Merge branch '3.4' into 4.4

nicolas-grekas · nicolas-grekas · commit dfe8c816a69a · 2020-05-28T10:15:49.000+02:00
* 3.4:
  Handle fetch mode deprecation of DBAL 2.11.
  Fixed handling of CSRF logout error
diff --git a/src/Symfony/Bridge/Doctrine/Security/RememberMe/DoctrineTokenProvider.php b/src/Symfony/Bridge/Doctrine/Security/RememberMe/DoctrineTokenProvider.php
@@ -63,7 +63,7 @@ public function loadTokenBySeries($series)
         $paramValues = ['series' => $series];
         $paramTypes = ['series' => \PDO::PARAM_STR];
         $stmt = $this->conn->executeQuery($sql, $paramValues, $paramTypes);
-        $row = $stmt->fetch(\PDO::FETCH_ASSOC);
+        $row = method_exists($stmt, 'fetchAssociative') ? $stmt->fetchAssociative() : $stmt->fetch(\PDO::FETCH_ASSOC);
 
         if ($row) {
             return new PersistentToken($row['class'], $row['username'], $series, $row['value'], new \DateTime($row['last_used']));
diff --git a/src/Symfony/Bridge/Doctrine/Tests/Security/RememberMe/DoctrineTokenProviderTest.php b/src/Symfony/Bridge/Doctrine/Tests/Security/RememberMe/DoctrineTokenProviderTest.php
@@ -0,0 +1,88 @@
+<?php
+
+namespace Security\RememberMe;
+
+use Doctrine\DBAL\DriverManager;
+use PHPUnit\Framework\TestCase;
+use Symfony\Bridge\Doctrine\Security\RememberMe\DoctrineTokenProvider;
+use Symfony\Component\Security\Core\Authentication\RememberMe\PersistentToken;
+use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
+
+/**
+ * @requires extension pdo_sqlite
+ */
+class DoctrineTokenProviderTest extends TestCase
+{
+    public static function setUpBeforeClass()
+    {
+        if (\PHP_VERSION_ID >= 80000) {
+            self::markTestSkipped('Doctrine DBAL 2.x is incompatible with PHP 8.');
+        }
+    }
+
+    public function testCreateNewToken()
+    {
+        $provider = $this->bootstrapProvider();
+
+        $token = new PersistentToken('someClass', 'someUser', 'someSeries', 'tokenValue', new \DateTime('2013-01-26T18:23:51'));
+        $provider->createNewToken($token);
+
+        $this->assertEquals($provider->loadTokenBySeries('someSeries'), $token);
+    }
+
+    public function testLoadTokenBySeriesThrowsNotFoundException()
+    {
+        $provider = $this->bootstrapProvider();
+
+        $this->expectException(TokenNotFoundException::class);
+        $provider->loadTokenBySeries('someSeries');
+    }
+
+    public function testUpdateToken()
+    {
+        $provider = $this->bootstrapProvider();
+
+        $token = new PersistentToken('someClass', 'someUser', 'someSeries', 'tokenValue', new \DateTime('2013-01-26T18:23:51'));
+        $provider->createNewToken($token);
+        $provider->updateToken('someSeries', 'newValue', $lastUsed = new \DateTime('2014-06-26T22:03:46'));
+        $token = $provider->loadTokenBySeries('someSeries');
+
+        $this->assertEquals('newValue', $token->getTokenValue());
+        $this->assertEquals($token->getLastUsed(), $lastUsed);
+    }
+
+    public function testDeleteToken()
+    {
+        $provider = $this->bootstrapProvider();
+        $token = new PersistentToken('someClass', 'someUser', 'someSeries', 'tokenValue', new \DateTime('2013-01-26T18:23:51'));
+        $provider->createNewToken($token);
+        $provider->deleteTokenBySeries('someSeries');
+
+        $this->expectException(TokenNotFoundException::class);
+
+        $provider->loadTokenBySeries('someSeries');
+    }
+
+    /**
+     * @return DoctrineTokenProvider
+     */
+    private function bootstrapProvider()
+    {
+        $connection = DriverManager::getConnection([
+            'driver' => 'pdo_sqlite',
+            'url' => 'sqlite:///:memory:',
+        ]);
+        $connection->executeUpdate(<<< 'SQL'
+            CREATE TABLE rememberme_token (
+                series   char(88)     UNIQUE PRIMARY KEY NOT NULL,
+                value    char(88)     NOT NULL,
+                lastUsed datetime     NOT NULL,
+                class    varchar(100) NOT NULL,
+                username varchar(200) NOT NULL
+            );
+SQL
+        );
+
+        return new DoctrineTokenProvider($connection);
+    }
+}
diff --git a/src/Symfony/Component/Cache/Tests/Traits/PdoPruneableTrait.php b/src/Symfony/Component/Cache/Tests/Traits/PdoPruneableTrait.php
@@ -24,11 +24,11 @@ protected function isPruned($cache, string $name): bool
         $getPdoConn = $o->getMethod('getConnection');
         $getPdoConn->setAccessible(true);
 
-        /** @var \Doctrine\DBAL\Statement $select */
+        /** @var \Doctrine\DBAL\Statement|\PDOStatement $select */
         $select = $getPdoConn->invoke($cache)->prepare('SELECT 1 FROM cache_items WHERE item_id LIKE :id');
         $select->bindValue(':id', sprintf('%%%s', $name));
         $select->execute();
 
