TomaHost/Chamilo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade 1-11.38

Browse Source
This commit is contained in:
xesmyd
2026-03-30 14:10:30 +02:00
parent f2a7e6d1fc
commit ac648ef29d
24665 changed files with 69682 additions and 2205004 deletions
Download Patch File Download Diff File Expand all files Collapse all files
vendor/symfony/security/Core/Authentication/AuthenticationProviderManager.php
Vendored
+13 -17
View File
@@ -11,15 +11,15 @@
namespace Symfony\Component\Security\Core\Authentication;
use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
use Symfony\Component\Security\Core\Event\AuthenticationEvent;
use Symfony\Component\Security\Core\AuthenticationEvents;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\AuthenticationEvents;
use Symfony\Component\Security\Core\Event\AuthenticationEvent;
use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
use Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* AuthenticationProviderManager uses a list of AuthenticationProviderInterface
@@ -35,25 +35,17 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
private $eventDispatcher;
/**
* Constructor.
*
* @param AuthenticationProviderInterface[] $providers An array of AuthenticationProviderInterface instances
* @param bool $eraseCredentials Whether to erase credentials after authentication or not
* @param iterable|AuthenticationProviderInterface[] $providers An iterable with AuthenticationProviderInterface instances as values
* @param bool $eraseCredentials Whether to erase credentials after authentication or not
*
* @throws \InvalidArgumentException
*/
public function __construct(array $providers, $eraseCredentials = true)
public function __construct($providers, $eraseCredentials = true)
{
if (!$providers) {
throw new \InvalidArgumentException('You must at least add one authentication provider.');
}
foreach ($providers as $provider) {
if (!$provider instanceof AuthenticationProviderInterface) {
throw new \InvalidArgumentException(sprintf('Provider "%s" must implement the AuthenticationProviderInterface.', get_class($provider)));
}
}
$this->providers = $providers;
$this->eraseCredentials = (bool) $eraseCredentials;
}
@@ -72,6 +64,10 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
$result = null;
foreach ($this->providers as $provider) {
if (!$provider instanceof AuthenticationProviderInterface) {
throw new \InvalidArgumentException(sprintf('Provider "%s" must implement the AuthenticationProviderInterface.', \get_class($provider)));
}
if (!$provider->supports($token)) {
continue;
}
@@ -104,7 +100,7 @@ class AuthenticationProviderManager implements AuthenticationManagerInterface
}
if (null === $lastException) {
$lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', get_class($token)));
$lastException = new ProviderNotFoundException(sprintf('No Authentication Provider found for token of class "%s".', \get_class($token)));
}
if (null !== $this->eventDispatcher) {
vendor/symfony/security/Core/Authentication/AuthenticationTrustResolver.php
Vendored
-2
View File
@@ -24,8 +24,6 @@ class AuthenticationTrustResolver implements AuthenticationTrustResolverInterfac
private $rememberMeClass;
/**
* Constructor.
*
* @param string $anonymousClass
* @param string $rememberMeClass
*/
vendor/symfony/security/Core/Authentication/AuthenticationTrustResolverInterface.php
Vendored
-6
View File
@@ -26,8 +26,6 @@ interface AuthenticationTrustResolverInterface
*
* If null is passed, the method must return false.
*
* @param TokenInterface $token
*
* @return bool
*/
public function isAnonymous(TokenInterface $token = null);
@@ -36,8 +34,6 @@ interface AuthenticationTrustResolverInterface
* Resolves whether the passed token implementation is authenticated
* using remember-me capabilities.
*
* @param TokenInterface $token
*
* @return bool
*/
public function isRememberMe(TokenInterface $token = null);
@@ -45,8 +41,6 @@ interface AuthenticationTrustResolverInterface
/**
* Resolves whether the passed token implementation is fully authenticated.
