Use the firewall event dispatcher

wouterj · wouterj · commit 7ef6a7ab039c · 2020-04-20T14:20:56.000+02:00
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php
@@ -218,9 +218,8 @@ private function createRememberMeListener(ContainerBuilder $container, string $i
     {
         $container
             ->setDefinition('security.listener.remember_me.'.$id, new ChildDefinition('security.listener.remember_me'))
-            ->addTag('kernel.event_subscriber')
+            ->addTag('kernel.event_subscriber', ['dispatcher' => 'security.event_dispatcher.'.$id])
             ->replaceArgument(0, new Reference($rememberMeServicesId))
-            ->replaceArgument(1, $id)
         ;
 
         $container
diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
@@ -156,8 +156,11 @@ public function load(array $configs, ContainerBuilder $container)
             ->replaceArgument(2, $this->statelessFirewallKeys);
 
         if ($this->authenticatorManagerEnabled) {
-            $container->getDefinition(SessionListener::class)
-                ->replaceArgument(1, $this->statelessFirewallKeys);
+            foreach ($this->statelessFirewallKeys as $statelessFirewallId) {
+                $container
+                    ->setDefinition('security.listener.session.'.$statelessFirewallId, new ChildDefinition('security.listener.session'))
+                    ->addTag('kernel.event_subscriber', ['dispatcher' => 'security.event_dispatcher.'.$statelessFirewallId]);
+            }
         }
 
         if ($config['encoders']) {
@@ -446,6 +449,7 @@ private function createFirewall(ContainerBuilder $container, string $id, array $
             $container
                 ->setDefinition($managerId = 'security.authenticator.manager.'.$id, new ChildDefinition('security.authenticator.manager'))
                 ->replaceArgument(0, $authenticators)
+                ->replaceArgument(2, new Reference($firewallEventDispatcherId))
                 ->replaceArgument(3, $id)
                 ->addTag('monolog.logger', ['channel' => 'security'])
             ;
diff --git a/src/Symfony/Bundle/SecurityBundle/EventListener/FirewallEventBubblingListener.php b/src/Symfony/Bundle/SecurityBundle/EventListener/FirewallEventBubblingListener.php
@@ -12,7 +12,10 @@
 namespace Symfony\Bundle\SecurityBundle\EventListener;
 
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\Security\Http\Event\LoginFailureEvent;
+use Symfony\Component\Security\Http\Event\LoginSuccessEvent;
 use Symfony\Component\Security\Http\Event\LogoutEvent;
+use Symfony\Component\Security\Http\Event\VerifyAuthenticatorCredentialsEvent;
 use Symfony\Contracts\EventDispatcher\EventDispatcherInterface;
 
 /**
@@ -34,6 +37,9 @@ public static function getSubscribedEvents(): array
     {
         return [
             LogoutEvent::class => 'bubbleEvent',
+            LoginFailureEvent::class => 'bubbleEvent',
+            LoginSuccessEvent::class => 'bubbleEvent',
+            VerifyAuthenticatorCredentialsEvent::class => 'bubbleEvent',
         ];
     }
 
diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator.xml
@@ -59,8 +59,9 @@
             <argument type="service" id="Symfony\Component\Security\Core\User\UserCheckerInterface" />
         </service>
 
-        <service id="security.listener.session" class="Symfony\Component\Security\Http\EventListener\SessionStrategyListener">
-            <tag name="kernel.event_subscriber" />
+        <service id="security.listener.session"
+                 class="Symfony\Component\Security\Http\EventListener\SessionStrategyListener"
+                 abstract="true">
             <argument type="service" id="security.authentication.session_strategy" />
             <argument type="abstract">stateless firewall keys</argument>
         </service>
diff --git a/src/Symfony/Component/Security/Http/EventListener/RememberMeListener.php b/src/Symfony/Component/Security/Http/EventListener/RememberMeListener.php
@@ -26,26 +26,29 @@
 class RememberMeListener implements EventSubscriberInterface
 {
     private $rememberMeServices;
-    private $providerKey;
     private $logger;
 
-    public function __construct(RememberMeServicesInterface $rememberMeServices, string $providerKey, ?LoggerInterface $logger = null)
+    public function __construct(RememberMeServicesInterface $rememberMeServices, ?LoggerInterface $logger = null)
     {
         $this->rememberMeServices = $rememberMeServices;
-        $this->providerKey = $providerKey;
         $this->logger = $logger;
     }
 
 
     public function onSuccessfulLogin(LoginSuccessEvent $event): void
     {
-        if (!$this->isRememberMeEnabled($event->getProviderKey(), $event->getAuthenticator())) {
+        $authenticator = $event->getAuthenticator();
+        if (!$authenticator instanceof RememberMeAuthenticatorInterface || !$authenticator->supportsRememberMe()) {
+            if (null !== $this->logger) {
+                $this->logger->debug('Remember me skipped: your authenticator does not support it.', ['authenticator' => \get_class($authenticator)]);
+            }
+
             return;
         }
 
         if (null === $event->getResponse()) {
             if (null !== $this->logger) {
-                $this->logger->debug('Remember me skipped: the authenticator did not set a success response.', ['authenticator' => \get_class($event->getAuthenticator())]);
+                $this->logger->debug('Remember me skipped: the authenticator did not set a success response.', ['authenticator' => \get_class($authenticator)]);
             }
 
             return;
@@ -56,31 +59,9 @@ public function onSuccessfulLogin(LoginSuccessEvent $event): void
 
     public function onFailedLogin(LoginFailureEvent $event): void
     {
-        if (!$this->isRememberMeEnabled($event->getProviderKey())) {
-            return;
-        }
-
         $this->rememberMeServices->loginFail($event->getRequest(), $event->getException());
     }
 
