Skip to content

Commit

Permalink
makes serialize methods final
Browse files Browse the repository at this point in the history
  • Loading branch information
renanbr committed Feb 1, 2019
1 parent 23fe9c8 commit e7e9a04
Show file tree
Hide file tree
Showing 13 changed files with 222 additions and 84 deletions.
35 changes: 35 additions & 0 deletions UPGRADE-4.3.md
View file
Expand Up @@ -44,3 +44,38 @@ HttpFoundation
use `Symfony\Component\Mime\FileBinaryMimeTypeGuesser` instead.
* The `FileinfoMimeTypeGuesser` class has been deprecated,
use `Symfony\Component\Mime\FileinfoMimeTypeGuesser` instead.

Security
--------

* The `AbstractToken::serialize()`, `AbstractToken::unserialize()`,
`AuthenticationException::serialize()` and `AuthenticationException::unserialize()`
methods are now final, use `getState()` and `setState()` instead.

Before:
```php
public function serialize()
{
return [$this->myLocalVar, parent::serialize()];
}

public function unserialize($serialized)
{
[$this->myLocalVar, $parentSerialized] = unserialize($serialized);
parent::setState($parentSerialized);
}
```

After:
```php
public function getState(): array
{
return [$this->myLocalVar, parent::getState()];
}

public function setState(array $data)
{
[$this->myLocalVar, $parentData] = $data;
parent::setState($parentData);
}
```
31 changes: 31 additions & 0 deletions UPGRADE-5.0.md
View file
Expand Up @@ -232,6 +232,37 @@ Security
* `SimpleAuthenticatorInterface`, `SimpleFormAuthenticatorInterface`, `SimplePreAuthenticatorInterface`,
`SimpleAuthenticationProvider`, `SimpleAuthenticationHandler`, `SimpleFormAuthenticationListener` and
`SimplePreAuthenticationListener` have been removed. Use Guard instead.
* `\Serializable` interface has been removed from `AbstractToken` and `AuthenticationException`,
thus `serialize()` and `unserialize()` aren't available.
Use `getState()` and `setState()` instead.

Before:
```php
public function serialize()
{
return [$this->myLocalVar, parent::serialize()];
}

public function unserialize($serialized)
{
[$this->myLocalVar, $parentSerialized] = unserialize($serialized);
parent::setState($parentSerialized);
}
```

After:
```php
public function getState(): array
{
return [$this->myLocalVar, parent::getState()];
}

public function setState(array $data)
{
[$this->myLocalVar, $parentData] = $data;
parent::setState($parentData);
}
```

SecurityBundle
--------------
Expand Down
6 changes: 6 additions & 0 deletions src/Symfony/Component/Security/CHANGELOG.md
View file
@@ -1,6 +1,12 @@
CHANGELOG
=========

4.3.0
-----

* [BC BREAK] Made the `serialize()` and `unserialize()` methods of `AbstractToken`
and `AuthenticationException` final, use `getState()`/`setState()` instead

4.2.0
-----

Expand Down
55 changes: 51 additions & 4 deletions src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php
View file
Expand Up @@ -133,20 +133,67 @@ public function eraseCredentials()

/**
* {@inheritdoc}
*
* @final since Symfony 4.3, use getState() instead
*
* @internal since Symfony 4.3, use getState() instead
*/
public function serialize()
{
$serialized = [$this->user, $this->authenticated, $this->roles, $this->attributes];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return $this->doSerialize($this->getState(), \func_num_args() ? \func_get_arg(0) : null);
}

/**
* {@inheritdoc}
*
* @final since Symfony 4.3, use setState() instead
*
* @internal since Symfony 4.3, use setState() instead
*/
public function unserialize($serialized)
{
list($this->user, $this->authenticated, $this->roles, $this->attributes) = \is_array($serialized) ? $serialized : unserialize($serialized);
$this->setState(\is_array($serialized) ? $serialized : unserialize($serialized));
}

/**
* Returns all the necessary state of the object for serialization purposes.
*
* There is no need to serialize any entry, they should be returned as-is.
* If you extend this method, keep in mind you MUST guarantee parent data is present in the state.
* Here is an example of how to extend this method:
* <code>
* protected function getState(): array
* {
* return [$this->childAttribute, parent::getState()];
* }
* </code>
*
* @see setState()
*/
protected function getState(): array
{
return [$this->user, $this->authenticated, $this->roles, $this->attributes];
}

/**
* Restores the object state from an array given by getState().
*
* There is no need to unserialize any entry in $data, they are already ready-to-use.
* If you extend this method, keep in mind you MUST pass the parent data to its respective class.
* Here is an example of how to extend this method:
* <code>
* protected function setState(array $data)
* {
* [$this->childAttribute, $parentData] = $data;
* parent::setState($parentData);
* }
* </code>
*
* @see getState()
*/
protected function setState(array $data)
{
[$this->user, $this->authenticated, $this->roles, $this->attributes] = $data;
}

/**
Expand Down
12 changes: 5 additions & 7 deletions src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php
View file
Expand Up @@ -57,19 +57,17 @@ public function getSecret()
/**
* {@inheritdoc}
*/
public function serialize()
protected function getState(): array
{
$serialized = [$this->secret, parent::serialize(true)];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return [$this->secret, parent::getState()];
}

