[SecurityBundle] Fix incompatibility with 6.0

wouterj · wouterj · commit d2a1abf5122f · 2021-08-17T17:50:11.000+02:00
diff --git a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php
@@ -127,7 +127,7 @@ public function collect(Request $request, Response $response, \Throwable $except
 
             $this->data = [
                 'enabled' => true,
-                'authenticated' => $token->isAuthenticated(false),
+                'authenticated' => method_exists($token, 'isAuthenticated') ? $token->isAuthenticated(false) : true,
                 'impersonated' => null !== $impersonatorUser,
                 'impersonator_user' => $impersonatorUser,
                 'impersonation_exit_path' => null,
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/Compiler/RegisterEntryPointsPassTest.php
@@ -25,7 +25,7 @@
 use Symfony\Component\Security\Core\Exception\BadCredentialsException;
 use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;
 use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 use Symfony\Component\Security\Http\Firewall\ExceptionListener;
 
@@ -76,7 +76,7 @@ public function supports(Request $request): ?bool
         return false;
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         throw new BadCredentialsException();
     }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -38,6 +38,7 @@
 use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 
 class SecurityExtensionTest extends TestCase
@@ -841,7 +842,7 @@ public function supports(Request $request): ?bool
     {
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
     }
 
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/ApiAuthenticator.php
@@ -20,7 +20,7 @@
 use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
 use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
 
 class ApiAuthenticator extends AbstractAuthenticator
@@ -37,7 +37,7 @@ public function supports(Request $request): ?bool
         return $request->headers->has('X-USER-EMAIL');
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $email = $request->headers->get('X-USER-EMAIL');
         if (false === strpos($email, '@')) {
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/AuthenticatorBundle/LoginFormAuthenticator.php
@@ -21,7 +21,6 @@
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
 use Symfony\Component\Security\Http\Util\TargetPathTrait;
 
 class LoginFormAuthenticator extends AbstractLoginFormAuthenticator
@@ -36,7 +35,7 @@ public function __construct(UrlGeneratorInterface $urlGenerator)
         $this->urlGenerator = $urlGenerator;
     }
 
-    public function authenticate(Request $request): PassportInterface
+    public function authenticate(Request $request): Passport
     {
         $username = $request->request->get('_username', '');
 
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/SecurityTest.php
@@ -177,60 +177,60 @@ public function getPassword(): ?string
     /**
      * {@inheritdoc}
      */
-    public function getSalt()
+    public function getSalt(): string
     {
-        return null;
+        return '';
     }
 
     /**
      * {@inheritdoc}
      */
-    public function getUsername()
+    public function getUsername(): string
     {
         return $this->username;
     }
 
-    public function getUserIdentifier()
+    public function getUserIdentifier(): string
     {
         return $this->username;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isAccountNonExpired()
+    public function isAccountNonExpired(): bool
     {
         return $this->accountNonExpired;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isAccountNonLocked()
+    public function isAccountNonLocked(): bool
     {
         return $this->accountNonLocked;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isCredentialsNonExpired()
+    public function isCredentialsNonExpired(): bool
     {
         return $this->credentialsNonExpired;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function isEnabled()
+    public function isEnabled(): bool
     {
         return $this->enabled;
     }
 
     /**
      * {@inheritdoc}
      */
-    public function eraseCredentials()
+    public function eraseCredentials(): void
     {
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/StandardFormLogin/base_config.yml
@@ -39,19 +39,19 @@ security:
                 path: /second/logout
 
     access_control:
-        - { path: ^/en/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/unprotected_resource$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secure-but-not-covered-by-access-control$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-ip$, ip: 10.10.10.10, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-two-ips$, ips: [1.1.1.1, 2.2.2.2], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/en/$, roles: PUBLIC_ACCESS }
+        - { path: ^/unprotected_resource$, roles: PUBLIC_ACCESS }
+        - { path: ^/secure-but-not-covered-by-access-control$, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-ip$, ip: 10.10.10.10, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-two-ips$, ips: [1.1.1.1, 2.2.2.2], roles: PUBLIC_ACCESS }
         # these real IP addresses are reserved for docs/examples (https://tools.ietf.org/search/rfc5737)
-        - { path: ^/secured-by-one-real-ip$, ips: 198.51.100.0, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-real-ip-with-mask$, ips: '203.0.113.0/24', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-real-ipv6$, ips: 0:0:0:0:0:ffff:c633:6400, roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder$, ips: '%env(APP_IP)%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-multiple-ips$, ips: '%env(APP_IPS)%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-and-one-real-ip$, ips: ['%env(APP_IP)%', 198.51.100.0], roles: IS_AUTHENTICATED_ANONYMOUSLY }
-        - { path: ^/secured-by-one-env-placeholder-multiple-ips-and-one-real-ip$, ips: ['%env(APP_IPS)%', 198.51.100.0], roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/secured-by-one-real-ip$, ips: 198.51.100.0, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-real-ip-with-mask$, ips: '203.0.113.0/24', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-real-ipv6$, ips: 0:0:0:0:0:ffff:c633:6400, roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder$, ips: '%env(APP_IP)%', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-multiple-ips$, ips: '%env(APP_IPS)%', roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-and-one-real-ip$, ips: ['%env(APP_IP)%', 198.51.100.0], roles: PUBLIC_ACCESS }
+        - { path: ^/secured-by-one-env-placeholder-multiple-ips-and-one-real-ip$, ips: ['%env(APP_IPS)%', 198.51.100.0], roles: PUBLIC_ACCESS }
         - { path: ^/highly_protected_resource$, roles: IS_ADMIN }
         - { path: ^/protected-via-expression$, allow_if: "(!is_authenticated() and request.headers.get('user-agent') matches '/Firefox/i') or is_granted('ROLE_USER')" }
         - { path: .*, roles: IS_AUTHENTICATED_FULLY }

