From 522c2e9ba82c6b66601d64e91b73fcc8fe66df10 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 16:07:52 +0200 Subject: [PATCH 1/8] Update RequestListener.php fixes #263 and #264 --- src/EventListener/RequestListener.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/EventListener/RequestListener.php b/src/EventListener/RequestListener.php index 8c36b669..8d715fc8 100644 --- a/src/EventListener/RequestListener.php +++ b/src/EventListener/RequestListener.php @@ -65,11 +65,13 @@ public function onKernelRequest(GetResponseEvent $event): void $token = $this->tokenStorage->getToken(); } + $userData = []; + if ( null !== $token && null !== $this->authorizationChecker && $token->isAuthenticated() - && $this->authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) + && $token->getUser() ) { $userData = $this->getUserData($token->getUser()); } From f8c56cca7eed209e2a8dc4e4bf8c1fa10247f91b Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 16:29:09 +0200 Subject: [PATCH 2/8] Update RequestListener.php --- src/EventListener/RequestListener.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/EventListener/RequestListener.php b/src/EventListener/RequestListener.php index 8d715fc8..74ccb731 100644 --- a/src/EventListener/RequestListener.php +++ b/src/EventListener/RequestListener.php @@ -9,7 +9,6 @@ use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; -use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; use Symfony\Component\Security\Core\User\UserInterface; /** From a7fe648fbbb40f6fc2bd18fe280c14dbb510d7a5 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 16:38:10 +0200 Subject: [PATCH 3/8] Update RequestListener.php --- src/EventListener/RequestListener.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/EventListener/RequestListener.php b/src/EventListener/RequestListener.php index 74ccb731..43854e46 100644 --- a/src/EventListener/RequestListener.php +++ b/src/EventListener/RequestListener.php @@ -65,7 +65,7 @@ public function onKernelRequest(GetResponseEvent $event): void } $userData = []; - + if ( null !== $token && null !== $this->authorizationChecker From 0a71ea681854bbe419bd14953ba8a7aa54d53dc2 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 17:08:29 +0200 Subject: [PATCH 4/8] Update CHANGELOG.md --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b902aa75..70e35fdc 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. ## Unreleased - Fix handling of command with no name on `ConsoleListener` (#261) + - Remove check by AuthorizationChecker in `RequestListener` (#264) + - Fixed undefined variable in `RequestListener` (#263) ## 3.2.0 (2019-10-04) From 99833dc564f136f2bda2e89b6ba1dee366b13b20 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 17:31:13 +0200 Subject: [PATCH 5/8] Update services.xml removed service --- src/Resources/config/services.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Resources/config/services.xml b/src/Resources/config/services.xml index 8c5279b8..d4ed5690 100644 --- a/src/Resources/config/services.xml +++ b/src/Resources/config/services.xml @@ -40,7 +40,6 @@ - From 7afae69e92e58079a5b5603fccecb84ef0745fff Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 17:32:16 +0200 Subject: [PATCH 6/8] Update RequestListener.php removed AuthorizationChecker --- src/EventListener/RequestListener.php | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/src/EventListener/RequestListener.php b/src/EventListener/RequestListener.php index 43854e46..f3dc5670 100644 --- a/src/EventListener/RequestListener.php +++ b/src/EventListener/RequestListener.php @@ -8,7 +8,6 @@ use Symfony\Component\HttpKernel\Event\FilterControllerEvent; use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; -use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; use Symfony\Component\Security\Core\User\UserInterface; /** @@ -23,23 +22,17 @@ final class RequestListener /** @var TokenStorageInterface|null */ private $tokenStorage; - /** @var AuthorizationCheckerInterface|null */ - private $authorizationChecker; - /** * RequestListener constructor. * @param HubInterface $hub * @param TokenStorageInterface|null $tokenStorage - * @param AuthorizationCheckerInterface|null $authorizationChecker */ public function __construct( HubInterface $hub, - ?TokenStorageInterface $tokenStorage, - ?AuthorizationCheckerInterface $authorizationChecker + ?TokenStorageInterface $tokenStorage ) { $this->hub = $hub; // not used, needed to trigger instantiation $this->tokenStorage = $tokenStorage; - $this->authorizationChecker = $authorizationChecker; } /** @@ -68,7 +61,6 @@ public function onKernelRequest(GetResponseEvent $event): void if ( null !