Symfony version(s) affected

7.2.4

Description

When login_check is requested and the request parameters have the wrong type (userIdentifier, hash, expires) it throws 500 exceptions because the acceptSignatureHash method expects the parameters to be of certain types ($userIdentifier a string, $expires an int and $hash a string).

How to reproduce

Implement LoginLink and then request login via link:
https://example.com/login/link_check?expires=%E2%80%AA1747385844%E2%80%AC&hash=somehash&user=%E2%80%AA123456789%E2%80%AC

Here the expires parameter is flanked by zero-width spaces. This leads to a 500 error because expires is expected to be an int but here it is a string. I'm not exactly sure why the zero-width spaces are added (maybe some email clients do that?), but in any case, I think this should not lead to a 500 error.

Possible Solution

Be more strict in the LoginLinkHandler. In addition to checking if the required parameters exist (which is already done after this PR #48292), the type should also be checked.

Additional Context

Symfony\Component\Security\Core\Signature\SignatureHasher::acceptSignatureHash(): Argument #2 ($expires) must be of type int, string given, called in /srv/portal/vendor/symfony/security-http/LoginLink/LoginLinkHandler.php on line 98