Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit bf81d66

Browse files
xabbuhfabpot
xabbuh
authored and
fabpot
committed
deprecate the $secret argument of the PersistentRememberMeHandler constructor
1 parent 3067b9b commit bf81d66

File tree

6 files changed

+47
-5
lines changed

6 files changed

+47
-5
lines changed

UPGRADE-6.3.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,11 @@ Notifier
9696
* [BC BREAK] The following data providers for `TransportTestCase` are now static: `toStringProvider()`, `supportedMessagesProvider()` and `unsupportedMessagesProvider()`
9797
* [BC BREAK] The `TransportTestCase::createTransport()` method is now static
9898

99+
Security
100+
--------
101+
102+
* Deprecate passing a secret as the 2nd argument to the constructor of `Symfony\Component\Security\Http\RememberMe\PersistentRememberMeHandler`
103+
99104
SecurityBundle
100105
--------------
101106

src/Symfony/Bundle/SecurityBundle/Resources/config/security_authenticator_remember_me.php

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,6 @@
5050
->abstract()
5151
->args([
5252
abstract_arg('token provider'),
53-
param('kernel.secret'),
5453
abstract_arg('user provider'),
5554
service('request_stack'),
5655
abstract_arg('options'),

src/Symfony/Bundle/SecurityBundle/composer.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
"symfony/password-hasher": "^5.4|^6.0",
2828
"symfony/security-core": "^6.2",
2929
"symfony/security-csrf": "^5.4|^6.0",
30-
"symfony/security-http": "^6.2.6"
30+
"symfony/security-http": "^6.3"
3131
},
3232
"require-dev": {
3333
"doctrine/annotations": "^1.10.4|^2",

src/Symfony/Component/Security/Http/CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ CHANGELOG
66

77
* Add `RememberMeBadge` to `JsonLoginAuthenticator` and enable reading parameter in JSON request body
88
* Add argument `$exceptionCode` to `#[IsGranted]`
9+
* Deprecate passing a secret as the 2nd argument to the constructor of `Symfony\Component\Security\Http\RememberMe\PersistentRememberMeHandler`
910

1011
6.2
1112
---

src/Symfony/Component/Security/Http/RememberMe/PersistentRememberMeHandler.php

Lines changed: 38 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,8 +35,45 @@ final class PersistentRememberMeHandler extends AbstractRememberMeHandler
3535
private TokenProviderInterface $tokenProvider;
3636
private ?TokenVerifierInterface $tokenVerifier;
3737

38-
public function __construct(TokenProviderInterface $tokenProvider, #[\SensitiveParameter] string $secret, UserProviderInterface $userProvider, RequestStack $requestStack, array $options, LoggerInterface $logger = null, TokenVerifierInterface $tokenVerifier = null)
38+
/**
39+
* @param UserProviderInterface $userProvider
40+
* @param RequestStack $requestStack
41+
* @param array $options
42+
* @param LoggerInterface|null $logger
43+
* @param TokenVerifierInterface|null $tokenVerifier
44+
*/
45+
public function __construct(TokenProviderInterface $tokenProvider, #[\SensitiveParameter] $userProvider, $requestStack, $options, $logger = null, $tokenVerifier = null)
3946
{
47+
if (\is_string($userProvider)) {
48+
trigger_deprecation('symfony/security-http', '6.3', 'Calling "%s()" with the secret as the second argument is deprecated. The argument will be dropped in 7.0.', __CLASS__);
49+
50+
$userProvider = $requestStack;
51+
$requestStack = $options;
52+
$options = $logger;
53+
$logger = $tokenVerifier;
54+
$tokenVerifier = \func_num_args() > 6 ? func_get_arg(6) : null;
55+
}
56+
57+
if (!$userProvider instanceof UserProviderInterface) {
58+
throw new \TypeError(sprintf('Argument 2 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, UserProviderInterface::class, get_debug_type($userProvider)));
59+
}
60+
61+
if (!$requestStack instanceof RequestStack) {
62+
throw new \TypeError(sprintf('Argument 3 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, RequestStack::class, get_debug_type($userProvider)));
63+
}
64+
65+
if (!\is_array($options)) {
66+
throw new \TypeError(sprintf('Argument 4 passed to "%s()" must be an array, "%s" given.', __CLASS__, get_debug_type($userProvider)));
67+
}
68+
69+
if (null !== $logger && !$logger instanceof LoggerInterface) {
70+
throw new \TypeError(sprintf('Argument 5 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, LoggerInterface::class, get_debug_type($userProvider)));
71+
}
72+
73+
if (null !== $tokenVerifier && !$tokenVerifier instanceof TokenVerifierInterface) {
74+
throw new \TypeError(sprintf('Argument 6 passed to "%s()" must be an instance of "%s", "%s" given.', __CLASS__, TokenVerifierInterface::class, get_debug_type($userProvider)));
75+
}
76+
4077
parent::__construct($userProvider, $requestStack, $options, $logger);
4178

4279
if (!$tokenVerifier && $tokenProvider instanceof TokenVerifierInterface) {

src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentRememberMeHandlerTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ protected function setUp(): void
4242
$this->requestStack = new RequestStack();
4343
$this->request = Request::create('/login');
4444
$this->requestStack->push($this->request);
45-
$this->handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, []);
45+
$this->handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, []);
4646
}
4747

4848
public function testCreateRememberMeCookie()
@@ -104,7 +104,7 @@ public function testConsumeRememberMeCookieValid()
104104
public function testConsumeRememberMeCookieValidByValidatorWithoutUpdate()
105105
{
106106
$verifier = $this->createMock(TokenVerifierInterface::class);
107-
$handler = new PersistentRememberMeHandler($this->tokenProvider, 'secret', $this->userProvider, $this->requestStack, [], null, $verifier);
107+
$handler = new PersistentRememberMeHandler($this->tokenProvider, $this->userProvider, $this->requestStack, [], null, $verifier);
108108

109109
$persistentToken = new PersistentToken(InMemoryUser::class, 'wouter', 'series1', 'tokenvalue', new \DateTime('30 seconds'));
110110

0 commit comments

Comments
 (0)