Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
EZP-27996: "Remember me" doesn't retrieve the current user from Repos…
…itory (#2106) * EZP-27996: "Remember me" doesn't retrieve the current user from Repository * fixup! EZP-27996: "Remember me" doesn't retrieve the current user from Repository * Throw rather than return null * fixup! Throw rather than return null * fixup! fixup! Throw rather than return null
- Loading branch information
Showing
5 changed files
with
225 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
44 changes: 44 additions & 0 deletions
44
...h/Core/MVC/Symfony/Security/Authentication/RememberMeRepositoryAuthenticationProvider.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
<?php | ||
|
||
/** | ||
* File containing the RememberMeRepositoryAuthenticationProvider class. | ||
* | ||
* @copyright Copyright (C) eZ Systems AS. All rights reserved. | ||
* @license For full copyright and license information view LICENSE file distributed with this source code. | ||
*/ | ||
namespace eZ\Publish\Core\MVC\Symfony\Security\Authentication; | ||
|
||
use eZ\Publish\API\Repository\Repository; | ||
use Symfony\Component\Security\Core\Authentication\Provider\RememberMeAuthenticationProvider; | ||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | ||
use Symfony\Component\Security\Core\Exception\AuthenticationException; | ||
|
||
class RememberMeRepositoryAuthenticationProvider extends RememberMeAuthenticationProvider | ||
{ | ||
/** | ||
* @var \eZ\Publish\API\Repository\Repository | ||
*/ | ||
private $repository; | ||
|
||
public function setRepository(Repository $repository) | ||
{ | ||
$this->repository = $repository; | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function authenticate(TokenInterface $token) | ||
{ | ||
$authenticatedToken = parent::authenticate($token); | ||
if (empty($authenticatedToken)) { | ||
throw new AuthenticationException('The token is not supported by this authentication provider.'); | ||
} | ||
|
||
$this->repository->getPermissionResolver()->setCurrentUserReference( | ||
$authenticatedToken->getUser()->getAPIUser() | ||
); | ||
|
||
return $authenticatedToken; | ||
} | ||
} |
165 changes: 165 additions & 0 deletions
165
.../Symfony/Security/Tests/Authentication/RememberMeRepositoryAuthenticationProviderTest.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,165 @@ | ||
<?php | ||
|
||
/** | ||
* File containing the RememberMeRepositoryAuthenticationProviderTest class. | ||
* | ||
* @copyright Copyright (C) eZ Systems AS. All rights reserved. | ||
* @license For full copyright and license information view LICENSE file distributed with this source code. | ||
*/ | ||
namespace eZ\Publish\Core\MVC\Symfony\Security\Tests\Authentication; | ||
|
||
use eZ\Publish\API\Repository\Repository; | ||
use eZ\Publish\API\Repository\Values\User\User as ApiUser; | ||
use eZ\Publish\API\Repository\Values\User\UserReference; | ||
use eZ\Publish\Core\MVC\Symfony\Security\Authentication\RememberMeRepositoryAuthenticationProvider; | ||
use eZ\Publish\Core\MVC\Symfony\Security\User; | ||
use eZ\Publish\Core\Repository\Helper\LimitationService; | ||
use eZ\Publish\Core\Repository\Helper\RoleDomainMapper; | ||
use eZ\Publish\Core\Repository\Permission\PermissionResolver; | ||
use eZ\Publish\SPI\Persistence\User\Handler as UserHandler; | ||
use PHPUnit\Framework\TestCase; | ||
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; | ||
use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken; | ||
use Symfony\Component\Security\Core\User\UserCheckerInterface; | ||
use Symfony\Component\Security\Core\User\UserInterface; | ||
|
||
class RememberMeRepositoryAuthenticationProviderTest extends TestCase | ||
{ | ||
/** | ||
* @var RememberMeRepositoryAuthenticationProvider | ||
*/ | ||
private $authProvider; | ||
|
||
/** | ||
* @var \PHPUnit_Framework_MockObject_MockObject|\eZ\Publish\API\Repository\Repository | ||
*/ | ||
private $repository; | ||
|
||
protected function setUp() | ||
