Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[SecurityBundle] Fix valid provider considered undefined #24132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 9, 2017
Merged

[SecurityBundle] Fix valid provider considered undefined #24132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -331,10 +331,10 @@ private function createFirewall(ContainerBuilder $container, $id, $firewall, &$a

// Provider id (take the first registered provider if none defined)
if (isset($firewall['provider'])) {
$defaultProvider = $this->getUserProviderId($firewall['provider']);
if (!in_array($defaultProvider, $providerIds, true)) {
if (!isset($providerIds[$normalizedName = str_replace('-', '_', $firewall['provider'])])) {
throw new InvalidConfigurationException(sprintf('Invalid firewall "%s": user provider "%s" not found.', $id, $firewall['provider']));
}
$defaultProvider = $providerIds[$normalizedName];
} else {
$defaultProvider = reset($providerIds);
}
Expand Down Expand Up @@ -491,10 +491,10 @@ private function createAuthenticationListeners($container, $id, $firewall, &$aut

if (isset($firewall[$key])) {
if (isset($firewall[$key]['provider'])) {
if (!in_array($firewall[$key]['provider'], $providerIds, true)) {
if (!isset($providerIds[$normalizedName = str_replace('-', '_', $firewall[$key]['provider'])])) {
throw new InvalidConfigurationException(sprintf('Invalid firewall "%s": user provider "%s" not found.', $id, $firewall[$key]['provider']));
}
$userProvider = $this->getUserProviderId($firewall[$key]['provider']);
$userProvider = $providerIds[$normalizedName];
} else {
$userProvider = $defaultProvider;
}
Expand Down Expand Up @@ -596,7 +596,7 @@ private function createUserProviders($config, ContainerBuilder $container)
$providerIds = array();
foreach ($config['providers'] as $name => $provider) {
$id = $this->createUserDaoProvider($name, $provider, $container);
$providerIds[] = $id;
$providerIds[str_replace('-', '_', $name)] = $id;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

by now i think the conversion should happen in getUserProviderId actually 🤔 and simply make the check below $userProvider. That would be more robust.

$userProvider = $this->getUserProviderId($firewall[$key]['provider']);
if (!isset($providerIds[$userProvider])) {
   // throw
}

sorry :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure about BC :)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

point is we create a different id 2 lines above by passing $name as is to createUserDaoProvider.. that looks weird.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I get your point but yes, changing this is not fine regarding BC. Note also that when using a custom provider (specifying my_provider: { id: some_service }), createUserDaoProvider returns the some_service id, it doesn't rely on getUserProviderId. Let's avoid any behavior change here, not the right moment for that :)
I'm going to review this part of the extension in 2.7 once this merged, I believe there are some bugs. Right now, 3.4's security setup is broken, this covers all edge cases and makes it work again. I would like to quickly move on and polish afterwards if needed.
Btw, thanks for your review, it was useful actually.

}

return $providerIds;
Expand Down
12 changes: 12 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -405,6 +405,18 @@ public function testFirewallListenerUndefinedProvider()
$this->getContainer('listener_undefined_provider');
}

public function testFirewallWithUserProvider()
{
$this->getContainer('firewall_provider');
$this->addToAssertionCount(1);
}

public function testFirewallListenerWithProvider()
{
$this->getContainer('listener_provider');
$this->addToAssertionCount(1);
}

protected function getContainer($file)
{
$file = $file.'.'.$this->getFileExtension();
Expand Down
24 changes: 24 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/firewall_provider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
<?php

$container->loadFromExtension('security', array(
'providers' => array(
'default' => array(
'memory' => $memory = array(
'users' => array('foo' => array('password' => 'foo', 'roles' => 'ROLE_USER')),
),
),
'with-dash' => array(
'memory' => $memory,
),
),
'firewalls' => array(
'main' => array(
'provider' => 'default',
'form_login' => true,
),
'other' => array(
'provider' => 'with-dash',
'form_login' => true,
),
),
));
16 changes: 16 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/php/listener_provider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
<?php

$container->loadFromExtension('security', array(
'providers' => array(
'default' => array(
'memory' => array(
'users' => array('foo' => array('password' => 'foo', 'roles' => 'ROLE_USER')),
),
),
),
'firewalls' => array(
'main' => array(
'form_login' => array('provider' => 'default'),
),
),
));
20 changes: 20 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/firewall_provider.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>

<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://symfony.com/schema/dic/security"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<sec:config>
<sec:providers>
<sec:provider name="with-dash" id="foo" />
</sec:providers>

<sec:firewalls>
<sec:firewall name="main" provider="with-dash">
<sec:form_login />
</sec:firewall>
</sec:firewalls>
</sec:config>

</container>
20 changes: 20 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/xml/listener_provider.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>

<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sec="http://symfony.com/schema/dic/security"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd">

<sec:config>
<sec:providers>
<sec:provider name="default" id="foo" />
</sec:providers>

<sec:firewalls>
<sec:firewall name="main">
<sec:form_login provider="default" />
</sec:firewall>
</sec:firewalls>
</sec:config>

</container>
16 changes: 16 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/firewall_provider.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
security:
providers:
default:
memory:
users: { foo: { password: foo, roles: ROLE_USER } }
with-dash:
memory:
users: { foo: { password: foo, roles: ROLE_USER } }

firewalls:
main:
provider: default
form_login: true
other:
provider: with-dash
form_login: true
10 changes: 10 additions & 0 deletions ...ymfony/Bundle/SecurityBundle/Tests/DependencyInjection/Fixtures/yml/listener_provider.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
security:
providers:
default:
memory:
users: { foo: { password: foo, roles: ROLE_USER } }

firewalls:
main:
form_login:
provider: default