minor #14491 [2.3][SECURITY] Add remember me cookie configuration (klaascuvelier)

fabpot · fabpot · commit 4d57d587c14e · 2015-10-06T16:28:56.000+02:00
This PR was squashed before being merged into the 2.3 branch (closes #14491). Discussion ---------- [2.3][SECURITY] Add remember me cookie configuration | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14490 | License | MIT | Doc PR | Commits ------- e8f0e5a [2.3][SECURITY] Add remember me cookie configuration
diff --git a/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php b/src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php
@@ -34,7 +34,10 @@ abstract class AbstractRememberMeServices implements RememberMeServicesInterface
     const COOKIE_DELIMITER = ':';
 
     protected $logger;
-    protected $options;
+    protected $options = array(
+        'secure' => false,
+        'httponly' => true,
+    );
     private $providerKey;
     private $key;
     private $userProviders;
@@ -65,7 +68,7 @@ public function __construct(array $userProviders, $key, $providerKey, array $opt
         $this->userProviders = $userProviders;
         $this->key = $key;
         $this->providerKey = $providerKey;
-        $this->options = $options;
+        $this->options = array_merge($this->options, $options);
         $this->logger = $logger;
     }
 
diff --git a/src/Symfony/Component/Security/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php b/src/Symfony/Component/Security/Tests/Http/RememberMe/AbstractRememberMeServicesTest.php
@@ -91,11 +91,8 @@ public function testLogout(array $options)
         $request = new Request();
         $response = new Response();
         $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
-
         $service->logout($request, $response, $token);
-
         $cookie = $request->attributes->get(RememberMeServicesInterface::COOKIE_ATTR_NAME);
-
         $this->assertInstanceOf('Symfony\Component\HttpFoundation\Cookie', $cookie);
         $this->assertTrue($cookie->isCleared());
         $this->assertSame($options['name'], $cookie->getName());
@@ -286,13 +283,6 @@ protected function getService($userProvider = null, $options = array(), $logger
             $userProvider = $this->getProvider();
         }
 
-        if (!isset($options['secure'])) {
-            $options['secure'] = false;
-        }
-        if (!isset($options['httponly'])) {
-            $options['httponly'] = true;
-        }
-
         return $this->getMockForAbstractClass('Symfony\Component\Security\Http\RememberMe\AbstractRememberMeServices', array(
             array($userProvider), 'fookey', 'fookey', $options, $logger,
         ));
diff --git a/src/Symfony/Component/Security/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php b/src/Symfony/Component/Security/Tests/Http/RememberMe/PersistentTokenBasedRememberMeServicesTest.php
@@ -313,13 +313,6 @@ protected function getService($userProvider = null, $options = array(), $logger
             $userProvider = $this->getProvider();
         }
 
-        if (!isset($options['secure'])) {
-            $options['secure'] = false;
-        }
-        if (!isset($options['httponly'])) {
-            $options['httponly'] = true;
-        }
-
         return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));
     }
 
diff --git a/src/Symfony/Component/Security/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php b/src/Symfony/Component/Security/Tests/Http/RememberMe/TokenBasedRememberMeServicesTest.php
@@ -266,13 +266,6 @@ protected function getService($userProvider = null, $options = array(), $logger
             $userProvider = $this->getProvider();
         }
 
-        if (!isset($options['secure'])) {
-            $options['secure'] = false;
-        }
-        if (!isset($options['httponly'])) {
-            $options['httponly'] = true;
-        }
-
         $service = new TokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger);
 
         return $service;

Original file line number	Diff line number	Diff line change
`@@ -313,13 +313,6 @@ protected function getService($userProvider = null, $options = array(), $logger`
`313`	`313`	`$userProvider = $this->getProvider();`
`314`	`314`	`}`
`315`	`315`
`316`		`- if (!isset($options['secure'])) {`
`317`		`- $options['secure'] = false;`
`318`		`- }`
`319`		`- if (!isset($options['httponly'])) {`
`320`		`- $options['httponly'] = true;`
`321`		`- }`
`322`		`-`
`323`	`316`	`return new PersistentTokenBasedRememberMeServices(array($userProvider), 'fookey', 'fookey', $options, $logger, new SecureRandom(sys_get_temp_dir().'/_sf2.seed'));`
`324`	`317`	`}`
`325`	`318`