Skip to content

Commit cfc946a

Browse files
author
Mbechezi Nawo
committed
Verifying if the password field is null
1 parent 968bd0f commit cfc946a

File tree

2 files changed

+30
-2
lines changed

2 files changed

+30
-2
lines changed

src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,10 @@ protected function attemptAuthentication(Request $request)
9595
throw new BadCredentialsException('Invalid username.');
9696
}
9797

98+
if (null === $password) {
99+
throw new \LogicException(sprintf('The key "%s" cannot be null.', $this->options['password_parameter']));
100+
}
101+
98102
$request->getSession()->set(Security::LAST_USERNAME, $username);
99103

100104
return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey));

src/Symfony/Component/Security/Http/Tests/Firewall/UsernamePasswordFormAuthenticationListenerTest.php

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ class UsernamePasswordFormAuthenticationListenerTest extends TestCase
3232
*/
3333
public function testHandleWhenUsernameLength($username, $ok)
3434
{
35-
$request = Request::create('/login_check', 'POST', ['_username' => $username]);
35+
$request = Request::create('/login_check', 'POST', ['_username' => $username, '_password' => 'symfony']);
3636
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
3737

3838
$httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock();
@@ -161,7 +161,31 @@ public function testHandleNonStringUsernameWith__toString($postOnly)
161161
->method('__toString')
162162
->willReturn('someUsername');
163163

164-
$request = Request::create('/login_check', 'POST', ['_username' => $usernameClass]);
164+
$request = Request::create('/login_check', 'POST', ['_username' => $usernameClass, '_password' => 'symfony']);
165+
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
166+
$listener = new UsernamePasswordFormAuthenticationListener(
167+
new TokenStorage(),
168+
$this->getMockBuilder('Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface')->getMock(),
169+
new SessionAuthenticationStrategy(SessionAuthenticationStrategy::NONE),
170+
$httpUtils = new HttpUtils(),
171+
'foo',
172+
new DefaultAuthenticationSuccessHandler($httpUtils),
173+
new DefaultAuthenticationFailureHandler($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $httpUtils),
174+
['require_previous_session' => false, 'post_only' => $postOnly]
175+
);
176+
$event = new GetResponseEvent($this->getMockBuilder('Symfony\Component\HttpKernel\HttpKernelInterface')->getMock(), $request, HttpKernelInterface::MASTER_REQUEST);
177+
$listener->handle($event);
178+
}
179+
180+
/**
181+
* @dataProvider postOnlyDataProvider
182+
*/
183+
public function testHandleWhenPasswordAreNull($postOnly)
184+
{
185+
$this->expectException('LogicException');
186+
$this->expectExceptionMessage('The key "_password" cannot be null.');
187+
188+
$request = Request::create('/login_check', 'POST', ['_username' => 'symfony', 'password' => 'symfony']);
165189
$request->setSession($this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock());
166190
$listener = new UsernamePasswordFormAuthenticationListener(
167191
new TokenStorage(),

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy