Skip to content

Commit

Permalink
[2.3][SECURITY] Add remember me cookie configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
@klaascuvelier @fabpot
klaascuvelier authored and fabpot committed Oct 6, 2015
1 parent 2b35f38 commit e8f0e5a
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 26 deletions.
7 changes: 5 additions & 2 deletions src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php
View file
Expand Up @@ -34,7 +34,10 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
const COOKIE_DELIMITER = ':';

protected $logger;
protected $options;
protected $options = array(
'secure' => false,
'httponly' => true,
);
private $providerKey;
private $key;
private $userProviders;
Expand Down Expand Up @@ -65,7 +68,7 @@ public function __construct(array $userProviders, $key, $providerKey, array $opt
$this->userProviders = $userProviders;
$this->key = $key;
$this->providerKey = $providerKey;
$this->options = $options;
$this->options = array_merge($this->options, $options);
$this->logger = $logger;
}

Expand Down
10 changes: 0 additions & 10 deletions src/Symfony/Component/Security/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php
View file
Expand Up @@ -91,11 +91,8 @@ public function testLogout(array $options)
$request = new Request();
$response = new Response();
$token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');

$service->logout($request, $response, $token);

$cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);

$this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie);
$this->assertTrue($cookie->isCleared());
$this->assertSame($options['name'], $cookie->getName());
Expand Down Expand Up @@ -286,13 +283,6 @@ protected function getService($userProvider = null, $options = array(), $logger
$userProvider = $this->getProvider();
}

if (!isset($options['secure'])) {
$options['secure'] = false;
}
if (!isset($options['httponly'])) {
$options['httponly'] = true;
}

return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
array($userProvider), 'fookey', 'fookey', $options, $logger,
));
Expand Down
7 changes: 0 additions & 7 deletions ...y/Component/Security/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
View file
Expand Up @@ -313,13 +313,6 @@ protected function getService($userProvider = null, $options = array(), $logger
$userProvider = $this->getProvider();
}

if (!isset($options['secure'])) {
$options['secure'] = false;
}
if (!isset($options['httponly'])) {
$options['httponly'] = true;
}

return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
}

Expand Down
7 changes: 0 additions & 7 deletions src/Symfony/Component/Security/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php
View file
Expand Up @@ -266,13 +266,6 @@ protected function getService($userProvider = null, $options = array(), $logger
$userProvider = $this->getProvider();
}

if (!isset($options['secure'])) {
$options['secure'] = false;
}
if (!isset($options['httponly'])) {
$options['httponly'] = true;
}

$service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);

return $service;
Expand Down

0 comments on commit e8f0e5a

Please sign in to comment.