Permalink
Browse files

remove user provider name

  • Loading branch information...
1 parent cd64046 commit df6ffbbf070faf70f64433b9dafbafa2dbff660d @schmittjoh schmittjoh committed with fabpot Dec 16, 2010
Showing with 116 additions and 169 deletions.
  1. +12 −14 src/Symfony/Bundle/DoctrineBundle/Security/EntityUserProvider.php
  2. +12 −14 src/Symfony/Bundle/DoctrineMongoDBBundle/Security/DocumentUserProvider.php
  3. +1 −6 src/Symfony/Bundle/FrameworkBundle/DependencyInjection/SecurityExtension.php
  4. +16 −32 src/Symfony/Component/HttpKernel/Security/Firewall/ContextListener.php
  5. +8 −15 src/Symfony/Component/Security/Authentication/Provider/DaoAuthenticationProvider.php
  6. +11 −12 src/Symfony/Component/Security/Authentication/Provider/UserAuthenticationProvider.php
  7. +2 −11 src/Symfony/Component/Security/Authentication/Token/Token.php
  8. +0 −7 src/Symfony/Component/Security/Authentication/Token/TokenInterface.php
  9. +1 −2 src/Symfony/Component/Security/Authentication/Token/UsernamePasswordToken.php
  10. +13 −0 src/Symfony/Component/Security/Exception/UnsupportedAccountException.php
  11. +2 −0 src/Symfony/Component/Security/User/AccountInterface.php
  12. +10 −16 src/Symfony/Component/Security/User/InMemoryUserProvider.php
  13. +13 −19 src/Symfony/Component/Security/User/UserProviderInterface.php
  14. +4 −8 tests/Symfony/Tests/Component/Security/Authentication/Provider/DaoAuthenticationProviderTest.php
  15. +4 −5 tests/Symfony/Tests/Component/Security/Authentication/Provider/UserAuthenticationProviderTest.php
  16. +1 −1 tests/Symfony/Tests/Component/Security/Authentication/Token/UsernamePasswordTokenTest.php
  17. +6 −7 tests/Symfony/Tests/Component/Security/User/InMemoryProviderTest.php
@@ -2,28 +2,22 @@
namespace Symfony\Bundle\DoctrineBundle\Security;
+use Symfony\Component\Security\User\AccountInterface;
use Symfony\Component\Security\User\UserProviderInterface;
+use Symfony\Component\Security\Exception\UnsupportedAccountException;
use Symfony\Component\Security\Exception\UsernameNotFoundException;
class EntityUserProvider implements UserProviderInterface
{
+ protected $class;
protected $repository;
protected $property;
- protected $name;
- public function __construct($em, $name, $class, $property = null)
+ public function __construct($em, $class, $property = null)
{
+ $this->class = $class;
$this->repository = $em->getRepository($class);
$this->property = $property;
- $this->name = $name;
- }
-
- /**
- * {@inheritDoc}
- */
- public function isAggregate()
- {
- return false;
}
/**
@@ -45,14 +39,18 @@ public function loadUserByUsername($username)
throw new UsernameNotFoundException(sprintf('User "%s" not found.', $username));
}
- return array($user, $this->name);
+ return $user;
}
/**
* {@inheritDoc}
*/
- public function supports($providerName)
+ public function reloadUserByAccount(AccountInterface $account)
{
- return $this->name === $providerName;
+ if (!$account instanceof $this->class) {
+ throw new UnsupportedAccountException(sprintf('Instances of "%s" are not supported.', get_class($account)));
+ }
+
+ return $this->loadUserByUsername((string) $account);
}
}
@@ -2,28 +2,22 @@
namespace Symfony\Bundle\DoctrineMongoDBBundle\Security;
+use Symfony\Component\Security\User\AccountInterface;
use Symfony\Component\Security\User\UserProviderInterface;
+use Symfony\Component\Security\Exception\UnsupportedAccountException;
use Symfony\Component\Security\Exception\UsernameNotFoundException;
class DocumentUserProvider implements UserProviderInterface
{
+ protected $class;
protected $repository;
protected $property;
- protected $name;
- public function __construct($em, $name, $class, $property = null)
+ public function __construct($em, $class, $property = null)
{
+ $this->class = $class;
$this->repository = $em->getRepository($class);
$this->property = $property;
- $this->name = $name;
- }
-
- /**
- * {@inheritDoc}
- */
- public function isAggregate()
- {
- return false;
}
/**
@@ -45,14 +39,18 @@ public function loadUserByUsername($username)
throw new UsernameNotFoundException(sprintf('User "%s" not found.', $username));
}
- return array($user, $this->name);
+ return $user;
}
/**
* {@inheritDoc}
*/
- public function supports($providerName)
+ public function reloadUserByAccount(AccountInterface $account)
{
- return $this->name === $providerName;
+ if (!$account instanceof $this->class) {
+ throw new UnsupportedAccountException(sprintf('Instances of "%s" are not supported.', get_class($account)));
+ }
+
+ return $this->loadUserByUsername((string) $account);
}
}
@@ -377,7 +377,6 @@ protected function createUserDaoProvider($name, $provider, ContainerBuilder $con
->register($name, '%security.user.provider.entity.class%')
->setArguments(array(
new Reference('security.user.entity_manager'),
- $name,
$provider['entity']['class'],
isset($provider['entity']['property']) ? $provider['entity']['property'] : null,
));
@@ -391,7 +390,6 @@ protected function createUserDaoProvider($name, $provider, ContainerBuilder $con
->register($name, '%security.user.provider.document.class%')
->setArguments(array(
new Reference('security.user.document_manager'),
- $name,
$provider['document']['class'],
isset($provider['document']['property']) ? $provider['document']['property'] : null,
));
@@ -400,10 +398,7 @@ protected function createUserDaoProvider($name, $provider, ContainerBuilder $con
}
// In-memory DAO provider
- $definition = $container
- ->register($name, '%security.user.provider.in_memory.class%')
- ->setArguments(array($name))
- ;
+ $definition = $container->register($name, '%security.user.provider.in_memory.class%');
foreach ($this->fixConfig($provider, 'user') as $username => $user) {
if (isset($user['name'])) {
$username = $user['name'];
@@ -2,15 +2,17 @@
namespace Symfony\Component\HttpKernel\Security\Firewall;
-use Symfony\Component\Security\User\AccountInterface;
-use Symfony\Component\Security\Authentication\Token\TokenInterface;
-use Symfony\Component\Security\SecurityContext;
-use Symfony\Component\HttpKernel\Log\LoggerInterface;
-use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\EventDispatcher\Event;
+use Symfony\Component\EventDispatcher\EventDispatcher;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\HttpKernelInterface;
+use Symfony\Component\HttpKernel\Log\LoggerInterface;
use Symfony\Component\Security\Authentication\Token\AnonymousToken;
+use Symfony\Component\Security\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Exception\UnsupportedAccountException;
+use Symfony\Component\Security\SecurityContext;
+use Symfony\Component\Security\User\AccountInterface;
/*
* This file is part of the Symfony framework.
@@ -128,37 +130,15 @@ protected function refreshUser(TokenInterface $token)
$user = $token->getUser();
if (!$user instanceof AccountInterface) {
return $token;
- } else if (0 === strlen($username = (string) $token)) {
- return $token;
- } else if (null === $providerName = $token->getUserProviderName()) {
- return $token;
}
if (null !== $this->logger) {
- $this->logger->debug(sprintf('Reloading user from user provider "%s".', $providerName));
+ $this->logger->debug(sprintf('Reloading user from user provider.'));
}
foreach ($this->userProviders as $provider) {
- if (!$provider->isAggregate() && $provider->supports($providerName)) {
- try {
- $result = $provider->loadUserByUsername($username);
-
- if (!is_array($result) || 2 !== count($result)) {
- throw new \RuntimeException('Provider returned an invalid result.');
- }
-
- list($cUser, $cProviderName) = $result;
- } catch (\Exception $ex) {
- if (null !== $this->logger) {
- $this->logger->debug(sprintf('An exception occurred while reloading the user: '.$ex->getMessage()));
- }
-
- return null;
- }
-
- if ($providerName !== $cProviderName) {
- throw new \RuntimeException(sprintf('User was loaded from different provider. Requested "%s", Used: "%s"', $providerName, $cProviderName));
- }
+ try {
+ $cUser = $provider->reloadUserByAccount($user);
$token->setRoles($cUser->getRoles());
$token->setUser($cUser);
@@ -168,9 +148,13 @@ protected function refreshUser(TokenInterface $token)
}
return $token;
+ } catch (UnsupportedAccountException $unsupported) {
+ } catch (UsernameNotFoundException $notFound) {
+
+ return null;
}
}
- throw new \RuntimeException(sprintf('There is no user provider named "%s".', $providerName));
+ throw new \RuntimeException(sprintf('There is no user provider for user "%s".', get_class($user)));
}
-}
+}
@@ -78,28 +78,21 @@ protected function retrieveUser($username, UsernamePasswordToken $token)
{
$user = $token->getUser();
if ($user instanceof AccountInterface) {
- return array($user, $token->getUserProviderName());
+ return $user;
}
- $result = null;
try {
- $result = $this->userProvider->loadUserByUsername($username);
+ $user = $this->userProvider->loadUserByUsername($username);
+
+ if (!$user instanceof AccountInterface) {
+ throw new AuthenticationServiceException('The user provider must return an AccountInterface object.');
