Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 6e75cee

Browse filesBrowse files
fabpotfabpot
committed
bug #22732 [Security] fix switch user _exit without having current token (dmaicher)
This PR was merged into the 2.7 branch. Discussion ---------- [Security] fix switch user _exit without having current token | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #22729 | License | MIT | Doc PR | - Attempting to `_exit` from a switched user caused an error when not having any token in the storage (for example happens when not logged in + disallowing anonymous users on that firewall): `[1] Symfony\Component\Debug\Exception\FatalThrowableError: Type error: Argument 1 passed to Symfony\Component\Security\Http\Firewall\SwitchUserListener::getOriginalToken() must be an instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface, null given, called in symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php on line 164` Commits ------- 16da686 [Security] fix switch user _exit without having current token
2 parents 71b61b0 + 16da686 commit 6e75cee
Copy full SHA for 6e75cee

File tree

2 files changed

+12
-1
lines changed
Filter options

2 files changed

+12
-1
lines changed

‎src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,7 @@ private function attemptSwitchUser(Request $request)
158158
*/
159159
private function attemptExitUser(Request $request)
160160
{
161-
if (false === $original = $this->getOriginalToken($this->tokenStorage->getToken())) {
161+
if (null === ($currentToken = $this->tokenStorage->getToken()) || false === $original = $this->getOriginalToken($currentToken)) {
162162
throw new AuthenticationCredentialsNotFoundException('Could not find original Token object.');
163163
}
164164

‎src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Http/Tests/Firewall/SwitchUserListenerTest.php
+11Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,17 @@ public function testEventIsIgnoredIfUsernameIsNotPassedWithTheRequest()
6565
$this->assertNull($this->tokenStorage->getToken());
6666
}
6767

68+
/**
69+
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
70+
*/
71+
public function testExitUserThrowsAuthenticationExceptionIfNoCurrentToken()
72+
{
73+
$this->tokenStorage->setToken(null);
74+
$this->request->query->set('_switch_user', '_exit');
75+
$listener = new SwitchUserListener($this->tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager);
76+
$listener->handle($this->event);
77+
}
78+
6879
/**
6980
* @expectedException \Symfony\Component\Security\Core\Exception\AuthenticationCredentialsNotFoundException
7081
*/

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.