Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 20bc78b

Browse filesBrowse files
alexandre-dauboisalexandre-daubois
committed
[Security] Fix AuthenticationUtils::getLastUsername() returning null
1 parent 840c5cc commit 20bc78b
Copy full SHA for 20bc78b

File tree

2 files changed

+134
-2
lines changed
Filter options

2 files changed

+134
-2
lines changed

‎src/Symfony/Component/Security/Http/Authentication/AuthenticationUtils.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Authentication/AuthenticationUtils.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -59,10 +59,10 @@ public function getLastUsername()
5959
$request = $this->getRequest();
6060

6161
if ($request->attributes->has(Security::LAST_USERNAME)) {
62-
return $request->attributes->get(Security::LAST_USERNAME, '');
62+
return $request->attributes->get(Security::LAST_USERNAME) ?? '';
6363
}
6464

65-
return $request->hasSession() ? $request->getSession()->get(Security::LAST_USERNAME, '') : '';
65+
return $request->hasSession() ? ($request->getSession()->get(Security::LAST_USERNAME) ?? '') : '';
6666
}
6767

6868
/**

‎src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticationUtilsTest.php

Copy file name to clipboard
+132Lines changed: 132 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,132 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Http\Tests\Authentication;
13+
14+
use PHPUnit\Framework\TestCase;
15+
use Symfony\Component\HttpFoundation\Request;
16+
use Symfony\Component\HttpFoundation\RequestStack;
17+
use Symfony\Component\HttpFoundation\Session\Session;
18+
use Symfony\Component\Security\Core\Security;
19+
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
20+
21+
class AuthenticationUtilsTest extends TestCase
22+
{
23+
public function testLastAuthenticationErrorWhenRequestHasAttribute()
24+
{
25+
$request = Request::create('/');
26+
$request->attributes->set(Security::AUTHENTICATION_ERROR, 'my error');
27+
28+
$requestStack = new RequestStack();
29+
$requestStack->push($request);
30+
31+
$utils = new AuthenticationUtils($requestStack);
32+
$this->assertSame('my error', $utils->getLastAuthenticationError());
33+
}
34+
35+
/**
36+
* @runInSeparateProcess
37+
*/
38+
public function testLastAuthenticationErrorInSession()
39+
{
40+
$request = Request::create('/');
41+
42+
$session = new Session();
43+
$session->set(Security::AUTHENTICATION_ERROR, 'session error');
44+
$request->setSession($session);
45+
46+
$requestStack = new RequestStack();
47+
$requestStack->push($request);
48+
49+
$utils = new AuthenticationUtils($requestStack);
50+
$this->assertSame('session error', $utils->getLastAuthenticationError());
51+
$this->assertFalse($session->has(Security::AUTHENTICATION_ERROR));
52+
}
53+
54+
/**
55+
* @runInSeparateProcess
56+
*/
57+
public function testLastAuthenticationErrorInSessionWithoutClearing()
58+
{
59+
$request = Request::create('/');
60+
61+
$session = new Session();
62+
$session->set(Security::AUTHENTICATION_ERROR, 'session error');
63+
$request->setSession($session);
64+
65+
$requestStack = new RequestStack();
66+
$requestStack->push($request);
67+
68+
$utils = new AuthenticationUtils($requestStack);
69+
$this->assertSame('session error', $utils->getLastAuthenticationError(false));
70+
$this->assertTrue($session->has(Security::AUTHENTICATION_ERROR));
71+
}
72+
73+
public function testLastUserNameIsDefinedButNull()
74+
{
75+
$request = Request::create('/');
76+
$request->attributes->set(Security::LAST_USERNAME, null);
77+
78+
$requestStack = new RequestStack();
79+
$requestStack->push($request);
80+
81+
$utils = new AuthenticationUtils($requestStack);
82+
$this->assertSame('', $utils->getLastUsername());
83+
}
84+
85+
public function testLastUserNameIsDefined()
86+
{
87+
$request = Request::create('/');
88+
$request->attributes->set(Security::LAST_USERNAME, 'user');
89+
90+
$requestStack = new RequestStack();
91+
$requestStack->push($request);
92+
93+
$utils = new AuthenticationUtils($requestStack);
94+
$this->assertSame('user', $utils->getLastUsername());
95+
}
96+
97+
/**
98+
* @runInSeparateProcess
99+
*/
100+
public function testLastUserNameIsDefinedInSessionButNull()
101+
{
102+
$request = Request::create('/');
103+
104+
$session = new Session();
105+
$session->set(Security::LAST_USERNAME, null);
106+
$request->setSession($session);
107+
108+
$requestStack = new RequestStack();
109+
$requestStack->push($request);
110+
111+
$utils = new AuthenticationUtils($requestStack);
112+
$this->assertSame('', $utils->getLastUsername());
113+
}
114+
115+
/**
116+
* @runInSeparateProcess
117+
*/
118+
public function testLastUserNameIsDefinedInSession()
119+
{
120+
$request = Request::create('/');
121+
122+
$session = new Session();
123+
$session->set(Security::LAST_USERNAME, 'user');
124+
$request->setSession($session);
125+
126+
$requestStack = new RequestStack();
127+
$requestStack->push($request);
128+
129+
$utils = new AuthenticationUtils($requestStack);
130+
$this->assertSame('user', $utils->getLastUsername());
131+
}
132+
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.