== $token - && null !== $this->authorizationChecker && $token->isAuthenticated() && $token->getUser() ) { From 04f96f31a1524dce7a7c7d82b1ce877508cbb540 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 18:08:11 +0200 Subject: [PATCH 7/8] Update RequestListenerTest.php changed tests to reflect removed AuthorizationChecker --- test/EventListener/RequestListenerTest.php | 83 +++------------------- 1 file changed, 8 insertions(+), 75 deletions(-) diff --git a/test/EventListener/RequestListenerTest.php b/test/EventListener/RequestListenerTest.php index 5f013974..e02b0696 100644 --- a/test/EventListener/RequestListenerTest.php +++ b/test/EventListener/RequestListenerTest.php @@ -16,8 +16,6 @@ use Symfony\Component\HttpKernel\Event\GetResponseEvent; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; -use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; -use Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter; use Symfony\Component\Security\Core\User\UserInterface; class RequestListenerTest extends TestCase @@ -59,7 +57,6 @@ protected function setUp() public function testOnKernelRequestUserDataIsSetToScope($user): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $request = $this->prophesize(Request::class); $token = $this->prophesize(TokenInterface::class); @@ -72,8 +69,6 @@ public function testOnKernelRequestUserDataIsSetToScope($user): void $token->isAuthenticated() ->willReturn(true); - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->willReturn(true); $token->getUser() ->willReturn($user); @@ -113,7 +108,6 @@ public function userDataProvider(): \Generator public function testOnKernelRequestUserDataIsNotSetIfSendPiiIsDisabled(): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $event->isMasterRequest() @@ -126,8 +120,7 @@ public function testOnKernelRequestUserDataIsNotSetIfSendPiiIsDisabled(): void $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); @@ -138,7 +131,6 @@ public function testOnKernelRequestUserDataIsNotSetIfSendPiiIsDisabled(): void public function testOnKernelRequestUserDataIsNotSetIfNoClientIsPresent(): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $event->isMasterRequest() @@ -151,8 +143,7 @@ public function testOnKernelRequestUserDataIsNotSetIfNoClientIsPresent(): void $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); @@ -162,47 +153,12 @@ public function testOnKernelRequestUserDataIsNotSetIfNoClientIsPresent(): void public function testOnKernelRequestUsernameIsNotSetIfTokenStorageIsAbsent(): void { - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); - $event = $this->prophesize(GetResponseEvent::class); - $request = $this->prophesize(Request::class); - - $event->isMasterRequest() - ->willReturn(true); - - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->shouldNotBeCalled(); - - $event->getRequest() - ->willReturn($request->reveal()); - $request->getClientIp() - ->willReturn('1.2.3.4'); - - $listener = new RequestListener( - $this->currentHub->reveal(), - null, - $authorizationChecker->reveal() - ); - - $listener->onKernelRequest($event->reveal()); - - $expectedUserData = [ - 'ip_address' => '1.2.3.4', - ]; - $this->assertEquals($expectedUserData, $this->getUserContext($this->currentScope)); - } - - public function testOnKernelRequestUsernameIsNotSetIfAuthorizationCheckerIsAbsent(): void - { - $tokenStorage = $this->prophesize(TokenStorageInterface::class); $event = $this->prophesize(GetResponseEvent::class); $request = $this->prophesize(Request::class); $event->isMasterRequest() ->willReturn(true); - $tokenStorage->getToken() - ->willReturn($this->prophesize(TokenInterface::class)->reveal()); - $event->getRequest() ->willReturn($request->reveal()); $request->getClientIp() @@ -210,7 +166,6 @@ public function testOnKernelRequestUsernameIsNotSetIfAuthorizationCheckerIsAbsen $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), null ); @@ -225,7 +180,6 @@ public function testOnKernelRequestUsernameIsNotSetIfAuthorizationCheckerIsAbsen public function