-        return 0 === \count($select->fetchAll(\PDO::FETCH_COLUMN));
+        return 1 !== (int) (method_exists($select, 'fetchOne') ? $select->fetchOne() : $select->fetch(\PDO::FETCH_COLUMN));
     }
 }
diff --git a/src/Symfony/Component/Cache/Traits/PdoTrait.php b/src/Symfony/Component/Cache/Traits/PdoTrait.php
@@ -194,7 +194,13 @@ protected function doFetch(array $ids)
         }
         $stmt->execute();
 
-        while ($row = $stmt->fetch(\PDO::FETCH_NUM)) {
+        if (method_exists($stmt, 'iterateNumeric')) {
+            $stmt = $stmt->iterateNumeric();
+        } else {
+            $stmt->setFetchMode(\PDO::FETCH_NUM);
+        }
+
+        foreach ($stmt as $row) {
             if (null === $row[1]) {
                 $expired[] = $row[0];
             } else {
diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@@ -111,7 +111,7 @@ public function onKernelException(GetResponseForExceptionEvent $event)
             }
 
             if ($exception instanceof LogoutException) {
-                $this->handleLogoutException($exception);
+                $this->handleLogoutException($event, $exception);
 
                 return;
             }
@@ -181,10 +181,12 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event
         }
     }
 
-    private function handleLogoutException(LogoutException $exception): void
+    private function handleLogoutException(GetResponseForExceptionEvent $event, LogoutException $exception): void
     {
+        $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));
+
         if (null !== $this->logger) {
-            $this->logger->info('A LogoutException was thrown.', ['exception' => $exception]);
+            $this->logger->info('A LogoutException was thrown; wrapping with AccessDeniedHttpException', ['exception' => $exception]);
         }
     }
 
diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php
@@ -21,6 +21,7 @@
 use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
 use Symfony\Component\Security\Core\Exception\AccessDeniedException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Core\Exception\LogoutException;
 use Symfony\Component\Security\Http\Authorization\AccessDeniedHandlerInterface;
 use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
 use Symfony\Component\Security\Http\Firewall\ExceptionListener;
@@ -157,6 +158,17 @@ public function testAccessDeniedExceptionNotFullFledged(\Exception $exception, \
         $this->assertSame(null === $eventException ? $exception : $eventException, $event->getThrowable()->getPrevious());
     }
 
+    public function testLogoutException()
+    {
+        $event = $this->createEvent(new LogoutException('Invalid CSRF.'));
+
+        $listener = $this->createExceptionListener();
+        $listener->onKernelException($event);
+
+        $this->assertEquals('Invalid CSRF.', $event->getException()->getMessage());
+        $this->assertEquals(403, $event->getException()->getStatusCode());
+    }
+
     public function getAccessDeniedExceptionProvider()
     {
         return [

Original file line number	Diff line number	Diff line change
`@@ -24,11 +24,11 @@ protected function isPruned($cache, string $name): bool`
`24`	`24`	`$getPdoConn = $o->getMethod('getConnection');`
`25`	`25`	`$getPdoConn->setAccessible(true);`
`26`	`26`
`27`		`- /** @var \Doctrine\DBAL\Statement $select */`
	`27`	`+ /** @var \Doctrine\DBAL\Statement\|\PDOStatement $select */`
`28`	`28`	`$select = $getPdoConn->invoke($cache)->prepare('SELECT 1 FROM cache_items WHERE item_id LIKE :id');`
`29`	`29`	`$select->bindValue(':id', sprintf('%%%s', $name));`
`30`	`30`	`$select->execute();`
`31`	`31`
`32`		`- return 0 === \count($select->fetchAll(\PDO::FETCH_COLUMN));`
	`32`	`+ return 1 !== (int) (method_exists($select, 'fetchOne') ? $select->fetchOne() : $select->fetch(\PDO::FETCH_COLUMN));`
`33`	`33`	`}`
`34`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -111,7 +111,7 @@ public function onKernelException(GetResponseForExceptionEvent $event)`
`111`	`111`	`}`
`112`	`112`
`113`	`113`	`if ($exception instanceof LogoutException) {`
`114`		`- $this->handleLogoutException($exception);`
	`114`	`+ $this->handleLogoutException($event, $exception);`
`115`	`115`
`116`	`116`	`return;`
`117`	`117`	`}`
`@@ -181,10 +181,12 @@ private function handleAccessDeniedException(GetResponseForExceptionEvent $event`
`181`	`181`	`}`
`182`	`182`	`}`
`183`	`183`
`184`		`- private function handleLogoutException(LogoutException $exception): void`
	`184`	`+ private function handleLogoutException(GetResponseForExceptionEvent $event, LogoutException $exception): void`
`185`	`185`	`{`
	`186`	`+ $event->setException(new AccessDeniedHttpException($exception->getMessage(), $exception));`
	`187`	`+`
`186`	`188`	`if (null !== $this->logger) {`
`187`		`- $this->logger->info('A LogoutException was thrown.', ['exception' => $exception]);`
	`189`	`+ $this->logger->info('A LogoutException was thrown; wrapping with AccessDeniedHttpException', ['exception' => $exception]);`
`188`	`190`	`}`
`189`	`191`	`}`
`190`	`192`