{ | ||
parent::setUp(); | ||
|
||
$this->repository = $this->getMock(Repository::class); | ||
$this->authProvider = new RememberMeRepositoryAuthenticationProvider( | ||
$this->getMock(UserCheckerInterface::class), | ||
'my secret', | ||
'my provider secret' | ||
); | ||
$this->authProvider->setRepository($this->repository); | ||
} | ||
|
||
/** | ||
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException | ||
* @expectedExceptionMessage The token is not supported by this authentication provider. | ||
*/ | ||
public function testAuthenticateUnsupportedToken() | ||
{ | ||
$anonymousToken = $this | ||
->getMockBuilder(AnonymousToken::class) | ||
->setConstructorArgs(['secret', $this->getMock(UserInterface::class)]) | ||
->getMock(); | ||
$this->authProvider->authenticate($anonymousToken); | ||
} | ||
|
||
/** | ||
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationException | ||
* @expectedExceptionMessage The token is not supported by this authentication provider. | ||
*/ | ||
public function testAuthenticateWrongProviderKey() | ||
{ | ||
$user = $this->getMock(UserInterface::class); | ||
$user | ||
->expects($this->any()) | ||
->method('getRoles') | ||
->will($this->returnValue([])); | ||
|
||
$rememberMeToken = $this | ||
->getMockBuilder(RememberMeToken::class) | ||
->setConstructorArgs([$user, 'wrong provider secret', 'my secret']) | ||
->getMock(); | ||
$rememberMeToken | ||
->expects($this->any()) | ||
->method('getProviderKey') | ||
->will($this->returnValue('wrong provider secret')); | ||
|
||
$this->authProvider->authenticate($rememberMeToken); | ||
} | ||
|
||
/** | ||
* @expectedException \Symfony\Component\Security\Core\Exception\BadCredentialsException | ||
*/ | ||
public function testAuthenticateWrongSecret() | ||
{ | ||
$user = $this->getMock(UserInterface::class); | ||
$user | ||
->expects($this->any()) | ||
->method('getRoles') | ||
->will($this->returnValue([])); | ||
|
||
$rememberMeToken = $this | ||
->getMockBuilder(RememberMeToken::class) | ||
->setConstructorArgs([$user, 'my provider secret', 'the wrong secret']) | ||
->getMock(); | ||
$rememberMeToken | ||
->expects($this->any()) | ||
->method('getProviderKey') | ||
->will($this->returnValue('my provider secret')); | ||
$rememberMeToken | ||
->expects($this->any()) | ||
->method('getSecret') | ||
->will($this->returnValue('the wrong secret')); | ||
|
||
$this->authProvider->authenticate($rememberMeToken); | ||
} | ||
|
||
public function testAuthenticate() | ||
{ | ||
$this->repository | ||
->expects($this->once()) | ||
->method('getPermissionResolver') | ||
->will($this->returnValue($this->getPermissionResolverMock())); | ||
|
||
$apiUser = $this->getMock(ApiUser::class); | ||
$apiUser | ||
->expects($this->any()) | ||
->method('getUserId') | ||
->will($this->returnValue(42)); | ||
|
||
$tokenUser = new User($apiUser); | ||
$rememberMeToken = new RememberMeToken($tokenUser, 'my provider secret', 'my secret'); | ||
|
||
$authenticatedToken = $this->authProvider->authenticate($rememberMeToken); | ||
$this->assertEquals( | ||
[$rememberMeToken->getProviderKey(), $rememberMeToken->getSecret(), $rememberMeToken->getUsername()], | ||
[$authenticatedToken->getProviderKey(), $authenticatedToken->getSecret(), $authenticatedToken->getUsername()] | ||
); | ||
} | ||
|
||
/** | ||
* @return \eZ\Publish\Core\Repository\Permission\PermissionResolver|\PHPUnit_Framework_MockObject_MockObject | ||
*/ | ||
private function getPermissionResolverMock() | ||
{ | ||
return $this | ||
->getMockBuilder(PermissionResolver::class) | ||
->setMethods(null) | ||
->setConstructorArgs( | ||
[ | ||
$this | ||
->getMockBuilder(RoleDomainMapper::class) | ||
->disableOriginalConstructor() | ||
->getMock(), | ||
$this | ||
->getMockBuilder(LimitationService::class) | ||
->getMock(), | ||
$this | ||
->getMockBuilder(UserHandler::class) | ||
->getMock(), | ||
$this | ||
->getMockBuilder(UserReference::class) | ||
->getMock(), | ||
] | ||
) | ||
->getMock(); | ||
} | ||
} |