Fix bad method call with guard authentication + session migration #27581
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The original setter was put onto the wrong class. The handler is a bit more difficult, as there is one handler only. So, we need to pass in a statelessFirewalls array so we know whether or not to migrate the session
7d943c1 to
cd73af2
Compare
chalasr
requested changes
Jun 11, 2018
| } | ||
|
|
||
| /** | ||
| * Authenticates the given token in the system. | ||
| */ | ||
| public function authenticateWithToken(TokenInterface $token, Request $request) | ||
| public function authenticateWithToken(TokenInterface $token, Request $request, $providerKey = null) |
There was a problem hiding this comment.
even optional, this would break a child (signature mismatch). func_get_arg() should be used here :)
|
Thanks @chalasr! Made the change |
chalasr
approved these changes
Jun 12, 2018
nicolas-grekas
approved these changes
Jun 12, 2018
| public function __construct(TokenStorageInterface $tokenStorage, EventDispatcherInterface $eventDispatcher = null) | ||
| /** | ||
| * @param TokenStorageInterface $tokenStorage | ||
| * @param EventDispatcherInterface|null $eventDispatcher |
There was a problem hiding this comment.
We're ok with partial docblocks, so these 2 above lines can be removed.
| } | ||
|
|
||
| /** | ||
| * Authenticates the given token in the system. | ||
| */ | ||
| public function authenticateWithToken(TokenInterface $token, Request $request) | ||
| { | ||
| $this->migrateSession($request, $token); | ||
| $providerKey = func_num_args() > 2 ? func_get_arg(2) : null; |
There was a problem hiding this comment.
\func_num_args()
The new argument should be added on the signature between /**/, and on the docblock.
| { | ||
| if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) { | ||
| if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession() || in_array($providerKey, $this->statelessProviderKeys)) { |
|
Let's try this :) - not 100% sure I got that format for the documented new arg right 😇 |
| */ | ||
| public function authenticateWithToken(TokenInterface $token, Request $request) | ||
| public function authenticateWithToken(TokenInterface $token, Request $request /* $providerKey */) |
There was a problem hiding this comment.
(TokenInterface $token, Request $request/*, string $providerKey */)
nicolas-grekas
approved these changes
Jun 12, 2018
|
Thank you @weaverryan. |
chalasr
pushed a commit
that referenced
this pull request
Jun 12, 2018
…gration (weaverryan) This PR was squashed before being merged into the 2.8 branch (closes #27581). Discussion ---------- Fix bad method call with guard authentication + session migration | Q | A | ------------- | --- | Branch? | 2.8 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no (but there needs to be on master) | Tests pass? | yes | Fixed tickets | #27577 | License | MIT | Doc PR | n/a I messed up #27452 :/. Guard is the one class where the session migration is not on the listener, it's on the handler. The tricky part is that there is only ONE handler (unlike listeners where there is 1 listener per firewall). That means that implementing a session migration strategy that avoids stateless firewalls was a bit more tricky: I could only think to inject a map into `GuardAuthenticationHandler`. On the bright side, this also fixes session migration (not happening) when people call the `authenticateUserAndHandleSuccess()` method directly. On master, we'll need to add a deprecation to make the 3rd argument of `authenticateWithToken()` required - it's optional now for BC. We may also need to re-order the constructor args. I DID test this in a real 2.8 project, to make sure that things were properly wired up. Apologies for not doing that for the other PR. Cheers! Commits ------- 2c0ac93 Fix bad method call with guard authentication + session migration
This was referenced Jun 25, 2018
Merged
Merged
Merged
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I messed up #27452 :/. Guard is the one class where the session migration is not on the listener, it's on the handler. The tricky part is that there is only ONE handler (unlike listeners where there is 1 listener per firewall). That means that implementing a session migration strategy that avoids stateless firewalls was a bit more tricky: I could only think to inject a map into
GuardAuthenticationHandler. On the bright side, this also fixes session migration (not happening) when people call theauthenticateUserAndHandleSuccess()method directly.On master, we'll need to add a deprecation to make the 3rd argument of
authenticateWithToken()required - it's optional now for BC. We may also need to re-order the constructor args.I DID test this in a real 2.8 project, to make sure that things were properly wired up. Apologies for not doing that for the other PR.
Cheers!