Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[Form+SecurityBundle] Trigger deprecation for csrf_provider+intention options #16704

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 27, 2015
Merged

[Form+SecurityBundle] Trigger deprecation for csrf_provider+intention options #16704

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions 4 src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,8 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
->beforeNormalization()
->ifTrue(function ($v) { return isset($v['csrf_provider']); })
->then(function ($v) {
@trigger_error("Setting the 'csrf_provider' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_generator' configuration key instead.", E_USER_DEPRECATED);

$v['csrf_token_generator'] = $v['csrf_provider'];
unset($v['csrf_provider']);

Expand All @@ -251,6 +253,8 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
->beforeNormalization()
->ifTrue(function ($v) { return isset($v['intention']); })
->then(function ($v) {
@trigger_error("Setting the 'intention' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_id' key instead.", E_USER_DEPRECATED);

$v['csrf_token_id'] = $v['intention'];
unset($v['intention']);

Expand Down
19 changes: 17 additions & 2 deletions 19 src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,23 @@ public function addConfiguration(NodeDefinition $node)
parent::addConfiguration($node);

$node
->beforeNormalization()
->ifTrue(function ($v) { return isset($v['csrf_provider']) && isset($v['csrf_token_generator']); })
->thenInvalid("You should define a value for only one of 'csrf_provider' and 'csrf_token_generator' on a security firewall. Use 'csrf_token_generator' as this replaces 'csrf_provider'.")
->end()
->beforeNormalization()
->ifTrue(function ($v) { return isset($v['csrf_provider']); })
->then(function ($v) {
@trigger_error("Setting the 'csrf_provider' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_generator' configuration key instead.", E_USER_DEPRECATED);

$v['csrf_token_generator'] = $v['csrf_provider'];
unset($v['csrf_provider']);

return $v;
})
->end()
->children()
->scalarNode('csrf_provider')->cannotBeEmpty()->end()
->scalarNode('csrf_token_generator')->cannotBeEmpty()->end()
->end()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

intention should be renamed to csrf_token_id too

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed the beforeNormalizer for "intention": there is not "intention" in this configuration section

;
}
Expand Down Expand Up @@ -78,7 +93,7 @@ protected function createListener($container, $id, $config, $userProvider)

$container
->getDefinition($listenerId)
->addArgument(isset($config['csrf_provider']) ? new Reference($config['csrf_provider']) : null)
->addArgument(isset($config['csrf_token_generator']) ? new Reference($config['csrf_token_generator']) : null)
;

return $listenerId;
Expand Down
4 changes: 2 additions & 2 deletions 4 src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/MainConfigurationTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,8 +74,8 @@ public function testCsrfAliases()
'firewalls' => array(
'stub' => array(
'logout' => array(
'csrf_provider' => 'a_token_generator',
'intention' => 'a_token_id',
'csrf_token_generator' => 'a_token_generator',
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should keep a configuration with csrf_provider in a legacy test to ensure not to introduce BC breaks in 2.8 patch releases in the future.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@xabbuh can you do it please?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see #16718

'csrf_token_id' => 'a_token_id',
),
),
),
Expand Down
4 changes: 2 additions & 2 deletions 4 src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/CsrfFormLogin/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,12 +36,12 @@ security:
username_parameter: "user_login[username]"
password_parameter: "user_login[password]"
csrf_parameter: "user_login[_token]"
csrf_provider: security.csrf.token_manager
csrf_token_generator: security.csrf.token_manager
anonymous: ~
logout:
path: /logout_path
target: /
csrf_provider: security.csrf.token_manager
csrf_token_generator: security.csrf.token_manager

access_control:
- { path: .*, roles: IS_AUTHENTICATED_FULLY }
21 changes: 19 additions & 2 deletions 21 src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -123,6 +123,10 @@ public function configureOptions(OptionsResolver $resolver)
{
// BC clause for the "intention" option
$csrfTokenId = function (Options $options) {
if (null !== $options['intention']) {
@trigger_error('The form option "intention" is deprecated since version 2.8 and will be removed in 3.0. Use "csrf_token_id" instead.', E_USER_DEPRECATED);
}

return $options['intention'];
};

Expand All @@ -137,15 +141,28 @@ public function configureOptions(OptionsResolver $resolver)
: new CsrfProviderAdapter($options['csrf_provider']);
};

$defaultTokenManager = $this->defaultTokenManager;
$csrfProviderNormalizer = function (Options $options, $csrfProvider) use ($defaultTokenManager) {
if (null !== $csrfProvider) {
@trigger_error('The form option "csrf_provider" is deprecated since version 2.8 and will be removed in 3.0. Use "csrf_token_manager" instead.', E_USER_DEPRECATED);

return $csrfProvider;
}

return $defaultTokenManager;
};

$resolver->setDefaults(array(
'csrf_protection' => $this->defaultEnabled,
'csrf_field_name' => $this->defaultFieldName,
'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.',
'csrf_token_manager' => $csrfTokenManager,
'csrf_token_id' => $csrfTokenId,
'csrf_provider' => $this->defaultTokenManager,
'intention' => null,
'csrf_provider' => null, // deprecated
'intention' => null, // deprecated
));

$resolver->setNormalizer('csrf_provider', $csrfProviderNormalizer);
}

/**
Expand Down
Morty Proxy This is a proxified and sanitized view of the page, visit original site.