Skip to content
Permalink
Browse files

minor #32351 [Security] Added type-hints to auth providers, tokens an…

…d voters (derrabus)

This PR was merged into the 5.0-dev branch.

Discussion
----------

[Security] Added type-hints to auth providers, tokens and voters

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #32179
| License       | MIT
| Doc PR        | N/A

This PR adds type declarations to authentication providers, tokens and voters.

Commits
-------

8c46b95 [Security] Added type-hints to auth providers, tokens and voters.
  • Loading branch information...
fabpot committed Jul 4, 2019
2 parents 7af0c73 + 8c46b95 commit 61282767606ab62e1f4690406f20807bfd568721
Showing with 37 additions and 62 deletions.
  1. +3 −3 src/Symfony/Bridge/Doctrine/Security/RememberMe/DoctrineTokenProvider.php
  2. +1 −1 src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php
  3. +2 −4 src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php
  4. +1 −4 src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
  5. +3 −3 src/Symfony/Component/Security/Core/Authentication/RememberMe/InMemoryTokenProvider.php
  6. +3 −11 src/Symfony/Component/Security/Core/Authentication/RememberMe/TokenProviderInterface.php
  7. +6 −11 src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
  8. +1 −1 src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php
  9. +5 −12 src/Symfony/Component/Security/Core/Authentication/Token/TokenInterface.php
  10. +1 −1 src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php
  11. +2 −2 src/Symfony/Component/Security/Core/Authorization/Voter/Voter.php
  12. +4 −4 src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationTrustResolverTest.php
  13. +1 −1 src/Symfony/Component/Security/Core/Tests/Authentication/Provider/DaoAuthenticationProviderTest.php
  14. +2 −2 src/Symfony/Component/Security/Core/Tests/Authorization/Voter/VoterTest.php
  15. +1 −1 src/Symfony/Component/Security/Guard/Token/PreAuthenticationGuardToken.php
  16. +1 −1 src/Symfony/Component/Security/Guard/composer.json
@@ -48,7 +48,7 @@ public function __construct(Connection $conn)
/**
* {@inheritdoc}
*/
public function loadTokenBySeries($series)
public function loadTokenBySeries(string $series)
{
// the alias for lastUsed works around case insensitivity in PostgreSQL
$sql = 'SELECT class, username, value, lastUsed AS last_used'
@@ -68,7 +68,7 @@ public function loadTokenBySeries($series)
/**
* {@inheritdoc}
*/
public function deleteTokenBySeries($series)
public function deleteTokenBySeries(string $series)
{
$sql = 'DELETE FROM rememberme_token WHERE series=:series';
$paramValues = ['series' => $series];
@@ -79,7 +79,7 @@ public function deleteTokenBySeries($series)
/**
* {@inheritdoc}
*/
public function updateToken($series, $tokenValue, \DateTime $lastUsed)
public function updateToken(string $series, string $tokenValue, \DateTime $lastUsed)
{
$sql = 'UPDATE rememberme_token SET value=:value, lastUsed=:lastUsed'
.' WHERE series=:series';
@@ -63,7 +63,7 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
/**
* {@inheritdoc}
*/
protected function retrieveUser($username, UsernamePasswordToken $token)
protected function retrieveUser(string $username, UsernamePasswordToken $token)
{
$user = $token->getUser();
if ($user instanceof UserInterface) {
@@ -46,18 +46,16 @@ public function __construct(UserProviderInterface $userProvider, UserCheckerInte
/**
* Set a query string to use in order to find a DN for the username.
*
* @param string $queryString
*/
public function setQueryString($queryString)
public function setQueryString(string $queryString)
{
$this->queryString = $queryString;
}
/**
* {@inheritdoc}
*/
protected function retrieveUser($username, UsernamePasswordToken $token)
protected function retrieveUser(string $username, UsernamePasswordToken $token)
{
if (AuthenticationProviderInterface::USERNAME_NONE_PROVIDED === $username) {
throw new UsernameNotFoundException('Username can not be null');
@@ -109,14 +109,11 @@ public function supports(TokenInterface $token)
/**
* Retrieves the user from an implementation-specific location.
*
* @param string $username The username to retrieve
* @param UsernamePasswordToken $token The Token
*
* @return UserInterface The user
*
* @throws AuthenticationException if the credentials could not be validated
*/
abstract protected function retrieveUser($username, UsernamePasswordToken $token);
abstract protected function retrieveUser(string $username, UsernamePasswordToken $token);
/**
* Does additional checks on the user and token (like validating the
@@ -25,7 +25,7 @@ class InMemoryTokenProvider implements TokenProviderInterface
/**
* {@inheritdoc}
*/
public function loadTokenBySeries($series)
public function loadTokenBySeries(string $series)
{
if (!isset($this->tokens[$series])) {
throw new TokenNotFoundException('No token found.');
@@ -37,7 +37,7 @@ public function loadTokenBySeries($series)
/**
* {@inheritdoc}
*/
public function updateToken($series, $tokenValue, \DateTime $lastUsed)
public function updateToken(string $series, string $tokenValue, \DateTime $lastUsed)
{
if (!isset($this->tokens[$series])) {
throw new TokenNotFoundException('No token found.');
@@ -56,7 +56,7 @@ public function updateToken($series, $tokenValue, \DateTime $lastUsed)
/**
* {@inheritdoc}
*/
public function deleteTokenBySeries($series)
public function deleteTokenBySeries(string $series)
{
unset($this->tokens[$series]);
}
@@ -23,31 +23,23 @@ interface TokenProviderInterface
/**
* Loads the active token for the given series.
*
* @param string $series
*
* @return PersistentTokenInterface
*
* @throws TokenNotFoundException if the token is not found
*/
public function loadTokenBySeries($series);
public function loadTokenBySeries(string $series);
/**
* Deletes all tokens belonging to series.
*
* @param string $series
*/
public function deleteTokenBySeries($series);
public function deleteTokenBySeries(string $series);
/**
* Updates the token according to this data.
*
* @param string $series
* @param string $tokenValue
* @param \DateTime $lastUsed
*
* @throws TokenNotFoundException if the token is not found
*/
public function updateToken($series, $tokenValue, \DateTime $lastUsed);
public function updateToken(string $series, string $tokenValue, \DateTime $lastUsed);
/**
* Creates a new token.
@@ -108,9 +108,9 @@ public function isAuthenticated()
/**
* {@inheritdoc}
*/
public function setAuthenticated($authenticated)
public function setAuthenticated(bool $authenticated)
{
$this->authenticated = (bool) $authenticated;
$this->authenticated = $authenticated;
}
/**
@@ -187,25 +187,21 @@ public function setAttributes(array $attributes)
/**
* Returns true if the attribute exists.
*
* @param string $name The attribute name
*
* @return bool true if the attribute exists, false otherwise
*/
public function hasAttribute($name)
public function hasAttribute(string $name)
{
return \array_key_exists($name, $this->attributes);
}
/**
* Returns an attribute value.
*
* @param string $name The attribute name
*
* @return mixed The attribute value
*
* @throws \InvalidArgumentException When attribute doesn't exist for this token
*/
public function getAttribute($name)
public function getAttribute(string $name)
{
if (!\array_key_exists($name, $this->attributes)) {
throw new \InvalidArgumentException(sprintf('This token has no "%s" attribute.', $name));
@@ -217,10 +213,9 @@ public function getAttribute($name)
/**
* Sets an attribute.
*
* @param string $name The attribute name
* @param mixed $value The attribute value
* @param mixed $value The attribute value
*/
public function setAttribute($name, $value)
public function setAttribute(string $name, $value)
{
$this->attributes[$name] = $value;
}
@@ -52,7 +52,7 @@ public function __construct(UserInterface $user, string $providerKey, string $se
/**
* {@inheritdoc}
*/
public function setAuthenticated($authenticated)
public function setAuthenticated(bool $authenticated)
{
if ($authenticated) {
throw new \LogicException('You cannot set this token to authenticated after creation.');
@@ -80,10 +80,8 @@ public function isAuthenticated();
/**
* Sets the authenticated flag.
*
* @param bool $isAuthenticated The authenticated flag
*/
public function setAuthenticated($isAuthenticated);
public function setAuthenticated(bool $isAuthenticated);
/**
* Removes sensitive information from the token.
@@ -107,30 +105,25 @@ public function setAttributes(array $attributes);
/**
* Returns true if the attribute exists.
*
* @param string $name The attribute name
*
* @return bool true if the attribute exists, false otherwise
*/
public function hasAttribute($name);
public function hasAttribute(string $name);
/**
* Returns an attribute value.
*
* @param string $name The attribute name
*
* @return mixed The attribute value
*
* @throws \InvalidArgumentException When attribute doesn't exist for this token
*/
public function getAttribute($name);
public function getAttribute(string $name);
/**
* Sets an attribute.
*
* @param string $name The attribute name
* @param mixed $value The attribute value
* @param mixed $value The attribute value
*/
public function setAttribute($name, $value);
public function setAttribute(string $name, $value);
/**
* Returns all the necessary state of the object for serialization purposes.
@@ -47,7 +47,7 @@ public function __construct($user, $credentials, string $providerKey, array $rol
/**
* {@inheritdoc}
*/
public function setAuthenticated($isAuthenticated)
public function setAuthenticated(bool $isAuthenticated)
{
if ($isAuthenticated) {
throw new \LogicException('Cannot set this token to trusted after instantiation.');
@@ -54,7 +54,7 @@ public function vote(TokenInterface $token, $subject, array $attributes)
*
* @return bool True if the attribute and subject are supported, false otherwise
*/
abstract protected function supports($attribute, $subject);
abstract protected function supports(string $attribute, $subject);
/**
* Perform a single access check operation on a given attribute, subject and token.
@@ -66,5 +66,5 @@ public function vote(TokenInterface $token, $subject, array $attributes)
*
* @return bool
*/
abstract protected function voteOnAttribute($attribute, $subject, TokenInterface $token);
abstract protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token);
}
@@ -159,7 +159,7 @@ public function isAuthenticated()
{
}
public function setAuthenticated($isAuthenticated)
public function setAuthenticated(bool $isAuthenticated)
{
}
@@ -175,15 +175,15 @@ public function setAttributes(array $attributes)
{
}
public function hasAttribute($name)
public function hasAttribute(string $name)
{
}
public function getAttribute($name)
public function getAttribute(string $name)
{
}
public function setAttribute($name, $value)
public function setAttribute(string $name, $value)
{
}
}
@@ -84,7 +84,7 @@ public function testRetrieveUserReturnsUserFromTokenOnReauthentication()
$provider = new DaoAuthenticationProvider($userProvider, $this->getMockBuilder('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface')->getMock(), 'key', $this->getMockBuilder('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface')->getMock());
$reflection = new \ReflectionMethod($provider, 'retrieveUser');
$reflection->setAccessible(true);
$result = $reflection->invoke($provider, null, $token);
$result = $reflection->invoke($provider, 'someUser', $token);
$this->assertSame($user, $result);
}
@@ -59,12 +59,12 @@ public function testVote(array $attributes, $expectedVote, $object, $message)
class VoterTest_Voter extends Voter
{
protected function voteOnAttribute($attribute, $object, TokenInterface $token)
protected function voteOnAttribute(string $attribute, $object, TokenInterface $token)
{
return 'EDIT' === $attribute;
}
protected function supports($attribute, $object)
protected function supports(string $attribute, $object)
{
return $object instanceof \stdClass && \in_array($attribute, ['EDIT', 'CREATE']);
}
@@ -58,7 +58,7 @@ public function getCredentials()
return $this->credentials;
}
public function setAuthenticated($authenticated)
public function setAuthenticated(bool $authenticated)
{
throw new \LogicException('The PreAuthenticationGuardToken is *never* authenticated.');
}
@@ -17,7 +17,7 @@
],
"require": {
"php": "^7.2.9",
"symfony/security-core": "^4.4|^5.0",
"symfony/security-core": "^5.0",
"symfony/security-http": "^4.4|^5.0"
},
"require-dev": {

0 comments on commit 6128276

Please sign in to comment.
You can’t perform that action at this time.