Skip to content

Commit 743e670

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '2.8'
* 2.8: [Form+SecurityBundle] Trigger deprecation for csrf_provider+intention options
2 parents 4603e64 + fad3d38 commit 743e670

File tree

5 files changed

+44
-8
lines changed

5 files changed

+44
-8
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/MainConfiguration.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -242,6 +242,8 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
242242
->beforeNormalization()
243243
->ifTrue(function ($v) { return isset($v['csrf_provider']); })
244244
->then(function ($v) {
245+
@trigger_error("Setting the 'csrf_provider' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_generator' configuration key instead.", E_USER_DEPRECATED);
246+
245247
$v['csrf_token_generator'] = $v['csrf_provider'];
246248
unset($v['csrf_provider']);
247249

@@ -251,6 +253,8 @@ private function addFirewallsSection(ArrayNodeDefinition $rootNode, array $facto
251253
->beforeNormalization()
252254
->ifTrue(function ($v) { return isset($v['intention']); })
253255
->then(function ($v) {
256+
@trigger_error("Setting the 'intention' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_id' key instead.", E_USER_DEPRECATED);
257+
254258
$v['csrf_token_id'] = $v['intention'];
255259
unset($v['intention']);
256260

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/FormLoginFactory.php

Lines changed: 17 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,8 +48,23 @@ public function addConfiguration(NodeDefinition $node)
4848
parent::addConfiguration($node);
4949

5050
$node
51+
->beforeNormalization()
52+
->ifTrue(function ($v) { return isset($v['csrf_provider']) && isset($v['csrf_token_generator']); })
53+
->thenInvalid("You should define a value for only one of 'csrf_provider' and 'csrf_token_generator' on a security firewall. Use 'csrf_token_generator' as this replaces 'csrf_provider'.")
54+
->end()
55+
->beforeNormalization()
56+
->ifTrue(function ($v) { return isset($v['csrf_provider']); })
57+
->then(function ($v) {
58+
@trigger_error("Setting the 'csrf_provider' configuration key on a security firewall is deprecated since version 2.8 and will be removed in 3.0. Use the 'csrf_token_generator' configuration key instead.", E_USER_DEPRECATED);
59+
60+
$v['csrf_token_generator'] = $v['csrf_provider'];
61+
unset($v['csrf_provider']);
62+
63+
return $v;
64+
})
65+
->end()
5166
->children()
52-
->scalarNode('csrf_provider')->cannotBeEmpty()->end()
67+
->scalarNode('csrf_token_generator')->cannotBeEmpty()->end()
5368
->end()
5469
;
5570
}
@@ -78,7 +93,7 @@ protected function createListener($container, $id, $config, $userProvider)
7893

7994
$container
8095
->getDefinition($listenerId)
81-
->addArgument(isset($config['csrf_provider']) ? new Reference($config['csrf_provider']) : null)
96+
->addArgument(isset($config['csrf_token_generator']) ? new Reference($config['csrf_token_generator']) : null)
8297
;
8398

8499
return $listenerId;

src/Symfony/Bundle/SecurityBundle/Tests/DependencyInjection/MainConfigurationTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -74,8 +74,8 @@ public function testCsrfAliases()
7474
'firewalls' => array(
7575
'stub' => array(
7676
'logout' => array(
77-
'csrf_provider' => 'a_token_generator',
78-
'intention' => 'a_token_id',
77+
'csrf_token_generator' => 'a_token_generator',
78+
'csrf_token_id' => 'a_token_id',
7979
),
8080
),
8181
),

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/CsrfFormLogin/config.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,12 +36,12 @@ security:
3636
username_parameter: "user_login[username]"
3737
password_parameter: "user_login[password]"
3838
csrf_parameter: "user_login[_token]"
39-
csrf_provider: security.csrf.token_manager
39+
csrf_token_generator: security.csrf.token_manager
4040
anonymous: ~
4141
logout:
4242
path: /logout_path
4343
target: /
44-
csrf_provider: security.csrf.token_manager
44+
csrf_token_generator: security.csrf.token_manager
4545

4646
access_control:
4747
- { path: .*, roles: IS_AUTHENTICATED_FULLY }

src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php

Lines changed: 19 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,10 @@ public function configureOptions(OptionsResolver $resolver)
123123
{
124124
// BC clause for the "intention" option
125125
$csrfTokenId = function (Options $options) {
126+
if (null !== $options['intention']) {
127+
@trigger_error('The form option "intention" is deprecated since version 2.8 and will be removed in 3.0. Use "csrf_token_id" instead.', E_USER_DEPRECATED);
128+
}
129+
126130
return $options['intention'];
127131
};
128132

@@ -137,15 +141,28 @@ public function configureOptions(OptionsResolver $resolver)
137141
: new CsrfProviderAdapter($options['csrf_provider']);
138142
};
139143

144+
$defaultTokenManager = $this->defaultTokenManager;
145+
$csrfProviderNormalizer = function (Options $options, $csrfProvider) use ($defaultTokenManager) {
146+
if (null !== $csrfProvider) {
147+
@trigger_error('The form option "csrf_provider" is deprecated since version 2.8 and will be removed in 3.0. Use "csrf_token_manager" instead.', E_USER_DEPRECATED);
148+
149+
return $csrfProvider;
150+
}
151+
152+
return $defaultTokenManager;
153+
};
154+
140155
$resolver->setDefaults(array(
141156
'csrf_protection' => $this->defaultEnabled,
142157
'csrf_field_name' => $this->defaultFieldName,
143158
'csrf_message' => 'The CSRF token is invalid. Please try to resubmit the form.',
144159
'csrf_token_manager' => $csrfTokenManager,
145160
'csrf_token_id' => $csrfTokenId,
146-
'csrf_provider' => $this->defaultTokenManager,
147-
'intention' => null,
161+
'csrf_provider' => null, // deprecated
162+
'intention' => null, // deprecated
148163
));
164+
165+
$resolver->setNormalizer('csrf_provider', $csrfProviderNormalizer);
149166
}
150167

151168
/**

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy