Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

[Security] Move default authentication success handling strategy to s…

…eperate class

[Security] Update configuration for changes regarding default success handler
[Security] Fix + add AbstractFactory test
  • Loading branch information...
commit c6aa392df7b1b68d7f5be0b858bd93e97a5a6cdc 1 parent b34bdd4
@asm89 asm89 authored
View
33 src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
@@ -30,12 +30,15 @@
'check_path' => '/login_check',
'login_path' => '/login',
'use_forward' => false,
+ 'failure_path' => null,
+ 'failure_forward' => false,
+ );
+
+ protected $defaultSuccessHandlerOptions = array(
'always_use_default_target_path' => false,
'default_target_path' => '/',
'target_path_parameter' => '_target_path',
'use_referer' => false,
- 'failure_path' => null,
- 'failure_forward' => false,
);
public function create(ContainerBuilder $container, $id, $config, $userProviderId, $defaultEntryPointId)
@@ -71,7 +74,7 @@ public function addConfiguration(NodeDefinition $node)
->scalarNode('failure_handler')->end()
;
- foreach ($this->options as $name => $default) {
+ foreach (array_merge($this->options, $this->defaultSuccessHandlerOptions) as $name => $default) {
if (is_bool($default)) {
$builder->booleanNode($name)->defaultValue($default);
} else {
@@ -149,12 +152,8 @@ protected function createListener($container, $id, $config, $userProvider)
$listenerId = $this->getListenerId();
$listener = new DefinitionDecorator($listenerId);
$listener->replaceArgument(4, $id);
- $listener->replaceArgument(5, array_intersect_key($config, $this->options));
-
- // success handler
- if (isset($config['success_handler'])) {
- $listener->replaceArgument(6, new Reference($config['success_handler']));
- }
+ $listener->replaceArgument(5, new Reference($this->createAuthenticationSuccessHandler($container, $id, $config)));
+ $listener->replaceArgument(6, array_intersect_key($config, $this->options));
// failure handler
if (isset($config['failure_handler'])) {
@@ -166,4 +165,20 @@ protected function createListener($container, $id, $config, $userProvider)
return $listenerId;
}
+
+ protected function createAuthenticationSuccessHandler($container, $id, $config)
+ {
+ // success handler
+ if (isset($config['success_handler'])) {
+
+ return $config['success_handler'];
+ }
+
+ $id = 'security.authentication.success_handler.'.$id;
+
+ $successHandler = $container->setDefinition($id, new DefinitionDecorator('security.authentication.success_handler'));
+ $successHandler->replaceArgument(1, array_intersect_key($config, $this->defaultSuccessHandlerOptions));
+
+ return $id;
+ }
}
View
9 src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
@@ -37,6 +37,8 @@
<parameter key="security.authentication.provider.pre_authenticated.class">Symfony\Component\Security\Core\Authentication\Provider\PreAuthenticatedAuthenticationProvider</parameter>
<parameter key="security.authentication.provider.anonymous.class">Symfony\Component\Security\Core\Authentication\Provider\AnonymousAuthenticationProvider</parameter>
+
+ <parameter key="security.authentication.success_handler.class">Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler</parameter>
</parameters>
<services>
@@ -98,13 +100,18 @@
<argument type="service" id="security.authentication.session_strategy" />
<argument type="service" id="security.http_utils" />
<argument />
+ <argument type="service" id="security.authentication.success_handler" />
<argument type="collection"></argument>
- <argument type="service" id="security.authentication.success_handler" on-invalid="null" />
<argument type="service" id="security.authentication.failure_handler" on-invalid="null" />
<argument type="service" id="logger" on-invalid="null" />
<argument type="service" id="event_dispatcher" on-invalid="null" />
</service>
+ <service id="security.authentication.success_handler" class="%security.authentication.success_handler.class%" abstract="true" public="false">
+ <argument type="service" id="security.http_utils" />
+ <argument />
+ </service>
+
<service id="security.authentication.listener.form"
class="%security.authentication.listener.form.class%"
parent="security.authentication.listener.abstract"
View
63 .../Bundle/SecurityBundle/Tests/DependencyInjection/Security/Factory/AbstractFactoryTest.php
@@ -18,26 +18,10 @@ class AbstractFactoryTest extends \PHPUnit_Framework_TestCase