*
* @param TokenInterface $token
*
* @return bool
*/
public function isFullFledged(TokenInterface $token = null);
vendor/symfony/security/Core/Authentication/Provider/AnonymousAuthenticationProvider.php
Vendored
+4 -5
View File
@@ -11,9 +11,10 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
/**
* AnonymousAuthenticationProvider validates AnonymousToken instances.
@@ -31,8 +32,6 @@ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface
private $secret;
/**
* Constructor.
*
* @param string $secret The secret shared with the AnonymousToken
*/
public function __construct($secret)
@@ -46,7 +45,7 @@ class AnonymousAuthenticationProvider implements AuthenticationProviderInterface
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if ($this->secret !== $token->getSecret()) {
vendor/symfony/security/Core/Authentication/Provider/AuthenticationProviderInterface.php
Vendored
+1 -3
View File
@@ -11,8 +11,8 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
/**
* AuthenticationProviderInterface is the interface for all authentication
@@ -34,8 +34,6 @@ interface AuthenticationProviderInterface extends AuthenticationManagerInterface
/**
* Checks whether this provider supports the given token.
*
* @param TokenInterface $token A TokenInterface instance
*
* @return bool true if the implementation supports the Token, false otherwise
*/
public function supports(TokenInterface $token);
vendor/symfony/security/Core/Authentication/Provider/DaoAuthenticationProvider.php
Vendored
+6 -8
View File
@@ -11,14 +11,14 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
/**
* DaoAuthenticationProvider uses a UserProviderInterface to retrieve the user
@@ -32,8 +32,6 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
private $userProvider;
/**
* Constructor.
*
* @param UserProviderInterface $userProvider An UserProviderInterface instance
* @param UserCheckerInterface $userChecker An UserCheckerInterface instance
* @param string $providerKey The provider key
@@ -63,7 +61,7 @@ class DaoAuthenticationProvider extends UserAuthenticationProvider
throw new BadCredentialsException('The presented password cannot be empty.');
}
if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
if (null === $user->getPassword() || !$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
throw new BadCredentialsException('The presented password is invalid.');
}
}
vendor/symfony/security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php
Vendored
+28 -8
View File
@@ -11,14 +11,14 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Ldap\Exception\ConnectionException;
use Symfony\Component\Ldap\LdapInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Ldap\LdapInterface;
use Symfony\Component\Ldap\Exception\ConnectionException;
/**
* LdapBindAuthenticationProvider authenticates a user against an LDAP server.
@@ -33,10 +33,9 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider
private $userProvider;
private $ldap;
private $dnString;
private $queryString;
/**
* Constructor.
*
* @param UserProviderInterface $userProvider A UserProvider
* @param UserCheckerInterface $userChecker A UserChecker
* @param string $providerKey The provider key
@@ -53,13 +52,23 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider
$this->dnString = $dnString;
}
/**
* Set a query string to use in order to find a DN for the username.
*
* @param string $queryString
*/
public function setQueryString($queryString)
{
$this->queryString = $queryString;
}
/**
* {@inheritdoc}
*/
protected function retrieveUser($username, UsernamePasswordToken $token)
{
if (AuthenticationProviderInterface::USERNAME_NONE_PROVIDED === $username) {
throw new UsernameNotFoundException('Username can not be null');
throw new UsernameNotFoundException('Username can not be null.');
}
return $this->userProvider->loadUserByUsername($username);
@@ -73,13 +82,24 @@ class LdapBindAuthenticationProvider extends UserAuthenticationProvider
$username = $token->getUsername();
$password = $token->getCredentials();
if ('' === $password) {
if ('' === (string) $password) {
throw new BadCredentialsException('The presented password must not be empty.');
}
try {
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_DN);
$dn = str_replace('{username}', $username, $this->dnString);
if ($this->queryString) {
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_FILTER);
$query = str_replace('{username}', $username, $this->queryString);
$result = $this->ldap->query($this->dnString, $query)->execute();
if (1 !== $result->count()) {
throw new BadCredentialsException('The presented username is invalid.');
}
$dn = $result[0]->getDn();
} else {
$username = $this->ldap->escape($username, '', LdapInterface::ESCAPE_DN);
$dn = str_replace('{username}', $username, $this->dnString);
}
$this->ldap->bind($dn, $password);
} catch (ConnectionException $e) {
vendor/symfony/security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
Vendored
+5 -11
View File
@@ -11,11 +11,12 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Authentication\Token\PreAuthenticatedToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
/**
* Processes a pre-authenticated authentication request.