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@`
`25`	`25`	`use Symfony\Component\Security\Core\Exception\BadCredentialsException;`
`26`	`26`	`use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;`
`27`	`27`	`use Symfony\Component\Security\Http\Authenticator\AbstractAuthenticator;`
`28`		`-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;`
	`28`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;`
`29`	`29`	`use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;`
`30`	`30`	`use Symfony\Component\Security\Http\Firewall\ExceptionListener;`
`31`	`31`
`@@ -76,7 +76,7 @@ public function supports(Request $request): ?bool`
`76`	`76`	`return false;`
`77`	`77`	`}`
`78`	`78`
`79`		`- public function authenticate(Request $request): PassportInterface`
	`79`	`+ public function authenticate(Request $request): Passport`
`80`	`80`	`{`
`81`	`81`	`throw new BadCredentialsException();`
`82`	`82`	`}`
Original file line number	Diff line number	Diff line change
`@@ -38,6 +38,7 @@`
`38`	`38`	`use Symfony\Component\Security\Guard\AuthenticatorInterface as GuardAuthenticatorInterface;`
`39`	`39`	`use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;`
`40`	`40`	`use Symfony\Component\Security\Http\Authenticator\HttpBasicAuthenticator;`
	`41`	`+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;`
`41`	`42`	`use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;`
`42`	`43`
`43`	`44`	`class SecurityExtensionTest extends TestCase`
`@@ -841,7 +842,7 @@ public function supports(Request $request): ?bool`
`841`	`842`	`{`
`842`	`843`	`}`
`843`	`844`
`844`		`- public function authenticate(Request $request): PassportInterface`
	`845`	`+ public function authenticate(Request $request): Passport`
`845`	`846`	`{`
`846`	`847`	`}`
`847`	`848`
Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,6 @@`
`21`	`21`	`use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;`
`22`	`22`	`use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;`
`23`	`23`	`use Symfony\Component\Security\Http\Authenticator\Passport\Passport;`
`24`		`-use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;`
`25`	`24`	`use Symfony\Component\Security\Http\Util\TargetPathTrait;`
`26`	`25`
`27`	`26`	`class LoginFormAuthenticator extends AbstractLoginFormAuthenticator`
`@@ -36,7 +35,7 @@ public function __construct(UrlGeneratorInterface $urlGenerator)`
`36`	`35`	`$this->urlGenerator = $urlGenerator;`
`37`	`36`	`}`
`38`	`37`
`39`		`- public function authenticate(Request $request): PassportInterface`
	`38`	`+ public function authenticate(Request $request): Passport`
`40`	`39`	`{`
`41`	`40`	`$username = $request->request->get('_username', '');`
`42`	`41`
Original file line number	Diff line number	Diff line change
`@@ -177,60 +177,60 @@ public function getPassword(): ?string`
`177`	`177`	`/**`
`178`	`178`	`* {@inheritdoc}`
`179`	`179`	`*/`
`180`		`- public function getSalt()`
	`180`	`+ public function getSalt(): string`
`181`	`181`	`{`
`182`		`- return null;`
	`182`	`+ return '';`
`183`	`183`	`}`
`184`	`184`
`185`	`185`	`/**`
`186`	`186`	`* {@inheritdoc}`
`187`	`187`	`*/`
`188`		`- public function getUsername()`
	`188`	`+ public function getUsername(): string`
`189`	`189`	`{`
`190`	`190`	`return $this->username;`
`191`	`191`	`}`
`192`	`192`
`193`		`- public function getUserIdentifier()`
	`193`	`+ public function getUserIdentifier(): string`
`194`	`194`	`{`
`195`	`195`	`return $this->username;`
`196`	`196`	`}`
`197`	`197`
`198`	`198`	`/**`
`199`	`199`	`* {@inheritdoc}`
`200`	`200`	`*/`
`201`		`- public function isAccountNonExpired()`
	`201`	`+ public function isAccountNonExpired(): bool`
`202`	`202`	`{`
`203`	`203`	`return $this->accountNonExpired;`
`204`	`204`	`}`
`205`	`205`
`206`	`206`	`/**`
`207`	`207`	`* {@inheritdoc}`
`208`	`208`	`*/`
`209`		`- public function isAccountNonLocked()`
	`209`	`+ public function isAccountNonLocked(): bool`
`210`	`210`	`{`
`211`	`211`	`return $this->accountNonLocked;`
`212`	`212`	`}`
`213`	`213`
`214`	`214`	`/**`
`215`	`215`	`* {@inheritdoc}`
`216`	`216`	`*/`
`217`		`- public function isCredentialsNonExpired()`
	`217`	`+ public function isCredentialsNonExpired(): bool`
`218`	`218`	`{`
`219`	`219`	`return $this->credentialsNonExpired;`
`220`	`220`	`}`
`221`	`221`
`222`	`222`	`/**`
`223`	`223`	`* {@inheritdoc}`
`224`	`224`	`*/`
`225`		`- public function isEnabled()`
	`225`	`+ public function isEnabled(): bool`
`226`	`226`	`{`
`227`	`227`	`return $this->enabled;`
`228`	`228`	`}`
`229`	`229`
`230`	`230`	`/**`
`231`	`231`	`* {@inheritdoc}`
`232`	`232`	`*/`
`233`		`- public function eraseCredentials()`
	`233`	`+ public function eraseCredentials(): void`
`234`	`234`	`{`
`235`	`235`	`}`
`236`	`236`	`}`