testOnKernelRequestUsernameIsNotSetIfTokenIsAbsent(): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $request = $this->prophesize(Request::class); @@ -235,9 +189,6 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsAbsent(): void $tokenStorage->getToken() ->willReturn(null); - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->shouldNotBeCalled(); - $event->getRequest() ->willReturn($request->reveal()); $request->getClientIp() @@ -245,8 +196,7 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsAbsent(): void $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); @@ -263,7 +213,6 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsAbsent(): void public function testOnKernelRequestUsernameIsNotSetIfTokenIsNotAuthenticated(): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $token = $this->prophesize(TokenInterface::class); $event = $this->prophesize(GetResponseEvent::class); $request = $this->prophesize(Request::class); @@ -277,9 +226,6 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsNotAuthenticated(): $token->isAuthenticated() ->willReturn(false); - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->shouldNotBeCalled(); - $event->getRequest() ->willReturn($request->reveal()); $request->getClientIp() @@ -287,8 +233,7 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsNotAuthenticated(): $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); @@ -302,7 +247,6 @@ public function testOnKernelRequestUsernameIsNotSetIfTokenIsNotAuthenticated(): public function testOnKernelRequestUsernameIsNotSetIfUserIsNotRemembered(): void { $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $request = $this->prophesize(Request::class); @@ -312,9 +256,6 @@ public function testOnKernelRequestUsernameIsNotSetIfUserIsNotRemembered(): void $tokenStorage->getToken() ->willReturn(null); - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->willReturn(false); - $event->getRequest() ->willReturn($request->reveal()); $request->getClientIp() @@ -322,8 +263,7 @@ public function testOnKernelRequestUsernameIsNotSetIfUserIsNotRemembered(): void $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); @@ -347,8 +287,7 @@ public function testOnKernelControllerAddsRouteTag(): void $listener = new RequestListener( $this->currentHub->reveal(), - $this->prophesize(TokenStorageInterface::class)->reveal(), - $this->prophesize(AuthorizationCheckerInterface::class)->reveal() + $this->prophesize(TokenStorageInterface::class)->reveal() ); $listener->onKernelController($event->reveal()); @@ -371,8 +310,7 @@ public function testOnKernelControllerRouteTagIsNotSetIfRequestDoesNotHaveARoute $listener = new RequestListener( $this->currentHub->reveal(), - $this->prophesize(TokenStorageInterface::class)->reveal(), - $this->prophesize(AuthorizationCheckerInterface::class)->reveal() + $this->prophesize(TokenStorageInterface::class)->reveal() ); $listener->onKernelController($event->reveal()); @@ -384,7 +322,6 @@ public function testOnKernelRequestUserDataAndTagsAreNotSetInSubRequest(): void ->shouldNotBeCalled(); $tokenStorage = $this->prophesize(TokenStorageInterface::class); - $authorizationChecker = $this->prophesize(AuthorizationCheckerInterface::class); $event = $this->prophesize(GetResponseEvent::class); $event->isMasterRequest() @@ -393,13 +330,9 @@ public function testOnKernelRequestUserDataAndTagsAreNotSetInSubRequest(): void $tokenStorage->getToken() ->shouldNotBeCalled(); - $authorizationChecker->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED) - ->shouldNotBeCalled(); - $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal()); From 11569465682e6ad9284d02ece7e1be0dfeec6aa2 Mon Sep 17 00:00:00 2001 From: cklm Date: Tue, 22 Oct 2019 18:12:47 +0200 Subject: [PATCH 8/8] Update RequestListenerTest.php --- test/EventListener/RequestListenerTest.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/test/EventListener/RequestListenerTest.php b/test/EventListener/RequestListenerTest.php index e02b0696..23408cce 100644 --- a/test/EventListener/RequestListenerTest.php +++ b/test/EventListener/RequestListenerTest.php @@ -80,8 +80,7 @@ public function testOnKernelRequestUserDataIsSetToScope($user): void $listener = new RequestListener( $this->currentHub->reveal(), - $tokenStorage->reveal(), - $authorizationChecker->reveal() + $tokenStorage->reveal() ); $listener->onKernelRequest($event->reveal());