@@ -33,13 +34,6 @@ class PreAuthenticatedAuthenticationProvider implements AuthenticationProviderIn
private $userChecker;
private $providerKey;
/**
* Constructor.
*
* @param UserProviderInterface $userProvider An UserProviderInterface instance
* @param UserCheckerInterface $userChecker An UserCheckerInterface instance
* @param string $providerKey The provider key
*/
public function __construct(UserProviderInterface $userProvider, UserCheckerInterface $userChecker, $providerKey)
{
$this->userProvider = $userProvider;
@@ -53,7 +47,7 @@ class PreAuthenticatedAuthenticationProvider implements AuthenticationProviderIn
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if (!$user = $token->getUser()) {
vendor/symfony/security/Core/Authentication/Provider/RememberMeAuthenticationProvider.php
Vendored
+12 -5
View File
@@ -11,10 +11,13 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\LogicException;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
class RememberMeAuthenticationProvider implements AuthenticationProviderInterface
{
@@ -23,8 +26,6 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
private $providerKey;
/**
* Constructor.
*
* @param UserCheckerInterface $userChecker An UserCheckerInterface interface
* @param string $secret A secret
* @param string $providerKey A provider secret
@@ -42,7 +43,7 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
if ($this->secret !== $token->getSecret()) {
@@ -50,7 +51,13 @@ class RememberMeAuthenticationProvider implements AuthenticationProviderInterfac
}
$user = $token->getUser();
if (!$token->getUser() instanceof UserInterface) {
throw new LogicException(sprintf('Method "%s::getUser()" must return a "%s" instance, "%s" returned.', \get_class($token), UserInterface::class, \is_object($user) ? \get_class($user) : \gettype($user)));
}
$this->userChecker->checkPreAuth($user);
$this->userChecker->checkPostAuth($user);
$authenticatedToken = new RememberMeToken($user, $this->providerKey, $this->secret);
$authenticatedToken->setAttributes($token->getAttributes());
vendor/symfony/security/Core/Authentication/Provider/SimpleAuthenticationProvider.php
Vendored
+19 -5
View File
@@ -11,10 +11,13 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\User\UserChecker;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
/**
* @author Jordi Boggiano <j.boggiano@seld.be>
@@ -24,23 +27,34 @@ class SimpleAuthenticationProvider implements AuthenticationProviderInterface
private $simpleAuthenticator;
private $userProvider;
private $providerKey;
private $userChecker;
public function __construct(SimpleAuthenticatorInterface $simpleAuthenticator, UserProviderInterface $userProvider, $providerKey)
public function __construct(SimpleAuthenticatorInterface $simpleAuthenticator, UserProviderInterface $userProvider, $providerKey, UserCheckerInterface $userChecker = null)
{
$this->simpleAuthenticator = $simpleAuthenticator;
$this->userProvider = $userProvider;
$this->providerKey = $providerKey;
$this->userChecker = $userChecker ?: new UserChecker();
}
public function authenticate(TokenInterface $token)
{
$authToken = $this->simpleAuthenticator->authenticateToken($token, $this->userProvider, $this->providerKey);
if ($authToken instanceof TokenInterface) {
if (!$authToken instanceof TokenInterface) {
throw new AuthenticationException('Simple authenticator failed to return an authenticated token.');
}
$user = $authToken->getUser();
if (!$user instanceof UserInterface) {
return $authToken;
}
throw new AuthenticationException('Simple authenticator failed to return an authenticated token.');
$this->userChecker->checkPreAuth($user);
$this->userChecker->checkPostAuth($user);
return $authToken;
}
public function supports(TokenInterface $token)
vendor/symfony/security/Core/Authentication/Provider/UserAuthenticationProvider.php
Vendored
+11 -18
View File
@@ -11,15 +11,16 @@
namespace Symfony\Component\Security\Core\Authentication\Provider;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use Symfony\Component\Security\Core\Exception\AccountStatusException;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Exception\AuthenticationServiceException;
use Symfony\Component\Security\Core\Exception\BadCredentialsException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Role\SwitchUserRole;
use Symfony\Component\Security\Core\User\UserCheckerInterface;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* UserProviderInterface retrieves users for UsernamePasswordToken tokens.
