Applied left-over review comments from #33558

wouterj · wouterj · commit be3a9a93f035 · 2020-04-21T22:14:49.000+02:00
diff --git a/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php b/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php
@@ -77,7 +77,7 @@ public function authenticateUser(UserInterface $user, AuthenticatorInterface $au
     public function supports(Request $request): ?bool
     {
         if (null !== $this->logger) {
-            $context = ['firewall_key' => $this->firewallName];
+            $context = ['firewall_name' => $this->firewallName];
 
             if ($this->authenticators instanceof \Countable || \is_array($this->authenticators)) {
                 $context['authenticators'] = \count($this->authenticators);
@@ -90,14 +90,14 @@ public function supports(Request $request): ?bool
         $lazy = true;
         foreach ($this->authenticators as $authenticator) {
             if (null !== $this->logger) {
-                $this->logger->debug('Checking support on authenticator.', ['firewall_key' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
+                $this->logger->debug('Checking support on authenticator.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
             }
 
             if (false !== $supports = $authenticator->supports($request)) {
                 $authenticators[] = $authenticator;
                 $lazy = $lazy && null === $supports;
             } elseif (null !== $this->logger) {
-                $this->logger->debug('Authenticator does not support the request.', ['firewall_key' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
+                $this->logger->debug('Authenticator does not support the request.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);
             }
         }
 
diff --git a/src/Symfony/Component/Security/Http/Authentication/NoopAuthenticationManager.php b/src/Symfony/Component/Security/Http/Authentication/NoopAuthenticationManager.php
@@ -19,7 +19,7 @@
  *
  * This is used to not break AuthenticationChecker and ContextListener when
  * using the authenticator system. Once the authenticator system is no longer
- * experimental, this class can be used trigger deprecation notices.
+ * experimental, this class can be used to trigger deprecation notices.
  *
  * @internal
  *
diff --git a/src/Symfony/Component/Security/Http/Authentication/UserAuthenticatorInterface.php b/src/Symfony/Component/Security/Http/Authentication/UserAuthenticatorInterface.php
@@ -24,7 +24,7 @@
 interface UserAuthenticatorInterface
 {
     /**
-     * Convenience method to manually login a user and return a
+     * Convenience method to programmatically login a user and return a
      * Response *if any* for success.
      */
     public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request): ?Response;
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/PasswordUpgradeBadge.php b/src/Symfony/Component/Security/Http/Authenticator/Passport/Badge/PasswordUpgradeBadge.php
@@ -11,6 +11,7 @@
 
 namespace Symfony\Component\Security\Http\Authenticator\Passport\Badge;
 
+use Symfony\Component\Security\Core\Exception\LogicException;
 use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
 
 /**
@@ -38,24 +39,23 @@ public function __construct(string $plaintextPassword, PasswordUpgraderInterface
         $this->passwordUpgrader = $passwordUpgrader;
     }
 
-    public function getPlaintextPassword(): string
+    public function getAndErasePlaintextPassword(): string
     {
-        return $this->plaintextPassword;
+        $password = $this->plaintextPassword;
+        if (null === $password) {
+            throw new LogicException('The password is erased as another listener already used this badge.');
+        }
+
+        $this->plaintextPassword = null;
+
+        return $password;
     }
 
     public function getPasswordUpgrader(): PasswordUpgraderInterface
     {
         return $this->passwordUpgrader;
     }
 
-    /**
-     * @internal
-     */
-    public function eraseCredentials()
-    {
-        $this->plaintextPassword = null;
-    }
-
     public function isResolved(): bool
     {
         return true;
diff --git a/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php b/src/Symfony/Component/Security/Http/EventListener/PasswordMigratingListener.php
@@ -1,5 +1,14 @@
 <?php
 
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
 namespace Symfony\Component\Security\Http\EventListener;
 
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
@@ -32,8 +41,7 @@ public function onLoginSuccess(LoginSuccessEvent $event): void
 
