Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 83c9c3a

Browse filesBrowse files
wouterjwouterj
committed
Require entry_point to be configured with multiple authenticators
Entry_point can now also be set to an authenticator name (instead of only service IDs), to ease configuration.
1 parent 034ae82 commit 83c9c3a
Copy full SHA for 83c9c3a

File tree

7 files changed

+41
-15
lines changed
Filter options

7 files changed

+41
-15
lines changed

‎src/Symfony/Bundle/SecurityBundle/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ CHANGELOG
77
* Added XSD for configuration
88
* Added security configuration for priority-based access decision strategy
99
* Marked the `AbstractFactory`, `AnonymousFactory`, `FormLoginFactory`, `FormLoginLdapFactory`, `GuardAuthenticationFactory`, `HttpBasicFactory`, `HttpBasicLdapFactory`, `JsonLoginFactory`, `JsonLoginLdapFactory`, `RememberMeFactory`, `RemoteUserFactory` and `X509Factory` as `@final`
10+
* Renamed method `AbstractFactory#createEntryPoint()` to `AbstractFactory#createDefaultEntryPoint()`
1011

1112
5.0.0
1213
-----

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
+2-2Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ public function create(ContainerBuilder $container, string $id, array $config, s
6767
}
6868

6969
// create entry point if applicable (optional)
70-
$entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPointId);
70+
$entryPointId = $this->createDefaultEntryPoint($container, $id, $config, $defaultEntryPointId);
7171

7272
return [$authProviderId, $listenerId, $entryPointId];
7373
}
@@ -128,7 +128,7 @@ abstract protected function getListenerId();
128128
*
129129
* @return string|null the entry point id
130130
*/
131-
protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
131+
protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
132132
{
133133
return $defaultEntryPointId;
134134
}

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/EntryPointFactoryInterface.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/EntryPointFactoryInterface.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,5 +23,5 @@ interface EntryPointFactoryInterface
2323
/**
2424
* Creates the entry point and returns the service ID.
2525
*/
26-
public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId): string;
26+
public function createEntryPoint(ContainerBuilder $container, string $id, array $config): ?string;
2727
}

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
+6-1Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,12 @@ protected function createListener(ContainerBuilder $container, string $id, array
9292
return $listenerId;
9393
}
9494

95-
public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint): string
95+
protected function createDefaultEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId)
96+
{
97+
return $this->createEntryPoint($container, $id, $config);
98+
}
99+
100+
public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string
96101
{
97102
$entryPointId = 'security.authentication.form_entry_point.'.$id;
98103
$container

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/GuardAuthenticationFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/GuardAuthenticationFactory.php
+8-2Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -113,9 +113,15 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
113113
return $authenticatorIds;
114114
}
115115

116-
public function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPointId): string
116+
public function createEntryPoint(ContainerBuilder $container, string $id, array $config): ?string
117117
{
118-
return $this->determineEntryPoint($defaultEntryPointId, $config);
118+
try {
119+
return $this->determineEntryPoint(null, $config);
120+
} catch (\LogicException $e) {
121+
// ignore the exception, the new system prefers setting "entry_point" over "guard.entry_point"
122+
}
123+
124+
return null;
119125
}
120126

121127
private function determineEntryPoint(?string $defaultEntryPointId, array $config): string

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicFactory.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/HttpBasicFactory.php
+6-7Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@
2323
*
2424
* @internal
2525
*/
26-
class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface
26+
class HttpBasicFactory implements SecurityFactoryInterface, AuthenticatorFactoryInterface, EntryPointFactoryInterface
2727
{
2828
public function create(ContainerBuilder $container, string $id, array $config, string $userProvider, ?string $defaultEntryPoint)
2929
{
@@ -36,7 +36,10 @@ public function create(ContainerBuilder $container, string $id, array $config, s
3636
;
3737

3838
// entry point
39-
$entryPointId = $this->createEntryPoint($container, $id, $config, $defaultEntryPoint);
39+
$entryPointId = $defaultEntryPoint;
40+
if (null === $entryPointId) {
41+
$entryPointId = $this->createEntryPoint($container, $id, $config);
42+
}
4043

4144
// listener
4245
$listenerId = 'security.authentication.listener.basic.'.$id;
@@ -79,12 +82,8 @@ public function addConfiguration(NodeDefinition $node)
7982
;
8083
}
8184

82-
protected function createEntryPoint(ContainerBuilder $container, string $id, array $config, ?string $defaultEntryPoint)
85+
public function createEntryPoint(ContainerBuilder $container, string $id, array $config): string
8386
{
84-
if (null !== $defaultEntryPoint) {
85-
return $defaultEntryPoint;
86-
}
87-
8887
$entryPointId = 'security.authentication.basic_entry_point.'.$id;
8988
$container
9089
->setDefinition($entryPointId, new ChildDefinition('security.authentication.basic_entry_point'))

‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+17-2Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@
3939
use Symfony\Component\Security\Core\User\ChainUserProvider;
4040
use Symfony\Component\Security\Core\User\UserProviderInterface;
4141
use Symfony\Component\Security\Http\Controller\UserValueResolver;
42+
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
4243
use Twig\Extension\AbstractExtension;
4344

4445
/**
@@ -519,6 +520,7 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
519520
{
520521
$listeners = [];
521522
$hasListeners = false;
523+
$entryPoints = [];
522524

523525
foreach ($this->listenerPositions as $position) {
524526
foreach ($this->factories[$position] as $factory) {
@@ -541,8 +543,8 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
541543
$authenticationProviders[] = $authenticators;
542544
}
543545

544-
if ($factory instanceof EntryPointFactoryInterface) {
545-
$defaultEntryPoint = $factory->createEntryPoint($container, $id, $firewall[$key], $defaultEntryPoint);
546+
if ($factory instanceof EntryPointFactoryInterface && ($entryPoint = $factory->createEntryPoint($container, $id, $firewall[$key], null))) {
547+
$entryPoints[$key] = $entryPoint;
546548
}
547549
} else {
548550
list($provider, $listenerId, $defaultEntryPoint) = $factory->create($container, $id, $firewall[$key], $userProvider, $defaultEntryPoint);
@@ -555,6 +557,19 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri
555557
}
556558
}
557559

560+
if ($entryPoints) {
561+
// we can be sure the authenticator system is enabled
562+
if (null !== $defaultEntryPoint) {
563+
return $entryPoints[$defaultEntryPoint] ?? $defaultEntryPoint;
564+
}
565+
566+
if (1 === \count($entryPoints)) {
567+
return current($entryPoints);
568+
}
569+
570+
throw new InvalidConfigurationException(sprintf('Because you have multiple authenticators in firewall "%s", you need to set the "entry_point" key to one of your authenticators (%s) or a service ID implementing "%s". The "entry_point" determines what should happen (e.g. redirect to "/login") when an anonymous user tries to access a protected page.', $id, implode(', ', $entryPoints), AuthenticationEntryPointInterface::class));
571+
}
572+
558573
if (false === $hasListeners) {
559574
throw new InvalidConfigurationException(sprintf('No authentication listener registered for firewall "%s".', $id));
560575
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.