@@ -33,8 +34,6 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
private $providerKey;
/**
* Constructor.
*
* @param UserCheckerInterface $userChecker An UserCheckerInterface interface
* @param string $providerKey A provider key
* @param bool $hideUserNotFoundExceptions Whether to hide user not found exception or not
@@ -58,7 +57,7 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
public function authenticate(TokenInterface $token)
{
if (!$this->supports($token)) {
return;
throw new AuthenticationException('The token is not supported by this authentication provider.');
}
$username = $token->getUsername();
@@ -85,8 +84,8 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
$this->userChecker->checkPreAuth($user);
$this->checkAuthentication($user, $token);
$this->userChecker->checkPostAuth($user);
} catch (BadCredentialsException $e) {
if ($this->hideUserNotFoundExceptions) {
} catch (AuthenticationException $e) {
if ($this->hideUserNotFoundExceptions && ($e instanceof AccountStatusException || $e instanceof BadCredentialsException)) {
throw new BadCredentialsException('Bad credentials.', 0, $e);
}
@@ -110,9 +109,6 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
/**
* Retrieves roles from user and appends SwitchUserRole if original token contained one.
*
* @param UserInterface $user The user
* @param TokenInterface $token The token
*
* @return array The user roles
*/
private function getRoles(UserInterface $user, TokenInterface $token)
@@ -146,9 +142,6 @@ abstract class UserAuthenticationProvider implements AuthenticationProviderInter
* Does additional checks on the user and token (like validating the
* credentials).
*
* @param UserInterface $user The retrieved UserInterface instance
* @param UsernamePasswordToken $token The UsernamePasswordToken token to be authenticated
*
* @throws AuthenticationException if the credentials could not be validated
*/
abstract protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token);
vendor/symfony/security/Core/Authentication/RememberMe/InMemoryTokenProvider.php
Vendored
+1 -1
View File
@@ -20,7 +20,7 @@ use Symfony\Component\Security\Core\Exception\TokenNotFoundException;
*/
class InMemoryTokenProvider implements TokenProviderInterface
{
private $tokens = array();
private $tokens = [];
/**
* {@inheritdoc}
vendor/symfony/security/Core/Authentication/RememberMe/PersistentToken.php
Vendored
+4 -7
View File
@@ -25,13 +25,10 @@ final class PersistentToken implements PersistentTokenInterface
private $lastUsed;
/**
* Constructor.
*
* @param string $class
* @param string $username
* @param string $series
* @param string $tokenValue
* @param \DateTime $lastUsed
* @param string $class
* @param string $username
* @param string $series
* @param string $tokenValue
*
* @throws \InvalidArgumentException
*/
vendor/symfony/security/Core/Authentication/RememberMe/TokenProviderInterface.php
Vendored
+2 -5
View File
@@ -41,9 +41,8 @@ interface TokenProviderInterface
/**
* Updates the token according to this data.
*
* @param string $series
* @param string $tokenValue
* @param \DateTime $lastUsed
* @param string $series
* @param string $tokenValue
*
* @throws TokenNotFoundException if the token is not found
*/
@@ -51,8 +50,6 @@ interface TokenProviderInterface
/**
* Creates a new token.