-    private function isRememberMeEnabled(string $providerKey, ?AuthenticatorInterface $authenticator = null): bool
-    {
-        if ($providerKey !== $this->providerKey) {
-            // This listener is created for a different firewall.
-            return false;
-        }
-
-        if (null !== $authenticator && (!$authenticator instanceof RememberMeAuthenticatorInterface || !$authenticator->supportsRememberMe())) {
-            if (null !== $this->logger) {
-                $this->logger->debug('Remember me skipped: your authenticator does not support it.', ['authenticator' => \get_class($authenticator)]);
-            }
-
-            return false;
-        }
-
-        return true;
-    }
-
     public static function getSubscribedEvents(): array
     {
         return [
diff --git a/src/Symfony/Component/Security/Http/EventListener/SessionStrategyListener.php b/src/Symfony/Component/Security/Http/EventListener/SessionStrategyListener.php
@@ -28,21 +28,18 @@
 class SessionStrategyListener implements EventSubscriberInterface
 {
     private $sessionAuthenticationStrategy;
-    private $statelessProviderKeys;
 
-    public function __construct(SessionAuthenticationStrategyInterface $sessionAuthenticationStrategy, array $statelessProviderKeys = [])
+    public function __construct(SessionAuthenticationStrategyInterface $sessionAuthenticationStrategy)
     {
         $this->sessionAuthenticationStrategy = $sessionAuthenticationStrategy;
-        $this->statelessProviderKeys = $statelessProviderKeys;
     }
 
     public function onSuccessfulLogin(LoginSuccessEvent $event): void
     {
         $request = $event->getRequest();
         $token = $event->getAuthenticatedToken();
-        $providerKey = $event->getProviderKey();
 
-        if (!$request->hasSession() || !$request->hasPreviousSession() || \in_array($providerKey, $this->statelessProviderKeys, true)) {
+        if (!$request->hasSession() || !$request->hasPreviousSession()) {
             return;
         }
 

Original file line number	Diff line number	Diff line change
`@@ -218,9 +218,8 @@ private function createRememberMeListener(ContainerBuilder $container, string $i`
`218`	`218`	`{`
`219`	`219`	`$container`
`220`	`220`	`->setDefinition('security.listener.remember_me.'.$id, new ChildDefinition('security.listener.remember_me'))`
`221`		`- ->addTag('kernel.event_subscriber')`
	`221`	`+ ->addTag('kernel.event_subscriber', ['dispatcher' => 'security.event_dispatcher.'.$id])`
`222`	`222`	`->replaceArgument(0, new Reference($rememberMeServicesId))`
`223`		`- ->replaceArgument(1, $id)`
`224`	`223`	`;`
`225`	`224`
`226`	`225`	`$container`
Original file line number	Diff line number	Diff line change
`@@ -28,21 +28,18 @@`
`28`	`28`	`class SessionStrategyListener implements EventSubscriberInterface`
`29`	`29`	`{`
`30`	`30`	`private $sessionAuthenticationStrategy;`
`31`		`- private $statelessProviderKeys;`
`32`	`31`
`33`		`- public function __construct(SessionAuthenticationStrategyInterface $sessionAuthenticationStrategy, array $statelessProviderKeys = [])`
	`32`	`+ public function __construct(SessionAuthenticationStrategyInterface $sessionAuthenticationStrategy)`
`34`	`33`	`{`
`35`	`34`	`$this->sessionAuthenticationStrategy = $sessionAuthenticationStrategy;`
`36`		`- $this->statelessProviderKeys = $statelessProviderKeys;`
`37`	`35`	`}`
`38`	`36`
`39`	`37`	`public function onSuccessfulLogin(LoginSuccessEvent $event): void`
`40`	`38`	`{`
`41`	`39`	`$request = $event->getRequest();`
`42`	`40`	`$token = $event->getAuthenticatedToken();`
`43`		`- $providerKey = $event->getProviderKey();`
`44`	`41`
`45`		`- if (!$request->hasSession() \|\| !$request->hasPreviousSession() \|\| \in_array($providerKey, $this->statelessProviderKeys, true)) {`
	`42`	`+ if (!$request->hasSession() \|\| !$request->hasPreviousSession()) {`
`46`	`43`	`return;`
`47`	`44`	`}`
`48`	`45`