Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 6480e58

Browse files
dmaicherdmaicher
committed
[Security] fix merge of 2.7 into 2.8 + add test case
1 parent c337bf6 commit 6480e58

File tree

2 files changed

+18
-5
lines changed

2 files changed

+18
-5
lines changed

src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -96,9 +96,13 @@ protected function attemptAuthentication(Request $request)
9696
}
9797
}
9898

99-
$requestBag = $this->options['post_only'] ? $request->request : $request;
100-
$username = ParameterBagUtils::getParameterBagValue($requestBag, $this->options['username_parameter']);
101-
$password = ParameterBagUtils::getParameterBagValue($requestBag, $this->options['password_parameter']);
99+
if ($this->options['post_only']) {
100+
$username = ParameterBagUtils::getParameterBagValue($request->request, $this->options['username_parameter']);
101+
$password = ParameterBagUtils::getParameterBagValue($request->request, $this->options['password_parameter']);
102+
} else {
103+
$username = ParameterBagUtils::getRequestParameterValue($request, $this->options['username_parameter']);
104+
$password = ParameterBagUtils::getRequestParameterValue($request, $this->options['password_parameter']);
105+
}
102106

103107
if (!\is_string($username) || (\is_object($username) && !\method_exists($username, '__toString'))) {
104108
throw new BadRequestHttpException(sprintf('The key "%s" must be a string, "%s" given.', $this->options['username_parameter'], \gettype($username)));

src/Symfony/Component/Security/Http/Tests/Firewall/UsernamePasswordFormAuthenticationListenerTest.php

Lines changed: 11 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -77,10 +77,11 @@ public function testHandleWhenUsernameLength($username, $ok)
7777
}
7878

7979
/**
80+
* @dataProvider postOnlyDataProvider
8081
* @expectedException \Symfony\Component\HttpKernel\Exception\BadRequestHttpException
8182
* @expectedExceptionMessage The key "_username" must be a string, "array" given.
8283
*/
83-
public function testHandleNonStringUsername()
84+
public function testHandleNonStringUsername($postOnly)
8485
{
8586
$request = Request::create('/login_check', 'POST', array('_username' => array()));
8687
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
@@ -93,14 +94,22 @@ public function testHandleNonStringUsername()
9394
'foo',
9495
new DefaultAuthenticationSuccessHandler($httpUtils),
9596
new DefaultAuthenticationFailureHandler($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $httpUtils),
96-
array('require_previous_session' => false)
97+
array('require_previous_session' => false, 'post_only' => $postOnly)
9798
);
9899

99100
$event = new GetResponseEvent($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $request, HttpKernelInterface::MASTER_REQUEST);
100101

101102
$listener->handle($event);
102103
}
103104

105+
public function postOnlyDataProvider()
106+
{
107+
return array(
108+
array(true),
109+
array(false)
110+
);
111+
}
112+
104113
public function getUsernameForLength()
105114
{
106115
return array(

0 commit comments

Comments
 (0)