*
* @param PersistentTokenInterface $token
*/
public function createNewToken(PersistentTokenInterface $token);
}
vendor/symfony/security/Core/Authentication/Token/AbstractToken.php
Vendored
+31 -32
View File
@@ -11,11 +11,11 @@
namespace Symfony\Component\Security\Core\Authentication\Token;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Symfony\Component\Security\Core\User\EquatableInterface;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Base class for Token instances.
@@ -26,24 +26,22 @@ use Symfony\Component\Security\Core\User\EquatableInterface;
abstract class AbstractToken implements TokenInterface
{
private $user;
private $roles = array();
private $roles = [];
private $authenticated = false;
private $attributes = array();
private $attributes = [];
/**
* Constructor.
*
* @param (RoleInterface|string)[] $roles An array of roles
* @param (Role|string)[] $roles An array of roles
*
* @throws \InvalidArgumentException
*/
public function __construct(array $roles = array())
public function __construct(array $roles = [])
{
foreach ($roles as $role) {
if (is_string($role)) {
if (\is_string($role)) {
$role = new Role($role);
} elseif (!$role instanceof RoleInterface) {
throw new \InvalidArgumentException(sprintf('$roles must be an array of strings, or RoleInterface instances, but got %s.', gettype($role)));
throw new \InvalidArgumentException(sprintf('$roles must be an array of strings or Role instances, but got "%s".', \gettype($role)));
}
$this->roles[] = $role;
@@ -79,18 +77,11 @@ abstract class AbstractToken implements TokenInterface
}
/**
* Sets the user in the token.
*
* The user can be a UserInterface instance, or an object implementing
* a __toString method or the username as a regular string.
*
* @param string|object $user The user
*
* @throws \InvalidArgumentException
* {@inheritdoc}
*/
public function setUser($user)
{
if (!($user instanceof UserInterface || (is_object($user) && method_exists($user, '__toString')) || is_string($user))) {
if (!($user instanceof UserInterface || (\is_object($user) && method_exists($user, '__toString')) || \is_string($user))) {
throw new \InvalidArgumentException('$user must be an instanceof UserInterface, an object implementing a __toString method, or a primitive string.');
}
@@ -146,14 +137,9 @@ abstract class AbstractToken implements TokenInterface
*/
public function serialize()
{
return serialize(
array(
is_object($this->user) ? clone $this->user : $this->user,
$this->authenticated,
array_map(function ($role) { return clone $role; }, $this->roles),
$this->attributes,
)
);
$serialized = [$this->user, $this->authenticated, $this->roles, $this->attributes];
return $this->doSerialize($serialized, \func_num_args() ? func_get_arg(0) : null);
}
/**
@@ -161,7 +147,7 @@ abstract class AbstractToken implements TokenInterface
*/
public function unserialize($serialized)
{
list($this->user, $this->authenticated, $this->roles, $this->attributes) = unserialize($serialized);
list($this->user, $this->authenticated, $this->roles, $this->attributes) = \is_array($serialized) ? $serialized : unserialize($serialized);
}
/**
@@ -193,7 +179,7 @@ abstract class AbstractToken implements TokenInterface
*/
public function hasAttribute($name)
{
return array_key_exists($name, $this->attributes);
return \array_key_exists($name, $this->attributes);
}
/**
@@ -207,7 +193,7 @@ abstract class AbstractToken implements TokenInterface
*/
public function getAttribute($name)
{
if (!array_key_exists($name, $this->attributes)) {
if (!\array_key_exists($name, $this->attributes)) {
throw new \InvalidArgumentException(sprintf('This token has no "%s" attribute.', $name));
}
@@ -230,10 +216,10 @@ abstract class AbstractToken implements TokenInterface
*/
public function __toString()
{
$class = get_class($this);
$class = static::class;
$class = substr($class, strrpos($class, '\\') + 1);
$roles = array();
$roles = [];
foreach ($this->roles as $role) {
$roles[] = $role->getRole();
}
@@ -241,6 +227,19 @@ abstract class AbstractToken implements TokenInterface
return sprintf('%s(user="%s", authenticated=%s, roles="%s")', $class, $this->getUsername(), json_encode($this->authenticated), implode(', ', $roles));
}
/**
* @internal
*/
protected function doSerialize($serialized, $isCalledFromOverridingMethod)
{
if (null === $isCalledFromOverridingMethod) {
$trace = debug_backtrace(\DEBUG_BACKTRACE_PROVIDE_OBJECT, 3);
$isCalledFromOverridingMethod = isset($trace[2]['function'], $trace[2]['object']) && 'serialize' === $trace[2]['function'] && $this === $trace[2]['object'];
}
return $isCalledFromOverridingMethod ? $serialized : serialize($serialized);
}
private function hasUserChanged(UserInterface $user)
{
if (!($this->user instanceof UserInterface)) {
vendor/symfony/security/Core/Authentication/Token/AnonymousToken.php
Vendored
+10 -9
View File
@@ -11,7 +11,8 @@
namespace Symfony\Component\Security\Core\Authentication\Token;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* AnonymousToken represents an anonymous token.
