feature #37917 [Security] Pass Passport to LoginFailureEvent (ihmels)

This PR was merged into the 5.2-dev branch. Discussion ---------- [Security] Pass Passport to LoginFailureEvent | Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | Fix #37585 | License | MIT | Doc PR | - This changes passes a `Passport` to the `LoginFailureEvent`. Commits ------- d23434b [Security] Pass Passport to LoginFailureEvent
symfony · Aug 23, 2020 · a8abd81 · a8abd81
2 parents 24af7df + d23434b
commit a8abd81
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 5 deletions.
diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md
@@ -7,6 +7,7 @@ CHANGELOG
  * Added attributes on `Passport`
  * Changed `AuthorizationChecker` to call the access decision manager in unauthenticated sessions with a `NullToken`
  * [BC break] Removed `AccessListener::PUBLIC_ACCESS` in favor of `AuthenticatedVoter::PUBLIC_ACCESS`
+ * Added `Passport` to `LoginFailureEvent`.
 
 5.1.0
 -----

diff --git a/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php b/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php
@@ -158,6 +158,8 @@ private function executeAuthenticators(array $authenticators, Request $request):
 
     private function executeAuthenticator(AuthenticatorInterface $authenticator, Request $request): ?Response
     {
+        $passport = null;
+
         try {
             // get the passport from the Authenticator
             $passport = $authenticator->authenticate($request);
@@ -198,7 +200,7 @@ private function executeAuthenticator(AuthenticatorInterface $authenticator, Req
             return null;
         } catch (AuthenticationException $e) {
             // oh no! Authentication failed!
-            $response = $this->handleAuthenticationFailure($e, $request, $authenticator);
+            $response = $this->handleAuthenticationFailure($e, $request, $authenticator, $passport);
             if ($response instanceof Response) {
                 return $response;
             }
@@ -229,7 +231,7 @@ private function handleAuthenticationSuccess(TokenInterface $authenticatedToken,
     /**
      * Handles an authentication failure and returns the Response for the authenticator.
      */
-    private function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $authenticator): ?Response
+    private function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $authenticator, ?PassportInterface $passport): ?Response
     {
         if (null !== $this->logger) {
             $this->logger->info('Authenticator failed.', ['exception' => $authenticationException, 'authenticator' => \get_class($authenticator)]);
@@ -240,7 +242,7 @@ private function handleAuthenticationFailure(AuthenticationException $authentica
             $this->logger->debug('The "{authenticator}" authenticator set the failure response.', ['authenticator' => \get_class($authenticator)]);
         }
 
-        $this->eventDispatcher->dispatch($loginFailureEvent = new LoginFailureEvent($authenticationException, $authenticator, $request, $response, $this->firewallName));
+        $this->eventDispatcher->dispatch($loginFailureEvent = new LoginFailureEvent($authenticationException, $authenticator, $request, $response, $this->firewallName, $passport));
 
         // returning null is ok, it means they want the request to continue
         return $loginFailureEvent->getResponse();

diff --git a/src/Symfony/Component/Security/Http/Event/LoginFailureEvent.php b/src/Symfony/Component/Security/Http/Event/LoginFailureEvent.php
@@ -15,6 +15,7 @@
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Contracts\EventDispatcher\Event;
 
 /**
@@ -32,14 +33,16 @@ class LoginFailureEvent extends Event
     private $request;
     private $response;
     private $firewallName;
+    private $passport;
 
-    public function __construct(AuthenticationException $exception, AuthenticatorInterface $authenticator, Request $request, ?Response $response, string $firewallName)
+    public function __construct(AuthenticationException $exception, AuthenticatorInterface $authenticator, Request $request, ?Response $response, string $firewallName, ?PassportInterface $passport = null)
     {
         $this->exception = $exception;
         $this->authenticator = $authenticator;
         $this->request = $request;
         $this->response = $response;
         $this->firewallName = $firewallName;
+        $this->passport = $passport;
     }
 
     public function getException(): AuthenticationException
@@ -71,4 +74,9 @@ public function getResponse(): ?Response
     {
         return $this->response;
     }
+
+    public function getPassport(): ?PassportInterface
+    {
+        return $this->passport;
+    }
 }
diff --git a/src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeListenerTest.php b/src/Symfony/Component/Security/Http/Tests/EventListener/RememberMeListenerTest.php
@@ -86,6 +86,6 @@ private function createLoginSuccessfulEvent($providerKey, $response, PassportInt
 
     private function createLoginFailureEvent($providerKey)
     {
-        return new LoginFailureEvent(new AuthenticationException(), $this->createMock(AuthenticatorInterface::class), $this->request, null, $providerKey);
+        return new LoginFailureEvent(new AuthenticationException(), $this->createMock(AuthenticatorInterface::class), $this->request, null, $providerKey, null);
     }
 }