{
public function testCreate()
{
- $factory = $this->getFactory();
-
- $factory
- ->expects($this->once())
- ->method('createAuthProvider')
- ->will($this->returnValue('auth_provider'))
- ;
- $factory
- ->expects($this->atLeastOnce())
- ->method('getListenerId')
- ->will($this->returnValue('abstract_listener'))
- ;
-
- $container = new ContainerBuilder();
- $container->register('auth_provider');
-
- list($authProviderId,
+ list($container,
+ $authProviderId,
$listenerId,
- $entryPointId
- ) = $factory->create($container, 'foo', array('use_forward' => true, 'failure_path' => '/foo', 'success_handler' => 'foo', 'remember_me' => true), 'user_provider', 'entry_point');
+ $entryPointId) = $this->callFactory('foo', array('use_forward' => true, 'failure_path' => '/foo', 'success_handler' => 'foo', 'remember_me' => true), 'user_provider', 'entry_point');
// auth provider
$this->assertEquals('auth_provider', $authProviderId);
@@ -48,19 +32,52 @@ public function testCreate()
$definition = $container->getDefinition('abstract_listener.foo');
$this->assertEquals(array(
'index_4' => 'foo',
- 'index_5' => array(
+ 'index_5' => new Reference('foo'),
+ 'index_6' => array(
'use_forward' => true,
'failure_path' => '/foo',
),
- 'index_6' => new Reference('foo'),
), $definition->getArguments());
// entry point
$this->assertEquals('entry_point', $entryPointId, '->create() does not change the default entry point.');
}
- protected function getFactory()
+ public function testDefaultSuccessHandler()
+ {
+ list($container,
+ $authProviderId,
+ $listenerId,
+ $entryPointId) = $this->callFactory('foo', array('remember_me' => true), 'user_provider', 'entry_point');
+
+ $definition = $container->getDefinition('abstract_listener.foo');
+ $arguments = $definition->getArguments();
+ $this->assertEquals(new Reference('security.authentication.success_handler.foo'), $arguments['index_5']);
+ }
+
+ protected function callFactory($id, $config, $userProviderId, $defaultEntryPointId)
{
- return $this->getMockForAbstractClass('Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory', array());
+ $factory = $this->getMockForAbstractClass('Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\AbstractFactory', array());
+
+ $factory
+ ->expects($this->once())
+ ->method('createAuthProvider')
+ ->will($this->returnValue('auth_provider'))
+ ;
+ $factory
+ ->expects($this->atLeastOnce())
+ ->method('getListenerId')
+ ->will($this->returnValue('abstract_listener'))
+ ;
+
+ $container = new ContainerBuilder();
+ $container->register('auth_provider');
+
+ list($authProviderId,
+ $listenerId,
+ $entryPointId
+ ) = $factory->create($container, $id, $config, $userProviderId, $defaultEntryPointId);
+
+ return array($container, $authProviderId, $listenerId, $entryPointId);
}
}
View
2  src/Symfony/Component/Security/Http/Authentication/AuthenticationSuccessHandlerInterface.php
@@ -33,7 +33,7 @@
* @param Request $request
* @param TokenInterface $token
*
- * @return Response|null the response to return
+ * @return Response never null
*/
function onAuthenticationSuccess(Request $request, TokenInterface $token);
}
View
84 src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
@@ -0,0 +1,84 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authentication;
+
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\HttpUtils;
+
+/**
+ * Class with the default authentication success handling logic.
+ *
+ * Can be optionally be extended from by the developer to alter the behaviour
+ * while keeping the default behaviour.
+ *
+ * @author Alexander <iam.asm89@gmail.com>
+ */
+class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandlerInterface
+{
+ /**
+ * Constructor.
+ *
+ * @param HttpUtils $httpUtils HttpUtils
+ * @param array $options Options for processing a successful authentication attempt.
+ */
+ public function __construct(HttpUtils $httpUtils, array $options)
+ {
+ $this->httpUtils = $httpUtils;
+
+ $this->options = array_merge(array(
+ 'always_use_default_target_path' => false,
+ 'default_target_path' => '/',
+ 'target_path_parameter' => '_target_path',
+ 'use_referer' => false,
+ ), $options);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public function onAuthenticationSuccess(Request $request, TokenInterface $token)
+ {
+ return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
+ }
+
+ /**
+ * Builds the target URL according to the defined options.
