 17:34:05 +02:00

README.md

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

Installation

Install Symfony with Composer (see requirements details).
Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.

Documentation

Read the Getting Started guide if you are new to Symfony.
Try the Symfony Demo application to learn Symfony in practice.
Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.

Community

Join the Symfony Community and meet other members at the Symfony events.
Get Symfony support on Stack Overflow, Slack, IRC, etc.
Follow us on GitHub, Twitter and Facebook.
Read our Code of Conduct and meet the CARE Team.

Contributing

Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

Security Issues

If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

About Us

Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.