From e3703e9f0b0a29a95ce1dd96d47581722bd9b115 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 5 May 2013 18:52:41 +0200 Subject: [PATCH 1/3] fixed wrong Logger interface --- .../Security/Http/Firewall/SimpleFormAuthenticationListener.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php index f096c2f2c3296..7c4b9716ad5c1 100644 --- a/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/SimpleFormAuthenticationListener.php @@ -13,7 +13,6 @@ use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; -use Symfony\Component\HttpKernel\Log\LoggerInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; @@ -29,6 +28,7 @@ use Symfony\Component\Security\Http\RememberMe\RememberMeServicesInterface; use Symfony\Component\Security\Http\SecurityEvents; use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface; +use Psr\Log\LoggerInterface; /** * @author Jordi Boggiano From 217cb4c4cefbe1768eea9d6e9d254bb2ac3e6023 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 5 May 2013 18:58:35 +0200 Subject: [PATCH 2/3] moved the simple HTTP authenticator to a pre-auth one --- ...actory.php => SimplePreAuthenticationFactory.php} | 12 ++++++------ .../Resources/config/security_listeners.xml | 4 ++-- src/Symfony/Bundle/SecurityBundle/SecurityBundle.php | 4 ++-- ...rface.php => SimplePreAuthenticatorInterface.php} | 2 +- ...tener.php => SimplePreAuthenticationListener.php} | 12 ++++++------ 5 files changed, 17 insertions(+), 17 deletions(-) rename src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/{SimpleHttpFactory.php => SimplePreAuthenticationFactory.php} (82%) rename src/Symfony/Component/Security/Core/Authentication/{SimpleHttpAuthenticatorInterface.php => SimplePreAuthenticatorInterface.php} (85%) rename src/Symfony/Component/Security/Http/Firewall/{SimpleHttpAuthenticationListener.php => SimplePreAuthenticationListener.php} (87%) diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimpleHttpFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimplePreAuthenticationFactory.php similarity index 82% rename from src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimpleHttpFactory.php rename to src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimplePreAuthenticationFactory.php index d9613c1ccd3e3..27d8c5f050ec5 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimpleHttpFactory.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/SimplePreAuthenticationFactory.php @@ -19,16 +19,16 @@ /** * @author Jordi Boggiano */ -class SimpleHttpFactory implements SecurityFactoryInterface +class SimplePreAuthenticationFactory implements SecurityFactoryInterface { public function getPosition() { - return 'http'; + return 'pre_auth'; } public function getKey() { - return 'simple-http'; + return 'simple-preauth'; } public function addConfiguration(NodeDefinition $node) @@ -43,7 +43,7 @@ public function addConfiguration(NodeDefinition $node) public function create(ContainerBuilder $container, $id, $config, $userProvider, $defaultEntryPoint) { - $provider = 'security.authentication.provider.simple_http.'.$id; + $provider = 'security.authentication.provider.simple_preauth.'.$id; $container ->setDefinition($provider, new DefinitionDecorator('security.authentication.provider.simple')) ->replaceArgument(0, new Reference($config['authenticator'])) @@ -52,8 +52,8 @@ public function create(ContainerBuilder $container, $id, $config, $userProvider, ; // listener - $listenerId = 'security.authentication.listener.simple_http.'.$id; - $listener = $container->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.simple_http')); + $listenerId = 'security.authentication.listener.simple_preauth.'.$id; + $listener = $container->setDefinition($listenerId, new DefinitionDecorator('security.authentication.listener.simple_preauth')); $listener->replaceArgument(2, $id); $listener->replaceArgument(3, new Reference($config['authenticator'])); diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml index 8281fc657da22..2bd379931a90b 100644 --- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml +++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml @@ -14,7 +14,7 @@ Symfony\Component\Security\Http\Firewall\SimpleFormAuthenticationListener - Symfony\Component\Security\Http\Firewall\SimpleHttpAuthenticationListener + Symfony\Component\Security\Http\Firewall\SimplePreAuthenticationListener Symfony\Component\Security\Http\Firewall\BasicAuthenticationListener Symfony\Component\Security\Http\EntryPoint\BasicAuthenticationEntryPoint @@ -153,7 +153,7 @@ - + diff --git a/src/Symfony/Bundle/SecurityBundle/SecurityBundle.php b/src/Symfony/Bundle/SecurityBundle/SecurityBundle.php index 85c4a22b2e872..5de413658632e 100644 --- a/src/Symfony/Bundle/SecurityBundle/SecurityBundle.php +++ b/src/Symfony/Bundle/SecurityBundle/SecurityBundle.php @@ -19,7 +19,7 @@ use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\HttpDigestFactory; use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\RememberMeFactory; use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\X509Factory; -use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SimpleHttpFactory; +use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SimplePreAuthenticationFactory; use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\Factory\SimpleFormFactory; use