@@ -23,13 +24,11 @@ class AnonymousToken extends AbstractToken
private $secret;
/**
* Constructor.
*
* @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
* @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string
* @param RoleInterface[] $roles An array of roles
* @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
* @param string|\Stringable|UserInterface $user
* @param (Role|string)[] $roles
*/
public function __construct($secret, $user, array $roles = array())
public function __construct($secret, $user, array $roles = [])
{
parent::__construct($roles);
@@ -61,7 +60,9 @@ class AnonymousToken extends AbstractToken
*/
public function serialize()
{
return serialize(array($this->secret, parent::serialize()));
$serialized = [$this->secret, parent::serialize(true)];
return $this->doSerialize($serialized, \func_num_args() ? func_get_arg(0) : null);
}
/**
@@ -69,7 +70,7 @@ class AnonymousToken extends AbstractToken
*/
public function unserialize($serialized)
{
list($this->secret, $parentStr) = unserialize($serialized);
list($this->secret, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
}
}
vendor/symfony/security/Core/Authentication/Token/PreAuthenticatedToken.php
Vendored
+11 -10
View File
@@ -11,7 +11,8 @@
namespace Symfony\Component\Security\Core\Authentication\Token;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* PreAuthenticatedToken implements a pre-authenticated token.
@@ -24,14 +25,12 @@ class PreAuthenticatedToken extends AbstractToken
private $providerKey;
/**
* Constructor.
*
* @param string|object $user The user can be a UserInterface instance, or an object implementing a __toString method or the username as a regular string
* @param mixed $credentials The user credentials
* @param string $providerKey The provider key
* @param (RoleInterface|string)[] $roles An array of roles
* @param string|\Stringable|UserInterface $user
* @param mixed $credentials
* @param string $providerKey
* @param (Role|string)[] $roles
*/
public function __construct($user, $credentials, $providerKey, array $roles = array())
public function __construct($user, $credentials, $providerKey, array $roles = [])
{
parent::__construct($roles);
@@ -81,7 +80,9 @@ class PreAuthenticatedToken extends AbstractToken
*/
public function serialize()
{
return serialize(array($this->credentials, $this->providerKey, parent::serialize()));
$serialized = [$this->credentials, $this->providerKey, parent::serialize(true)];
return $this->doSerialize($serialized, \func_num_args() ? func_get_arg(0) : null);
}
/**
@@ -89,7 +90,7 @@ class PreAuthenticatedToken extends AbstractToken
*/
public function unserialize($str)
{
list($this->credentials, $this->providerKey, $parentStr) = unserialize($str);
list($this->credentials, $this->providerKey, $parentStr) = \is_array($str) ? $str : unserialize($str);
parent::unserialize($parentStr);
}
}
vendor/symfony/security/Core/Authentication/Token/RememberMeToken.php
Vendored
+6 -11
View File
@@ -24,11 +24,8 @@ class RememberMeToken extends AbstractToken
private $providerKey;
/**
* Constructor.
*
* @param UserInterface $user
* @param string $providerKey
* @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
* @param string $providerKey
* @param string $secret A secret used to make sure the token is created by the app and not by a malicious client
*
* @throws \InvalidArgumentException
*/
@@ -96,11 +93,9 @@ class RememberMeToken extends AbstractToken
*/
public function serialize()
{
return serialize(array(
$this->secret,
$this->providerKey,
parent::serialize(),
));
$serialized = [$this->secret, $this->providerKey, parent::serialize(true)];
return $this->doSerialize($serialized, \func_num_args() ? func_get_arg(0) : null);
}
/**
@@ -108,7 +103,7 @@ class RememberMeToken extends AbstractToken
*/
public function unserialize($serialized)
{
list($this->secret, $this->providerKey, $parentStr) = unserialize($serialized);
list($this->secret, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
}
}
vendor/symfony/security/Core/Authentication/Token/TokenInterface.php
Vendored
+9 -4
View File
@@ -12,6 +12,7 @@
namespace Symfony\Component\Security\Core\Authentication\Token;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* TokenInterface is the interface for the user authentication information.
@@ -47,17 +48,21 @@ interface TokenInterface extends \Serializable
/**
* Returns a user representation.
*
* @return mixed Can be a UserInterface instance, an object implementing a __toString method,
* or the username as a regular string
* @return string|\Stringable|UserInterface
*
* @see AbstractToken::setUser()
*/
public function getUser();
/**
* Sets a user.
* Sets the user in the token.
*
* @param mixed $user
* The user can be a UserInterface instance, or an object implementing
* a __toString method or the username as a regular string.
*
* @param string|\Stringable|UserInterface $user
*
* @throws \InvalidArgumentException
*/
public function setUser($user);
vendor/symfony/security/Core/Authentication/Token/UsernamePasswordToken.php
Vendored
+12 -11
View File
@@ -11,7 +11,8 @@
namespace Symfony\Component\Security\Core\Authentication\Token;
use Symfony\Component\Security\Core\Role\RoleInterface;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* UsernamePasswordToken implements a username and password token.
@@ -24,16 +25,14 @@ class UsernamePasswordToken extends AbstractToken
private $providerKey;
/**
* Constructor.
*
* @param string|object $user The username (like a nickname, email address, etc.), or a UserInterface instance or an object implementing a __toString method
* @param mixed $credentials This usually is the password of the user
* @param string $providerKey The provider key
* @param (RoleInterface|string)[] $roles An array of roles
* @param string|\Stringable|UserInterface $user The username (like a nickname, email address, etc.) or a UserInterface instance
* @param mixed $credentials
* @param string $providerKey
* @param (Role|string)[] $roles
*
* @throws \InvalidArgumentException
*/
public function __construct($user, $credentials, $providerKey, array $roles = array())
public function __construct($user, $credentials, $providerKey, array $roles = [])
{
parent::__construct($roles);
@@ -45,7 +44,7 @@ class UsernamePasswordToken extends AbstractToken
$this->credentials = $credentials;
$this->providerKey = $providerKey;
parent::setAuthenticated(count($roles) > 0);
parent::setAuthenticated(\count($roles) > 0);
}
/**
@@ -93,7 +92,9 @@ class UsernamePasswordToken extends AbstractToken
*/
public function serialize()
{
return serialize(array($this->credentials, $this->providerKey, parent::serialize()));
$serialized = [$this->credentials, $this->providerKey, parent::serialize(true)];
return $this->doSerialize($serialized, \func_num_args() ? func_get_arg(0) : null);
}
/**
@@ -101,7 +102,7 @@ class UsernamePasswordToken extends AbstractToken
*/
public function unserialize($serialized)
{
list($this->credentials, $this->providerKey, $parentStr) = unserialize($serialized);
list($this->credentials, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized);
parent::unserialize($parentStr);
}
}