Skip to content
Permalink
Browse files

bug #26788 [Security] Load the user before pre/post auth checks when …

…needed (chalasr)

This PR was merged into the 2.8 branch.

Discussion
----------

[Security] Load the user before pre/post auth checks when needed

| Q             | A
| ------------- | ---
| Branch?       | 2.8
| Bug fix?      | yes
| New feature?  | n/a
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #26775
| License       | MIT
| Doc PR        | n/a

Commits
-------

c318306 [Security] Load the user before pre/post auth checks when needed
  • Loading branch information...
nicolas-grekas committed Apr 4, 2018
2 parents 3c54c4a + c318306 commit 160568461684d2acebabf21c606a9eac04297676
@@ -11,8 +11,11 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserChecker;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
@@ -45,6 +48,24 @@ public function authenticate(TokenInterface $token)
}
$user = $authToken->getUser();
if (!$user instanceof UserInterface) {
try {
$user = $this->userProvider->loadUserByUsername($user);
if (!$user instanceof UserInterface) {
throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
}
} catch (UsernameNotFoundException $e) {
$e->setUsername($user);
throw $e;
} catch (\Exception $e) {
$e = new AuthenticationServiceException($e->getMessage(), 0, $e);
$e->setToken($token);
throw $e;
}
}
$this->userChecker->checkPreAuth($user);
$this->userChecker->checkPostAuth($user);
@@ -15,6 +15,7 @@
use Symfony\Component\Security\Core\Exception\DisabledException;
use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
use Symfony\Component\Security\Core\Exception\LockedException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
class SimpleAuthenticationProviderTest extends TestCase
{
@@ -72,6 +73,54 @@ public function testAuthenticateWhenPostChecksFails()
$provider->authenticate($token);
}
public function testAuthenticateFromString()
{
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$token->expects($this->any())
->method('getUser')
->will($this->returnValue('foo'));
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
$authenticator->expects($this->once())
->method('authenticateToken')
->will($this->returnValue($token));
$userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
$userProvider->expects($this->once())
->method('loadUserByUsername')
->willReturn($this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock());
$provider = $this->getProvider($authenticator, $userProvider);
$this->assertSame($token, $provider->authenticate($token));
}
/**
* @expectedException \Symfony\Component\Security\Core\Exception\UsernameNotFoundException
*/
public function testUsernameNotFound()
{
$user = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserInterface')->getMock();
$token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
$token->expects($this->any())
->method('getUser')
->will($this->returnValue('foo'));
$authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
$authenticator->expects($this->once())
->method('authenticateToken')
->will($this->returnValue($token));
$userProvider = $this->getMockBuilder('Symfony\Component\Security\Core\User\UserProviderInterface')->getMock();
$userProvider->expects($this->once())
->method('loadUserByUsername')
->willThrowException(new UsernameNotFoundException());
$this->getProvider($authenticator, $userProvider)->authenticate($token);
}
protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
{
if (null === $userChecker) {

0 comments on commit 1605684

Please sign in to comment.
You can’t perform that action at this time.