Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Commit c4ae80a

Browse filesBrowse files
weaverryanfabpot
authored andcommitted
[Security] Deprecate onAuthenticationSuccess()
1 parent 2946932 commit c4ae80a
Copy full SHA for c4ae80a

File tree

Expand file treeCollapse file tree

2 files changed

+71
-11
lines changed
Filter options
Expand file treeCollapse file tree

2 files changed

+71
-11
lines changed

‎src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
+7-11Lines changed: 7 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -35,16 +35,6 @@ abstract class AbstractFormLoginAuthenticator extends AbstractGuardAuthenticator
3535
*/
3636
abstract protected function getLoginUrl();
3737

38-
/**
39-
* The user will be redirected to the secure page they originally tried
40-
* to access. But if no such page exists (i.e. the user went to the
41-
* login page directly), this returns the URL the user should be redirected
42-
* to after logging in successfully (e.g. your homepage).
43-
*
44-
* @return string
45-
*/
46-
abstract protected function getDefaultSuccessRedirectUrl();
47-
4838
/**
4939
* Override to change what happens after a bad username/password is submitted.
5040
*
@@ -72,7 +62,13 @@ public function onAuthenticationFailure(Request $request, AuthenticationExceptio
7262
*/
7363
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
7464
{
75-
// if the user hit a secure page and start() was called, this was
65+
@trigger_error(sprintf('The AbstractFormLoginAuthenticator::onAuthenticationSuccess() implementation was deprecated in Symfony 3.1 and will be removed in Symfony 4.0. You should implement this method yourself in %s and remove getDefaultSuccessRedirectUrl().', get_class($this)), E_USER_DEPRECATED);
66+
67+
if (!method_exists($this, 'getDefaultSuccessRedirectUrl')) {
68+
throw new \Exception(sprintf('You must implement onAuthenticationSuccess() or getDefaultSuccessRedirectURL() in %s.', get_class($this)));
69+
}
70+
71+
// if the user hits a secure page and start() was called, this was
7672
// the URL they were on, and probably where you want to redirect to
7773
$targetPath = $this->getTargetPath($request->getSession(), $providerKey);
7874

+64Lines changed: 64 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <fabien@symfony.com>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Security\Guard\Tests\Authenticator;
13+
14+
use Symfony\Component\HttpFoundation\RedirectResponse;
15+
use Symfony\Component\HttpFoundation\Request;
16+
use Symfony\Component\Security\Core\User\UserInterface;
17+
use Symfony\Component\Security\Core\User\UserProviderInterface;
18+
use Symfony\Component\Security\Guard\Authenticator\AbstractFormLoginAuthenticator;
19+
20+
class AbstractFormLoginAuthenticatorTest extends \PHPUnit_Framework_TestCase
21+
{
22+
/**
23+
* @group legacy
24+
*/
25+
public function testLegacyWithLoginUrl()
26+
{
27+
$request = new Request();
28+
$request->setSession($this->getMock('Symfony\Component\HttpFoundation\Session\Session'));
29+
30+
$authenticator = new LegacyFormLoginAuthenticator();
31+
/** @var RedirectResponse $actualResponse */
32+
$actualResponse = $authenticator->onAuthenticationSuccess(
33+
$request,
34+
$this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'),
35+
'provider_key'
36+
);
37+
38+
$this->assertEquals('/default_url', $actualResponse->getTargetUrl());
39+
}
40+
}
41+
42+
class LegacyFormLoginAuthenticator extends AbstractFormLoginAuthenticator
43+
{
44+
protected function getDefaultSuccessRedirectUrl()
45+
{
46+
return '/default_url';
47+
}
48+
49+
protected function getLoginUrl()
50+
{
51+
}
52+
53+
public function getCredentials(Request $request)
54+
{
55+
}
56+
57+
public function getUser($credentials, UserProviderInterface $userProvider)
58+
{
59+
}
60+
61+
public function checkCredentials($credentials, UserInterface $user)
62+
{
63+
}
64+
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.