[Security] Extract default logout success handling logic

symfony · Jul 14, 2012 · b8e3513 · b8e3513
1 parent 46e7e6c
commit b8e3513
Show file tree

Hide file tree

Showing 3 changed files with 59 additions and 16 deletions.
diff --git a/Http/Firewall/LogoutListener.php b/Http/Firewall/LogoutListener.php
@@ -40,19 +40,18 @@ class LogoutListener implements ListenerInterface
      *
      * @param SecurityContextInterface      $securityContext
      * @param HttpUtils                     $httpUtils       An HttpUtilsInterface instance
-     * @param array                         $options         An array of options to process a logout attempt
      * @param LogoutSuccessHandlerInterface $successHandler  A LogoutSuccessHandlerInterface instance
+     * @param array                         $options         An array of options to process a logout attempt
      * @param CsrfProviderInterface         $csrfProvider    A CsrfProviderInterface instance
      */
-    public function __construct(SecurityContextInterface $securityContext, HttpUtils $httpUtils, array $options = array(), LogoutSuccessHandlerInterface $successHandler = null, CsrfProviderInterface $csrfProvider = null)
+    public function __construct(SecurityContextInterface $securityContext, HttpUtils $httpUtils, LogoutSuccessHandlerInterface $successHandler, array $options = array(), CsrfProviderInterface $csrfProvider = null)
     {
         $this->securityContext = $securityContext;
         $this->httpUtils = $httpUtils;
         $this->options = array_merge(array(
             'csrf_parameter' => '_csrf_token',
             'intention'      => 'logout',
             'logout_path'    => '/logout',
-            'target_url'     => '/',
         ), $options);
         $this->successHandler = $successHandler;
         $this->csrfProvider = $csrfProvider;
@@ -95,14 +94,9 @@ public function handle(GetResponseEvent $event)
             }
         }
 
-        if (null !== $this->successHandler) {
+        $response = $this->successHandler->onLogoutSuccess($request);
-            $response = $this->successHandler->onLogoutSuccess($request);
+        if (!$response instanceof Response) {
-
+            throw new \RuntimeException('Logout Success Handler did not return a Response.');
-            if (!$response instanceof Response) {
-                throw new \RuntimeException('Logout Success Handler did not return a Response.');
-            }
-        } else {
-            $response = $this->httpUtils->createRedirectResponse($request, $this->options['target_url']);
         }
 
         // handle multiple logout attempts gracefully

diff --git a/Http/Logout/DefaultLogoutSuccessHandler.php b/Http/Logout/DefaultLogoutSuccessHandler.php
@@ -0,0 +1,47 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Logout;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\HttpUtils;
+use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
+
+/**
+ * Default logout success handler will redirect users to a configured path.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ * @author Alexander <iam.asm89@gmail.com>
+ */
+class DefaultLogoutSuccessHandler implements LogoutSuccessHandlerInterface
+{
+    protected $httpUtils;
+    protected $targetUrl;
+
+    /**
+     * @param HttpUtils $httpUtils
+     * @param string    $targetUrl
+     */
+    public function __construct(HttpUtils $httpUtils, $targetUrl = '/')
+    {
+        $this->httpUtils = $httpUtils;
+
+        $this->targetUrl = $targetUrl;
+    }
+
+    /**
+     * {@inheritDoc}
+     */
+    public function onLogoutSuccess(Request $request)
+    {
+        return $this->httpUtils->createRedirectResponse($request, $this->targetUrl);
+    }
+}
diff --git a/Tests/Http/Firewall/LogoutListenerTest.php b/Tests/Http/Firewall/LogoutListenerTest.php
@@ -103,7 +103,9 @@ public function testHandleMatchedPathWithSuccessHandlerAndCsrfValidation()
 
     public function testHandleMatchedPathWithoutSuccessHandlerAndCsrfValidation()
     {
-        list($listener, $context, $httpUtils, $options) = $this->getListener();
+        $successHandler = $this->getSuccessHandler();
+
+        list($listener, $context, $httpUtils, $options) = $this->getListener($successHandler);
 
         list($event, $request) = $this->getGetResponseEvent();
 
@@ -112,9 +114,9 @@ public function testHandleMatchedPathWithoutSuccessHandlerAndCsrfValidation()
             ->with($request, $options['logout_path'])
             ->will($this->returnValue(true));
 
-        $httpUtils->expects($this->once())
+        $successHandler->expects($this->once())
-            ->method('createRedirectResponse')
+            ->method('onLogoutSuccess')
-            ->with($request, $options['target_url'])
+            ->with($request)
             ->will($this->returnValue($response = new Response()));
 
         $context->expects($this->once())
@@ -231,13 +233,13 @@ private function getListener($successHandler = null, $csrfProvider = null)
         $listener = new LogoutListener(
             $context = $this->getContext(),
             $httpUtils = $this->getHttpUtils(),
+            $successHandler ?: $this->getSuccessHandler(),
             $options = array(
                 'csrf_parameter' => '_csrf_token',
                 'intention'      => 'logout',
                 'logout_path'    => '/logout',
                 'target_url'     => '/',
             ),
-            $successHandler,
             $csrfProvider
         );