Symfony\Bundle\SecurityBundle\DependencyInjection\Security\UserProvider\InMemoryFactory; @@ -40,7 +40,7 @@ public function build(ContainerBuilder $container) $extension->addSecurityListenerFactory(new HttpDigestFactory()); $extension->addSecurityListenerFactory(new RememberMeFactory()); $extension->addSecurityListenerFactory(new X509Factory()); - $extension->addSecurityListenerFactory(new SimpleHttpFactory()); + $extension->addSecurityListenerFactory(new SimplePreAuthenticationFactory()); $extension->addSecurityListenerFactory(new SimpleFormFactory()); $extension->addUserProviderFactory(new InMemoryFactory()); diff --git a/src/Symfony/Component/Security/Core/Authentication/SimpleHttpAuthenticatorInterface.php b/src/Symfony/Component/Security/Core/Authentication/SimplePreAuthenticatorInterface.php similarity index 85% rename from src/Symfony/Component/Security/Core/Authentication/SimpleHttpAuthenticatorInterface.php rename to src/Symfony/Component/Security/Core/Authentication/SimplePreAuthenticatorInterface.php index b64aad9193107..6164e7d9860a7 100644 --- a/src/Symfony/Component/Security/Core/Authentication/SimpleHttpAuthenticatorInterface.php +++ b/src/Symfony/Component/Security/Core/Authentication/SimplePreAuthenticatorInterface.php @@ -16,7 +16,7 @@ /** * @author Jordi Boggiano */ -interface SimpleHttpAuthenticatorInterface extends SimpleAuthenticatorInterface +interface SimplePreAuthenticatorInterface extends SimpleAuthenticatorInterface { public function createToken(Request $request, $providerKey); } diff --git a/src/Symfony/Component/Security/Http/Firewall/SimpleHttpAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php similarity index 87% rename from src/Symfony/Component/Security/Http/Firewall/SimpleHttpAuthenticationListener.php rename to src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php index ab49b14165cfe..80b35a55ac045 100644 --- a/src/Symfony/Component/Security/Http/Firewall/SimpleHttpAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php @@ -17,18 +17,18 @@ use Psr\Log\LoggerInterface; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\HttpFoundation\Response; -use Symfony\Component\Security\Core\Authentication\SimpleHttpAuthenticatorInterface; +use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; /** - * SimpleHttpListener implements simple proxying to an authenticator. + * SimplePreAuthenticationListener implements simple proxying to an authenticator. * * @author Jordi Boggiano */ -class SimpleHttpAuthenticationListener implements ListenerInterface +class SimplePreAuthenticationListener implements ListenerInterface { private $securityContext; private $authenticationManager; @@ -42,10 +42,10 @@ class SimpleHttpAuthenticationListener implements ListenerInterface * @param SecurityContextInterface $securityContext A SecurityContext instance * @param AuthenticationManagerInterface $authenticationManager An AuthenticationManagerInterface instance * @param string $providerKey - * @param SimpleHttpAuthenticatorInterface $simpleAuthenticator A SimpleHttpAuthenticatorInterface instance + * @param SimplePreAuthenticatorInterface $simpleAuthenticator A SimplePreAuthenticatorInterface instance * @param LoggerInterface $logger A LoggerInterface instance */ - public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, SimpleHttpAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null) + public function __construct(SecurityContextInterface $securityContext, AuthenticationManagerInterface $authenticationManager, $providerKey, SimplePreAuthenticatorInterface $simpleAuthenticator, LoggerInterface $logger = null) { if (empty($providerKey)) { throw new \InvalidArgumentException('$providerKey must not be empty.'); @@ -68,7 +68,7 @@ public function handle(GetResponseEvent $event) $request = $event->getRequest(); if (null !== $this->logger) { - $this->logger->info(sprintf('Attempting simple http authorization %s', $this->providerKey)); + $this->logger->info(sprintf('Attempting simple pre-authorization %s', $this->providerKey)); } try { From bbf1c7c992aba04d07bd2f135dff962c7b5acd5f Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 5 May 2013 19:24:00 +0200 Subject: [PATCH 3/3] [Security] allowed simple pre-auth to be optional if another auth mechanism already authenticated the user --- .../Http/Firewall/SimplePreAuthenticationListener.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php index 80b35a55ac045..2a6b4d5c0d291 100644 --- a/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/SimplePreAuthenticationListener.php @@ -19,6 +19,7 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Authentication\SimplePreAuthenticatorInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; +use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken; use Symfony\Component\Security\Core\Exception\AuthenticationException; use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface; @@ -71,6 +72,10 @@ public function handle(GetResponseEvent $event) $this->logger->info(sprintf('Attempting simple pre-authorization %s', $this->providerKey)); } + if (null !== $this->context->getToken() && !$this->context->getToken() instanceof AnonymousToken) { + return; + } + try { $token = $this->simpleAuthenticator->createToken($request, $this->providerKey); $token = $this->authenticationManager->authenticate($token);