         /** @var PasswordUpgradeBadge $badge */
         $badge = $passport->getBadge(PasswordUpgradeBadge::class);
-        $plaintextPassword = $badge->getPlaintextPassword();
-        $badge->eraseCredentials();
+        $plaintextPassword = $badge->getAndErasePlaintextPassword();
 
         if ('' === $plaintextPassword) {
             return;
diff --git a/src/Symfony/Component/Security/Http/EventListener/SessionStrategyListener.php b/src/Symfony/Component/Security/Http/EventListener/SessionStrategyListener.php
@@ -17,7 +17,7 @@
 use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
 
 /**
- * Migrates/invalidate the session after successful login.
+ * Migrates/invalidates the session after successful login.
  *
  * This should be registered as subscriber to any "stateful" firewalls.
  *

Original file line number	Diff line number	Diff line change
`@@ -77,7 +77,7 @@ public function authenticateUser(UserInterface $user, AuthenticatorInterface $au`
`77`	`77`	`public function supports(Request $request): ?bool`
`78`	`78`	`{`
`79`	`79`	`if (null !== $this->logger) {`
`80`		`- $context = ['firewall_key' => $this->firewallName];`
	`80`	`+ $context = ['firewall_name' => $this->firewallName];`
`81`	`81`
`82`	`82`	`if ($this->authenticators instanceof \Countable \|\| \is_array($this->authenticators)) {`
`83`	`83`	`$context['authenticators'] = \count($this->authenticators);`
`@@ -90,14 +90,14 @@ public function supports(Request $request): ?bool`
`90`	`90`	`$lazy = true;`
`91`	`91`	`foreach ($this->authenticators as $authenticator) {`
`92`	`92`	`if (null !== $this->logger) {`
`93`		`- $this->logger->debug('Checking support on authenticator.', ['firewall_key' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);`
	`93`	`+ $this->logger->debug('Checking support on authenticator.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);`
`94`	`94`	`}`
`95`	`95`
`96`	`96`	`if (false !== $supports = $authenticator->supports($request)) {`
`97`	`97`	`$authenticators[] = $authenticator;`
`98`	`98`	`$lazy = $lazy && null === $supports;`
`99`	`99`	`} elseif (null !== $this->logger) {`
`100`		`- $this->logger->debug('Authenticator does not support the request.', ['firewall_key' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);`
	`100`	`+ $this->logger->debug('Authenticator does not support the request.', ['firewall_name' => $this->firewallName, 'authenticator' => \get_class($authenticator)]);`
`101`	`101`	`}`
`102`	`102`	`}`
`103`	`103`
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@`
`19`	`19`	`*`
`20`	`20`	`* This is used to not break AuthenticationChecker and ContextListener when`
`21`	`21`	`* using the authenticator system. Once the authenticator system is no longer`
`22`		`- * experimental, this class can be used trigger deprecation notices.`
	`22`	`+ * experimental, this class can be used to trigger deprecation notices.`
`23`	`23`	`*`
`24`	`24`	`* @internal`
`25`	`25`	`*`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@`
`24`	`24`	`interface UserAuthenticatorInterface`
`25`	`25`	`{`
`26`	`26`	`/**`
`27`		`- * Convenience method to manually login a user and return a`
	`27`	`+ * Convenience method to programmatically login a user and return a`
`28`	`28`	`* Response if any for success.`
`29`	`29`	`*/`
`30`	`30`	`public function authenticateUser(UserInterface $user, AuthenticatorInterface $authenticator, Request $request): ?Response;`
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`	`use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;`
`18`	`18`
`19`	`19`	`/**`
`20`		`- * Migrates/invalidate the session after successful login.`
	`20`	`+ * Migrates/invalidates the session after successful login.`
`21`	`21`	`*`
`22`	`22`	`* This should be registered as subscriber to any "stateful" firewalls.`
`23`	`23`	`*`