From d44b7afa5b5dfc84c7e1ab76ecb159d100bbbd6d Mon Sep 17 00:00:00 2001 From: MatTheCat Date: Sat, 21 Dec 2024 20:27:11 +0100 Subject: [PATCH] [SecurityBundle] Do not replace authenticators service by their traceable version --- .../DependencyInjection/SecurityExtension.php | 10 ++++--- .../SecurityExtensionTest.php | 26 +++++++++++++++++++ 2 files changed, 32 insertions(+), 4 deletions(-) diff --git a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php index 622b853d1d8c6..81c4a8ee6f46f 100644 --- a/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php +++ b/src/Symfony/Bundle/SecurityBundle/DependencyInjection/SecurityExtension.php @@ -643,11 +643,13 @@ private function createAuthenticationListeners(ContainerBuilder $container, stri } if ($container->hasDefinition('debug.security.firewall')) { - foreach ($authenticationProviders as $authenticatorId) { - $container->register('debug.'.$authenticatorId, TraceableAuthenticator::class) - ->setDecoratedService($authenticatorId) - ->setArguments([new Reference('debug.'.$authenticatorId.'.inner')]) + foreach ($authenticationProviders as &$authenticatorId) { + $traceableId = 'debug.'.$authenticatorId; + $container + ->register($traceableId, TraceableAuthenticator::class) + ->setArguments([new Reference($authenticatorId)]) ; + $authenticatorId = $traceableId; } } diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php index 23aa17b9adb57..c4ae38e65b2da 100644 --- a/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php +++ b/src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/SecurityExtensionTest.php @@ -20,7 +20,9 @@ use Symfony\Component\Config\Definition\Builder\NodeDefinition; use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException; use Symfony\Component\DependencyInjection\Argument\IteratorArgument; +use Symfony\Component\DependencyInjection\Compiler\DecoratorServicePass; use Symfony\Component\DependencyInjection\Compiler\ResolveChildDefinitionsPass; +use Symfony\Component\DependencyInjection\Compiler\ResolveReferencesToAliasesPass; use Symfony\Component\DependencyInjection\ContainerBuilder; use Symfony\Component\DependencyInjection\Reference; use Symfony\Component\ExpressionLanguage\Expression; @@ -900,6 +902,30 @@ public function testCustomHasherWithMigrateFrom() ]); } + public function testAuthenticatorsDecoration() + { + $container = $this->getRawContainer(); + $container->setParameter('kernel.debug', true); + $container->getCompilerPassConfig()->setOptimizationPasses([ + new ResolveChildDefinitionsPass(), + new DecoratorServicePass(), + new ResolveReferencesToAliasesPass(), + ]); + + $container->register(TestAuthenticator::class); + $container->loadFromExtension('security', [ + 'firewalls' => ['main' => ['custom_authenticator' => TestAuthenticator::class]], + ]); + $container->compile(); + + /** @var Reference[] $managerAuthenticators */ + $managerAuthenticators = $container->getDefinition('security.authenticator.manager.main')->getArgument(0); + $this->assertCount(1, $managerAuthenticators); + $this->assertSame('debug.'.TestAuthenticator::class, (string) reset($managerAuthenticators), 'AuthenticatorManager must be injected traceable authenticators in debug mode.'); + + $this->assertTrue($container->hasDefinition(TestAuthenticator::class), 'Original authenticator must still exist in the container so it can be used outside of the AuthenticatorManager’s context.'); + } + protected function getRawContainer() { $container = new ContainerBuilder();