+ *
+ * @param Request $request
+ *
+ * @return string
+ */
+ protected function determineTargetUrl(Request $request)
+ {
+ if ($this->options['always_use_default_target_path']) {
+ return $this->options['default_target_path'];
+ }
+
+ if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
+ return $targetUrl;
+ }
+
+ $session = $request->getSession();
+ if ($targetUrl = $session->get('_security.target_path')) {
+ $session->remove('_security.target_path');
+
+ return $targetUrl;
+ }
+
+ if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
+ return $targetUrl;
+ }
+
+ return $this->options['default_target_path'];
+ }
+}
View
45 src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@@ -77,7 +77,7 @@
* @param LoggerInterface $logger A LoggerInterface instance
* @param EventDispatcherInterface $dispatcher An EventDispatcherInterface instance
*/
- public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
+ public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler, array $options = array(), AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
{
if (empty($providerKey)) {
throw new \InvalidArgumentException('$providerKey must not be empty.');
@@ -92,10 +92,6 @@ public function __construct(SecurityContextInterface $securityContext, Authentic
$this->options = array_merge(array(
'check_path' => '/login_check',
'login_path' => '/login',
- 'always_use_default_target_path' => false,
- 'default_target_path' => '/',
- 'target_path_parameter' => '_target_path',
- 'use_referer' => false,
'failure_path' => null,
'failure_forward' => false,
), $options);
@@ -238,13 +234,7 @@ private function onSuccess(GetResponseEvent $event, Request $request, TokenInter
$this->dispatcher->dispatch(SecurityEvents::INTERACTIVE_LOGIN, $loginEvent);
}
- $response = null;
- if (null !== $this->successHandler) {
- $response = $this->successHandler->onAuthenticationSuccess($request, $token);
- }
- if (null === $response) {
- $response = $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
- }
+ $response = $this->successHandler->onAuthenticationSuccess($request, $token);
if (null !== $this->rememberMeServices) {
$this->rememberMeServices->loginSuccess($request, $response, $token);
@@ -252,35 +242,4 @@ private function onSuccess(GetResponseEvent $event, Request $request, TokenInter
return $response;
}
-
- /**
- * Builds the target URL according to the defined options.
- *
- * @param Request $request
- *
- * @return string
- */
- private function determineTargetUrl(Request $request)
- {
- if ($this->options['always_use_default_target_path']) {
- return $this->options['default_target_path'];
- }
-
- if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
- return $targetUrl;
- }
-
- $session = $request->getSession();
- if ($targetUrl = $session->get('_security.' . $this->providerKey . '.target_path')) {
- $session->remove('_security.' . $this->providerKey . '.target_path');
-
- return $targetUrl;
- }
-
- if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
- return $targetUrl;
- }
-
- return $this->options['default_target_path'];
- }
}
View
6 src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
@@ -37,15 +37,15 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL
/**
* {@inheritdoc}
*/
- public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, array $options = array(), AuthenticationSuccessHandlerInterface $successHandler = null, AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, CsrfProviderInterface $csrfProvider = null)
+ public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, SessionAuthenticationStrategyInterface $sessionStrategy, HttpUtils $httpUtils, $providerKey, AuthenticationSuccessHandlerInterface $successHandler = null, array $options = array(), AuthenticationFailureHandlerInterface $failureHandler = null, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null, CsrfProviderInterface $csrfProvider = null)
{
- parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, array_merge(array(
+ parent::__construct($securityContext, $authenticationManager, $sessionStrategy, $httpUtils, $providerKey, $successHandler, array_merge(array(
'username_parameter' => '_username',
'password_parameter' => '_password',
'csrf_parameter' => '_csrf_token',
'intention' => 'authenticate',
'post_only' => true,
- ), $options), $successHandler, $failureHandler, $logger, $dispatcher);
+ ), $options), $failureHandler, $logger, $dispatcher);
$this->csrfProvider = $csrfProvider;
}
Please sign in to comment.
Something went wrong with that request. Please try again.