/**
* {@inheritdoc}
*/
public function unserialize($serialized)
protected function setState(array $data)
{
list($this->secret, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
[$this->secret, $parentData] = $data;
parent::setState($parentData);
}
}
12 changes: 5 additions & 7 deletions src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php
View file
Expand Up @@ -77,19 +77,17 @@ public function eraseCredentials()
/**
* {@inheritdoc}
*/
public function serialize()
protected function getState(): array
{
$serialized = [$this->credentials, $this->providerKey, parent::serialize(true)];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return [$this->credentials, $this->providerKey, parent::getState()];
}

/**
* {@inheritdoc}
*/
public function unserialize($str)
protected function setState(array $data)
{
list($this->credentials, $this->providerKey, $parentStr) = \is_array($str) ? $str : unserialize($str);
parent::unserialize($parentStr);
[$this->credentials, $this->providerKey, $parentData] = $data;
parent::setState($parentData);
}
}
12 changes: 5 additions & 7 deletions src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php
View file
Expand Up @@ -92,19 +92,17 @@ public function getCredentials()
/**
* {@inheritdoc}
*/
public function serialize()
protected function getState(): array
{
$serialized = [$this->secret, $this->providerKey, parent::serialize(true)];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return [$this->secret, $this->providerKey, parent::getState()];
}

/**
* {@inheritdoc}
*/
public function unserialize($serialized)
protected function setState(array $data)
{
list($this->secret, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
[$this->secret, $this->providerKey, $parentData] = $data;
parent::setState($parentData);
}
}
12 changes: 5 additions & 7 deletions src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php
View file
Expand Up @@ -89,19 +89,17 @@ public function eraseCredentials()
/**
* {@inheritdoc}
*/
public function serialize()
protected function getState(): array
{
$serialized = [$this->credentials, $this->providerKey, parent::serialize(true)];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return [$this->credentials, $this->providerKey, parent::getState()];
}

/**
* {@inheritdoc}
*/
public function unserialize($serialized)
protected function setState(array $data)
{
list($this->credentials, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
[$this->credentials, $this->providerKey, $parentData] = $data;
parent::setState($parentData);
}
}
13 changes: 5 additions & 8 deletions src/Symfony/Component/Security/Core/Exception/AccountStatusException.php
View file
Expand Up @@ -42,20 +42,17 @@ public function setUser(UserInterface $user)
/**
* {@inheritdoc}
*/
public function serialize()
protected function getState(): array
{
$serialized = [$this->user, parent::serialize(true)];

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
return [$this->user, parent::getState()];
}

/**
* {@inheritdoc}
*/
public function unserialize($str)
protected function setState(array $data)
{
list($this->user, $parentData) = \is_array($str) ? $str : unserialize($str);

parent::unserialize($parentData);
[$this->user, $parentData] = $data;
parent::setState($parentData);
}
}
76 changes: 57 additions & 19 deletions src/Symfony/Component/Security/Core/Exception/AuthenticationException.php
View file
Expand Up @@ -40,18 +40,67 @@ public function setToken(TokenInterface $token)

/**
* {@inheritdoc}
*
* @final since Symfony 4.3, use getState() instead
*
* @internal since Symfony 4.3, use getState() instead
*/
public function serialize()
{
$serialized = [
$this->token,
$this->code,
$this->message,
$this->file,
$this->line,
];
return $this->doSerialize($this->getState(), \func_num_args() ? \func_get_arg(0) : null);
}

/**
* {@inheritdoc}
*
* @final since Symfony 4.3, use setState() instead
*
* @internal since Symfony 4.3, use setState() instead
*/
public function unserialize($serialized)
{
$this->setState(\is_array($serialized) ? $serialized : unserialize($serialized));
}

/**
* Returns all the necessary state of the object for serialization purposes.
*
* There is no need to serialize any entry, they should be returned as-is.
* If you extend this method, keep in mind you MUST guarantee parent data is present in the state.
* Here is an example of how to extend this method:
* <code>
* protected function getState(): array
* {
* return [$this->childAttribute, parent::getState()];
* }
* </code>
*
* @see setState()
*/
protected function getState(): array
{
return [$this->token, $this->code, $this->message, $this->file, $this->line];
}

return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null);
/**
* Restores the object state from an array given by getState().
*
* There is no need to unserialize any entry in $data, they are already ready-to-use.
* If you extend this method, keep in mind you MUST pass the parent data to its respective class.
* Here is an example of how to extend this method:
* <code>
* protected function setState(array $data)
* {
* [$this->childAttribute, $parentData] = $data;
* parent::setState($parentData);
* }
* </code>
*
* @see getState()
*/
protected function setState(array $data)
{
[$this->token, $this->code, $this->message, $this->file, $this->line] = $data;
}

/**
Expand All @@ -67,17 +116,6 @@ protected function doSerialize($serialized, $isCalledFromOverridingMethod)
return $isCalledFromOverridingMethod ? $serialized : serialize($serialized);
}

public function unserialize($str)
{
list(
$this->token,
$this->code,
$this->message,
$this->file,
$this->line
) = \is_array($str) ? $str : unserialize($str);
}

/**
* Message key to be used by the translation component.
*
Expand Down

0 comments on commit e7e9a04

Please sign in to comment.