symfony
diff --git a/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+58-9Lines changed: 58 additions & 9 deletions b/‎src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php
+58-9Lines changed: 58 additions & 9 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+36-19Lines changed: 36 additions & 19 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/CompleteConfigurationTest.php
+36-19Lines changed: 36 additions & 19 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
+3-3Lines changed: 3 additions & 3 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php
+3-3Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/composer.json
+1-1Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/composer.json
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/SecurityBundle/composer.json
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/CHANGELOG.md
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+3Lines changed: 3 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/CHANGELOG.md
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+3Lines changed: 3 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/ChainRequestMatcher.php
Copy file name to clipboard
+38Lines changed: 38 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/ChainRequestMatcher.php
Copy file name to clipboard
+38Lines changed: 38 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/ExpressionRequestMatcher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/ExpressionRequestMatcher.php
+5Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/ExpressionRequestMatcher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/ExpressionRequestMatcher.php
+5Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/RequestMatcher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/RequestMatcher.php
+4Lines changed: 4 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/RequestMatcher.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/RequestMatcher.php
+4Lines changed: 4 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/RequestMatcher/AttributesRequestMatcher.php
Copy file name to clipboard
+45Lines changed: 45 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/RequestMatcher/AttributesRequestMatcher.php
Copy file name to clipboard
+45Lines changed: 45 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/RequestMatcher/ExpressionRequestMatcher.php
Copy file name to clipboard
+43Lines changed: 43 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/RequestMatcher/ExpressionRequestMatcher.php
Copy file name to clipboard
+43Lines changed: 43 additions & 0 deletions
@@ -33,7 +33,13 @@
 use Symfony\Component\EventDispatcher\EventDispatcher;
 use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
-use Symfony\Component\HttpFoundation\RequestMatcher;
+use Symfony\Component\HttpFoundation\ChainRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\AttributesRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\HostRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\IpsRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\MethodRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\PathRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\PortRequestMatcher;
 use Symfony\Component\HttpKernel\DependencyInjection\Extension;
 use Symfony\Component\HttpKernel\KernelEvents;
 use Symfony\Component\PasswordHasher\Hasher\NativePasswordHasher;
@@ -893,7 +899,7 @@ private function createRequestMatcher(ContainerBuilder $container, string $path
             $methods = array_map('strtoupper', $methods);
         }
 
-        if (null !== $ips) {
+        if ($ips) {
             foreach ($ips as $ip) {
                 $container->resolveEnvPlaceholders($ip, null, $usedEnvs);
 
@@ -905,22 +911,65 @@ private function createRequestMatcher(ContainerBuilder $container, string $path
             }
         }
 
-        $id = '.security.request_matcher.'.ContainerBuilder::hash([$path, $host, $port, $methods, $ips, $attributes]);
+        $id = '.security.request_matcher.'.ContainerBuilder::hash([ChainRequestMatcher::class, $path, $host, $port, $methods, $ips, $attributes]);
 
         if (isset($this->requestMatchers[$id])) {
             return $this->requestMatchers[$id];
         }
 
-        // only add arguments that are necessary
-        $arguments = [$path, $host, $methods, $ips, $attributes, null, $port];
-        while (\count($arguments) > 0 && !end($arguments)) {
-            array_pop($arguments);
+        $arguments = [];
+        if ($methods && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([MethodRequestMatcher::class, $methods]))) {
+            $container->register($lid, MethodRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$methods])
+            ;
+            $arguments[] = new Reference($lid);
+        }
+
+        if ($path && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([PathRequestMatcher::class, $path]))) {
+            $container->register($lid, PathRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$path])
+            ;
+            $arguments[] = new Reference($lid);
+        }
+
+        if ($host && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([HostRequestMatcher::class, $host]))) {
+            $container->register($lid, HostRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$host])
+            ;
+            $arguments[] = new Reference($lid);
+        }
+
+        if ($ips && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([IpsRequestMatcher::class, $ips]))) {
+            $container->register($lid, IpsRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$ips])
+            ;
+            $arguments[] = new Reference($lid);
+        }
+
+        if ($attributes && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([AttributesRequestMatcher::class, $attributes]))) {
+            $container->register($lid, AttributesRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$attributes])
+            ;
+            $arguments[] = new Reference($lid);
+        }
+
+        if ($port && !$container->hasDefinition($lid = '.security.request_matcher.'.ContainerBuilder::hash([PortRequestMatcher::class, $port]))) {
+            $container->register($lid, PortRequestMatcher::class)
+                ->setPublic(false)
+                ->setArguments([$port])
+            ;
+            $arguments[] = new Reference($lid);
         }
 
