From b310e18f7993747d073be50d21c6f8742ea6ed43 Mon Sep 17 00:00:00 2001
From: Robin Chalas <robin.chalas@gmail.com>
Date: Thu, 5 Oct 2023 15:08:48 +0200
Subject: [PATCH] [Security] Fix resetting traceable listeners' state

---
 .../SecurityBundle/Debug/TraceableFirewallListener.php   | 9 ++++++++-
 .../DependencyInjection/SecurityExtension.php            | 1 +
 .../SecurityBundle/Resources/config/security_debug.php   | 1 +
 src/Symfony/Bundle/SecurityBundle/composer.json          | 2 +-
 .../Debug/TraceableAuthenticatorManagerListener.php      | 8 +++++++-
 5 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/Symfony/Bundle/SecurityBundle/Debug/TraceableFirewallListener.php b/src/Symfony/Bundle/SecurityBundle/Debug/TraceableFirewallListener.php
index e82b47695bad..36cac1560e31 100644
--- a/src/Symfony/Bundle/SecurityBundle/Debug/TraceableFirewallListener.php
+++ b/src/Symfony/Bundle/SecurityBundle/Debug/TraceableFirewallListener.php
@@ -17,13 +17,14 @@
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticatorManagerListener;
 use Symfony\Component\Security\Http\Firewall\FirewallListenerInterface;
+use Symfony\Contracts\Service\ResetInterface;
 
 /**
  * Firewall collecting called security listeners and authenticators.
  *
  * @author Robin Chalas <robin.chalas@gmail.com>
  */
-final class TraceableFirewallListener extends FirewallListener
+final class TraceableFirewallListener extends FirewallListener implements ResetInterface
 {
     private $wrappedListeners = [];
     private $authenticatorsInfo = [];
@@ -94,4 +95,10 @@ protected function callListeners(RequestEvent $event, iterable $listeners)
             $this->authenticatorsInfo = $authenticatorManagerListener->getAuthenticatorsInfo();
         }
     }
+
+    public function reset(): void
+    {
+        $this->wrappedListeners = [];
+        $this->authenticatorsInfo = [];
+    }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
index c165024b68d0..2549a3629242 100644
--- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -544,6 +544,7 @@ private function createFirewall(ContainerBuilder $container, string $id, array $
                     ->register('debug.security.firewall.authenticator.'.$id, TraceableAuthenticatorManagerListener::class)
                     ->setDecoratedService('security.firewall.authenticator.'.$id)
                     ->setArguments([new Reference('debug.security.firewall.authenticator.'.$id.'.inner')])
+                    ->addTag('kernel.reset', ['method' => 'reset']);
                 ;
             }
 
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php
index dc668b15e9de..c98e3a698467 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_debug.php
@@ -36,6 +36,7 @@
                 service('security.logout_url_generator'),
             ])
             ->tag('kernel.event_subscriber')
+            ->tag('kernel.reset', ['method' => 'reset'])
         ->alias('security.firewall', 'debug.security.firewall')
     ;
 };
diff --git a/src/Symfony/Bundle/SecurityBundle/composer.json b/src/Symfony/Bundle/SecurityBundle/composer.json
index dc3c62aeee0e..ee5a8b2eba7f 100644
--- a/src/Symfony/Bundle/SecurityBundle/composer.json
+++ b/src/Symfony/Bundle/SecurityBundle/composer.json
@@ -29,7 +29,7 @@
         "symfony/security-core": "^5.4|^6.0",
         "symfony/security-csrf": "^4.4|^5.0|^6.0",
         "symfony/security-guard": "^5.3",
-        "symfony/security-http": "^5.4.20|~6.0.20|~6.1.12|^6.2.6"
+        "symfony/security-http": "^5.4.30|~6.0.20|~6.1.12|^6.2.6|^6.3.6"
     },
     "require-dev": {
         "doctrine/annotations": "^1.10.4|^2",
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php b/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php
index 3286ce265dd8..e67e33228601 100644
--- a/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php
+++ b/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php
@@ -16,13 +16,14 @@
 use Symfony\Component\Security\Http\Firewall\AbstractListener;
 use Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener;
 use Symfony\Component\VarDumper\Caster\ClassStub;
+use Symfony\Contracts\Service\ResetInterface;
 
 /**
  * Decorates the AuthenticatorManagerListener to collect information about security authenticators.
  *
  * @author Robin Chalas <robin.chalas@gmail.com>
  */
-final class TraceableAuthenticatorManagerListener extends AbstractListener
+final class TraceableAuthenticatorManagerListener extends AbstractListener implements ResetInterface
 {
     private $authenticationManagerListener;
     private $authenticatorsInfo = [];
@@ -78,4 +79,9 @@ public function getAuthenticatorsInfo(): array
     {
         return $this->authenticatorsInfo;
     }
+
+    public function reset(): void
+    {
+        $this->authenticatorsInfo = [];
+    }
 }