+ }
+
+ return $user;
} catch (UsernameNotFoundException $notFound) {
throw $notFound;
} catch (\Exception $repositoryProblem) {
throw new AuthenticationServiceException($repositoryProblem->getMessage(), $token, 0, $repositoryProblem);
}
-
- if (!is_array($result) || 2 !== count($result)) {
- throw new AuthenticationServiceException('User provider did not return an array, or array had invalid format.');
- }
- if (!$result[0] instanceof AccountInterface) {
- throw new AuthenticationServiceException('The user provider must return an AccountInterface object.');
- }
- if (empty($result[1])) {
- throw new AuthenticationServiceException('The user provider must return a non-empty user provider name.');
- }
-
- return $result;
}
}
@@ -54,25 +54,24 @@ public function authenticate(TokenInterface $token)
$username = null === $token->getUser() ? 'NONE_PROVIDED' : (string) $token;
try {
- $result = $this->retrieveUser($username, $token);
+ $user = $this->retrieveUser($username, $token);
+
+ if (!$user instanceof AccountInterface) {
+ throw new AuthenticationServiceException('retrieveUser() must return an AccountInterface.');
+ }
+
+ $this->accountChecker->checkPreAuth($user);
+ $this->checkAuthentication($user, $token);
+ $this->accountChecker->checkPostAuth($user);
+
+ return new UsernamePasswordToken($user, $token->getCredentials(), $user->getRoles());
} catch (UsernameNotFoundException $notFound) {
if ($this->hideUserNotFoundExceptions) {
throw new BadCredentialsException('Bad credentials', 0, $notFound);
}
throw $notFound;
}
-
- if (!is_array($result) || 2 !== count($result)) {
- throw new AuthenticationServiceException('retrieveUser() did not return an array, or array had invalid format.');
- }
- list($user, $userProviderName) = $result;
-
- $this->accountChecker->checkPreAuth($user);
- $this->checkAuthentication($user, $token);
- $this->accountChecker->checkPostAuth($user);
-
- return new UsernamePasswordToken($user, $token->getCredentials(), $userProviderName, $user->getRoles());
}
/**
@@ -26,7 +26,6 @@
protected $roles;
protected $authenticated;
protected $user;
- protected $userProviderName;
protected $credentials;
protected $immutable;
@@ -167,14 +166,6 @@ public function eraseCredentials()
}
/**
- * {@inheritDoc}
- */
- public function getUserProviderName()
- {
- return $this->userProviderName;
- }
-
- /**
* {@inheritdoc}
*/
public function isImmutable()
@@ -195,14 +186,14 @@ public function setImmutable()
*/
public function serialize()
{
- return serialize(array($this->user, $this->userProviderName, $this->credentials, $this->authenticated, $this->roles, $this->immutable));
+ return serialize(array($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable));
}
/**
* {@inheritdoc}
*/
public function unserialize($serialized)
{
- list($this->user, $this->userProviderName, $this->credentials, $this->authenticated, $this->roles, $this->immutable) = unserialize($serialized);
+ list($this->user, $this->credentials, $this->authenticated, $this->roles, $this->immutable) = unserialize($serialized);
}
}
@@ -66,13 +66,6 @@ function getUser();
function setUser($user);
/**
- * Returns a unique id for the user provider that was used to retrieve the user
- *
- * @return string
- */
- function getUserProviderName();
-
- /**
* Checks if the user is authenticated or not.
*
* @return Boolean true if the token has been authenticated, false otherwise
@@ -21,13 +21,12 @@ class UsernamePasswordToken extends Token
/**
* Constructor.
*/
- public function __construct($user, $credentials, $userProviderName = null, array $roles = array())
+ public function __construct($user, $credentials, array $roles = array())
{
parent::__construct($roles);
$this->setUser($user);
$this->credentials = $credentials;
- $this->userProviderName = $userProviderName;
parent::setAuthenticated((Boolean) count($roles));
}
@@ -0,0 +1,13 @@
+<?php
+
+namespace Symfony\Component\Security\Exception;
+
+/**
+ * This exception is thrown when an account is reloaded from a provider which
+ * doesn't support the passed implementation of AccountInterface.
+ *
+ * @author Johannes M. Schmitt <schmittjoh@gmail.com>
+ */
+class UnsupportedAccountException extends AuthenticationServiceException
+{
+}
@@ -55,6 +55,8 @@ function getUsername();
/**
* Removes sensitive data from the user.
+ *
+ * @return void
*/
function eraseCredentials();
Oops, something went wrong.

0 comments on commit df6ffbb

Please sign in to comment.