[Security] Lazy load user providers

Core/Tests/User/ChainUserProviderTest.php

@@ -172,6 +172,26 @@ public function testSupportsClassWhenNotSupported()
         $this->assertFalse($provider->supportsClass('foo'));
     }
 
+    public function testAcceptsTraversable()
+    {
+        $provider1 = $this->getProvider();
+        $provider1
+            ->expects($this->once())
+            ->method('refreshUser')
+            ->will($this->throwException(new UnsupportedUserException('unsupported')))
+        ;
+
+        $provider2 = $this->getProvider();
+        $provider2
+            ->expects($this->once())
+            ->method('refreshUser')
+            ->will($this->returnValue($account = $this->getAccount()))
+        ;
+
+        $provider = new ChainUserProvider(new \ArrayObject(array($provider1, $provider2)));
+        $this->assertSame($account, $provider->refreshUser($this->getAccount()));
+    }
+
     protected function getAccount()
     {
         return $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();

Core/User/ChainUserProvider.php

@@ -26,7 +26,10 @@ class ChainUserProvider implements UserProviderInterface
 {
     private $providers;
 
-    public function __construct(array $providers)
+    /**
+     * @param iterable|UserProviderInterface[] $providers
+     */
+    public function __construct($providers)
     {
         $this->providers = $providers;
     }
@@ -36,6 +39,10 @@ public function __construct(array $providers)
      */
     public function getProviders()
     {
+        if ($this->providers instanceof \Traversable) {
+            return iterator_to_array($this->providers);
+        }
+
         return $this->providers;
     }
 

Http/Firewall/ContextListener.php

@@ -44,18 +44,20 @@ class ContextListener implements ListenerInterface
     private $registered;
     private $trustResolver;
 
-    public function __construct(TokenStorageInterface $tokenStorage, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
+    /**
+     * @param TokenStorageInterface                     $tokenStorage
+     * @param iterable|UserProviderInterface[]          $userProviders
+     * @param string                                    $contextKey
+     * @param LoggerInterface|null                      $logger
+     * @param EventDispatcherInterface|null             $dispatcher
+     * @param AuthenticationTrustResolverInterface|null $trustResolver
+     */
+    public function __construct(TokenStorageInterface $tokenStorage, $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, AuthenticationTrustResolverInterface $trustResolver = null)
     {
         if (empty($contextKey)) {
             throw new \InvalidArgumentException('$contextKey must not be empty.');
         }
 
-        foreach ($userProviders as $userProvider) {
-            if (!$userProvider instanceof UserProviderInterface) {
-                throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "Symfony\Component\Security\Core\User\UserProviderInterface".', get_class($userProvider)));
-            }
-        }
-
         $this->tokenStorage = $tokenStorage;
         $this->userProviders = $userProviders;
         $this->contextKey = $contextKey;
@@ -158,6 +160,10 @@ protected function refreshUser(TokenInterface $token)
         $userNotFoundByProvider = false;
 
         foreach ($this->userProviders as $provider) {
+            if (!$provider instanceof UserProviderInterface) {
+                throw new \InvalidArgumentException(sprintf('User provider "%s" must implement "%s".', get_class($provider), UserProviderInterface::class));
+            }
+
             try {
                 $refreshedUser = $provider->refreshUser($user);
                 $token->setUser($refreshedUser);

Http/Tests/Firewall/ContextListenerTest.php

@@ -53,11 +53,7 @@ public function testItRequiresContextKey()
      */
     public function testUserProvidersNeedToImplementAnInterface()
     {
-        new ContextListener(
-            $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock(),
-            array(new \stdClass()),
-            'key123'
-        );
+        $this->handleEventWithPreviousSession(new TokenStorage(), array(new \stdClass()));
     }
 
     public function testOnKernelResponseWillAddSession()
@@ -287,6 +283,15 @@ public function testRuntimeExceptionIsThrownIfNoSupportingUserProviderWasRegiste
         $this->handleEventWithPreviousSession(new TokenStorage(), array(new NotSupportingUserProvider(), new NotSupportingUserProvider()));
     }
 
+    public function testAcceptsProvidersAsTraversable()
+    {
+        $tokenStorage = new TokenStorage();
+        $refreshedUser = new User('foobar', 'baz');
+        $this->handleEventWithPreviousSession($tokenStorage, new \ArrayObject(array(new NotSupportingUserProvider(), new SupportingUserProvider($refreshedUser))));
+
+        $this->assertSame($refreshedUser, $tokenStorage->getToken()->getUser());
+    }
+
     protected function runSessionOnKernelResponse($newToken, $original = null)
     {
         $session = new Session(new MockArraySessionStorage());
@@ -315,7 +320,7 @@ protected function runSessionOnKernelResponse($newToken, $original = null)
         return $session;
     }
 
-    private function handleEventWithPreviousSession(TokenStorageInterface $tokenStorage, array $userProviders)
+    private function handleEventWithPreviousSession(TokenStorageInterface $tokenStorage, $userProviders)
     {
         $session = new Session(new MockArraySessionStorage());
         $session->set('_security_context_key', serialize(new UsernamePasswordToken(new User('foo', 'bar'), '', 'context_key')));