         $container
-            ->register($id, RequestMatcher::class)
+            ->register($id, ChainRequestMatcher::class)
             ->setPublic(false)
-            ->setArguments($arguments)
+            ->setArguments([$arguments])
         ;
 
         return $this->requestMatchers[$id] = new Reference($id);
 
@@ -19,6 +19,10 @@
 use Symfony\Component\DependencyInjection\ContainerBuilder;
 use Symfony\Component\DependencyInjection\Definition;
 use Symfony\Component\DependencyInjection\Reference;
+use Symfony\Component\HttpFoundation\RequestMatcher\HostRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\MethodRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\PathRequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\PortRequestMatcher;
 use Symfony\Component\PasswordHasher\Hasher\NativePasswordHasher;
 use Symfony\Component\PasswordHasher\Hasher\Pbkdf2PasswordHasher;
 use Symfony\Component\PasswordHasher\Hasher\PlaintextPasswordHasher;
@@ -248,20 +252,27 @@ public function testFirewallRequestMatchers()
         foreach ($arguments[1]->getValues() as $reference) {
             if ($reference instanceof Reference) {
                 $definition = $container->getDefinition((string) $reference);
-                $matchers[] = $definition->getArguments();
+                $matchers[] = $definition->getArgument(0);
             }
         }
 
-        $this->assertEquals([
-            [
-                '/login',
-            ],
-            [
-                '/test',
-                'foo\\.example\\.org',
-                ['GET', 'POST'],
-            ],
-        ], $matchers);
+        $this->assertCount(2, $matchers);
+
+        $this->assertCount(1, $matchers[0]);
+        $def = $container->getDefinition((string) $matchers[0][0]);
+        $this->assertSame(PathRequestMatcher::class, $def->getClass());
+        $this->assertSame('/login', $def->getArgument(0));
+
+        $this->assertCount(3, $matchers[1]);
+        $def = $container->getDefinition((string) $matchers[1][0]);
+        $this->assertSame(MethodRequestMatcher::class, $def->getClass());
+        $this->assertSame(['GET', 'POST'], $def->getArgument(0));
+        $def = $container->getDefinition((string) $matchers[1][1]);
+        $this->assertSame(PathRequestMatcher::class, $def->getClass());
+        $this->assertSame('/test', $def->getArgument(0));
+        $def = $container->getDefinition((string) $matchers[1][2]);
+        $this->assertSame(HostRequestMatcher::class, $def->getClass());
+        $this->assertSame('foo\\.example\\.org', $def->getArgument(0));
     }
 
