Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[Security] fix switch user _exit without having current token #22732

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 19, 2017
Merged

[Security] fix switch user _exit without having current token #22732

merged 1 commit into from
Jun 19, 2017

Conversation

dmaicher
Copy link
Contributor

@dmaicher dmaicher commented May 17, 2017
edited
Loading

Q A
Branch? 2.7
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #22729
License MIT
Doc PR -

Attempting to _exit from a switched user caused an error when not having any token in the storage (for example happens when not logged in + disallowing anonymous users on that firewall):

[1] Symfony\Component\Debug\Exception\FatalThrowableError: Type error: Argument 1 passed to Symfony\Component\Security\Http\Firewall\SwitchUserListener::getOriginalToken() must be an instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface, null given, called in symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php on line 164

@dmaicher dmaicher mentioned this pull request May 17, 2017
Closed
@nicolas-grekas nicolas-grekas added this to the 2.7 milestone May 18, 2017
@dmaicher
Copy link
Contributor Author

@xabbuh @nicolas-grekas what do you think? 😉

@fabpot
Copy link
Member

fabpot commented Jun 19, 2017

Thank you @dmaicher.

@fabpot fabpot merged commit 16da686 into symfony:2.7 Jun 19, 2017
fabpot added a commit that referenced this pull request Jun 19, 2017
@fabpot
bug #22732 [Security] fix switch user _exit without having current to…
6e75cee 
…ken (dmaicher)

This PR was merged into the 2.7 branch.

Discussion
----------

[Security] fix switch user _exit without having current token

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #22729
| License       | MIT
| Doc PR        | -

Attempting to `_exit` from a switched user caused an error when not having any token in the storage (for example happens when not logged in + disallowing anonymous users on that firewall):

`[1] Symfony\Component\Debug\Exception\FatalThrowableError: Type error: Argument 1 passed to Symfony\Component\Security\Http\Firewall\SwitchUserListener::getOriginalToken()
        must be an instance of Symfony\Component\Security\Core\Authentication\Token\TokenInterface, null given, called in
        symfony/symfony/src/Symfony/Component/Security/Http/Firewall/SwitchUserListener.php on line 164`

Commits
-------

16da686 [Security] fix switch user _exit without having current token
This was referenced Jul 3, 2017
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@xabbuh xabbuh xabbuh left review comments

@fabpot fabpot fabpot approved these changes

Assignees
No one assigned
Labels
Bug Security Status: Needs Review
Projects
None yet
Milestone
2.7
Development

Successfully merging this pull request may close these issues.
5 participants
@dmaicher @fabpot @xabbuh @nicolas-grekas @carsonbot
Morty Proxy This is a proxified and sanitized view of the page, visit original site.