     public function testUserCheckerAliasIsRegistered()
@@ -294,17 +305,23 @@ public function testAccess()
             if (1 === $i) {
                 $this->assertEquals(['ROLE_USER'], $attributes);
                 $this->assertEquals('https', $channel);
-                $this->assertEquals(
-                    ['/blog/524', null, ['GET', 'POST'], [], [], null, 8000],
-                    $requestMatcher->getArguments()
-                );
+                $this->assertCount(3, $requestMatcher->getArgument(0));
+                $def = $container->getDefinition((string) $requestMatcher->getArgument(0)[0]);
+                $this->assertSame(MethodRequestMatcher::class, $def->getClass());
+                $this->assertSame(['GET', 'POST'], $def->getArgument(0));
+                $def = $container->getDefinition((string) $requestMatcher->getArgument(0)[1]);
+                $this->assertSame(PathRequestMatcher::class, $def->getClass());
+                $this->assertSame('/blog/524', $def->getArgument(0));
+                $def = $container->getDefinition((string) $requestMatcher->getArgument(0)[2]);
+                $this->assertSame(PortRequestMatcher::class, $def->getClass());
+                $this->assertSame(8000, $def->getArgument(0));
             } elseif (2 === $i) {
                 $this->assertEquals(['IS_AUTHENTICATED_ANONYMOUSLY'], $attributes);
                 $this->assertNull($channel);
-                $this->assertEquals(
-                    ['/blog/.*'],
-                    $requestMatcher->getArguments()
-                );
+                $this->assertCount(1, $requestMatcher->getArgument(0));
+                $def = $container->getDefinition((string) $requestMatcher->getArgument(0)[0]);
+                $this->assertSame(PathRequestMatcher::class, $def->getClass());
+                $this->assertSame('/blog/.*', $def->getArgument(0));
             } elseif (3 === $i) {
                 $this->assertEquals('IS_AUTHENTICATED_ANONYMOUSLY', $attributes[0]);
                 $expression = $container->getDefinition((string) $attributes[1])->getArgument(0);
 
@@ -26,7 +26,7 @@
 use Symfony\Component\DependencyInjection\Reference;
 use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\RequestMatcher;
+use Symfony\Component\HttpFoundation\RequestMatcher\PathRequestMatcher;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
@@ -256,7 +256,7 @@ public function testRegisterAccessControlWithSpecifiedRequestMatcherService()
         $container = $this->getRawContainer();
 
         $requestMatcherId = 'My\Test\RequestMatcher';
-        $requestMatcher = new RequestMatcher('/');
+        $requestMatcher = new PathRequestMatcher('/');
         $container->set($requestMatcherId, $requestMatcher);
 
         $container->loadFromExtension('security', [
@@ -291,7 +291,7 @@ public function testRegisterAccessControlWithRequestMatcherAndAdditionalOptionsT
         $container = $this->getRawContainer();
 
         $requestMatcherId = 'My\Test\RequestMatcher';
-        $requestMatcher = new RequestMatcher('/');
+        $requestMatcher = new PathRequestMatcher('/');
         $container->set($requestMatcherId, $requestMatcher);
 
         $container->loadFromExtension('security', [
 
@@ -23,7 +23,7 @@
         "symfony/dependency-injection": "^6.2",
         "symfony/event-dispatcher": "^5.4|^6.0",
         "symfony/http-kernel": "^6.2",
-        "symfony/http-foundation": "^5.4|^6.0",
+        "symfony/http-foundation": "^6.2",
         "symfony/password-hasher": "^5.4|^6.0",
         "symfony/security-core": "^6.2",
         "symfony/security-csrf": "^5.4|^6.0",
 
@@ -6,6 +6,9 @@ CHANGELOG
 
  * The HTTP cache store uses the `xxh128` algorithm
  * Deprecate calling `JsonResponse::setCallback()`, `Response::setExpires/setLastModified/setEtag()`, `MockArraySessionStorage/NativeSessionStorage::setMetadataBag()`, `NativeSessionStorage::setSaveHandler()` without arguments
+ * Add request matchers under the `Symfony\Component\HttpFoundation\RequestMatcher` namespace
+ * Deprecate `RequestMatcher` in favor of `ChainRequestMatcher`
+ * Deprecate `Symfony\Component\HttpFoundation\ExpressionRequestMatcher` in favor of `Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher`
 
 6.1
 ---
 
@@ -0,0 +1,38 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpFoundation;
+
+/**
+ * ChainRequestMatcher verifies that all checks matches against a Request instance.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class ChainRequestMatcher implements RequestMatcherInterface
+{
+    /**
+     * @param iterable<RequestMatcherInterface> $matchers
+     */
+    public function __construct(private iterable $matchers)
+    {
+    }
+
+    public function matches(Request $request): bool
+    {
+        foreach ($this->matchers as $matcher) {
+            if (!$matcher->matches($request)) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+}
@@ -13,11 +13,16 @@
 
 use Symfony\Component\ExpressionLanguage\Expression;
 use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
+use Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher as NewExpressionRequestMatcher;
+
+trigger_deprecation('symfony/http-foundation', '6.2', 'The "%s" class is deprecated, use "%s" instead.', ExpressionRequestMatcher::class, NewExpressionRequestMatcher::class);
 
 /**
  * ExpressionRequestMatcher uses an expression to match a Request.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ *
+ * @deprecated since Symfony 6.2, use "Symfony\Component\HttpFoundation\RequestMatcher\ExpressionRequestMatcher" instead
  */
 class ExpressionRequestMatcher extends RequestMatcher
 {
 
@@ -11,10 +11,14 @@
 
 namespace Symfony\Component\HttpFoundation;
 
+trigger_deprecation('symfony/http-foundation', '6.2', 'The "%s" class is deprecated, use "%s" instead.', RequestMatcher::class, ChainRequestMatcher::class);
+
 /**
  * RequestMatcher compares a pre-defined set of checks against a Request instance.
  *
  * @author Fabien Potencier <fabien@symfony.com>
+ *
+ * @deprecated since Symfony 6.2, use ChainRequestMatcher instead
  */
 class RequestMatcher implements RequestMatcherInterface
 {
 
@@ -0,0 +1,45 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpFoundation\RequestMatcher;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestMatcherInterface;
+
+/**
+ * Checks the Request attributes matches all regular expressions.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class AttributesRequestMatcher implements RequestMatcherInterface
+{
+    /**
+     * @param array<string, string> $regexps
+     */
+    public function __construct(private array $regexps)
+    {
+    }
+
+    public function matches(Request $request): bool
+    {
+        foreach ($this->regexps as $key => $regexp) {
+            $attribute = $request->attributes->get($key);
+            if (!\is_string($attribute)) {
+                return false;
+            }
+            if (!preg_match('{'.$regexp.'}', $attribute)) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+}
@@ -0,0 +1,43 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\HttpFoundation\RequestMatcher;
+
+use Symfony\Component\ExpressionLanguage\Expression;
+use Symfony\Component\ExpressionLanguage\ExpressionLanguage;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestMatcherInterface;
+
+/**
+ * ExpressionRequestMatcher uses an expression to match a Request.
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class ExpressionRequestMatcher implements RequestMatcherInterface
+{
+    public function __construct(
+        private ExpressionLanguage $language,
+        private Expression|string $expression,
+    ) {
+    }
+
+    public function matches(Request $request): bool
+    {
+        return $this->language->evaluate($this->expression, [
+            'request' => $request,
+            'method' => $request->getMethod(),
+            'path' => rawurldecode($request->getPathInfo()),
+            'host' => $request->getHost(),
+            'ip' => $request->getClientIp(),
+            'attributes' => $request->attributes->all(),
+        ]);
+    }
+}
Original file line number	Diff line number	Diff line change
`@@ -11,10 +11,14 @@`
`11`	`11`
`12`	`12`	`namespace Symfony\Component\HttpFoundation;`
`13`	`13`
	`14`	`+trigger_deprecation('symfony/http-foundation', '6.2', 'The "%s" class is deprecated, use "%s" instead.', RequestMatcher::class, ChainRequestMatcher::class);`
	`15`	`+`
`14`	`16`	`/**`
`15`	`17`	`* RequestMatcher compares a pre-defined set of checks against a Request instance.`
`16`	`18`	`*`
`17`	`19`	`* @author Fabien Potencier <fabien@symfony.com>`
	`20`	`+ *`
	`21`	`+ * @deprecated since Symfony 6.2, use ChainRequestMatcher instead`
`18`	`22`	`*/`
`19`	`23`	`class RequestMatcher implements RequestMatcherInterface`
`20`	`24`	`{`