From 006c6ddda3ff9e11c8941e0aa541c0dd385303f9 Mon Sep 17 00:00:00 2001 From: renanbr Date: Wed, 30 Jan 2019 14:28:33 +0100 Subject: [PATCH] makes serialize methods final --- UPGRADE-4.3.md | 35 +++++++++ UPGRADE-5.0.md | 31 ++++++++ src/Symfony/Component/Security/CHANGELOG.md | 6 ++ .../Authentication/Token/AbstractToken.php | 55 +++++++++++++- .../Authentication/Token/AnonymousToken.php | 12 ++- .../Token/PreAuthenticatedToken.php | 12 ++- .../Authentication/Token/RememberMeToken.php | 12 ++- .../Token/UsernamePasswordToken.php | 12 ++- .../Core/Exception/AccountStatusException.php | 13 ++-- .../Exception/AuthenticationException.php | 76 ++++++++++++++----- ...stomUserMessageAuthenticationException.php | 13 ++-- .../Exception/UsernameNotFoundException.php | 17 ++--- .../Token/PostAuthenticationGuardToken.php | 12 ++- 13 files changed, 222 insertions(+), 84 deletions(-) diff --git a/UPGRADE-4.3.md b/UPGRADE-4.3.md index bee2a0030226b..5f3bd82dcb2e4 100644 --- a/UPGRADE-4.3.md +++ b/UPGRADE-4.3.md @@ -45,6 +45,41 @@ HttpFoundation * The `FileinfoMimeTypeGuesser` class has been deprecated, use `Symfony\Component\Mime\FileinfoMimeTypeGuesser` instead. +Security +-------- + + * The `AbstractToken::serialize()`, `AbstractToken::unserialize()`, + `AuthenticationException::serialize()` and `AuthenticationException::unserialize()` + methods are now final, use `getState()` and `setState()` instead. + + Before: + ```php + public function serialize() + { + return [$this->myLocalVar, parent::serialize()]; + } + + public function unserialize($serialized) + { + [$this->myLocalVar, $parentSerialized] = unserialize($serialized); + parent::unserialize($parentSerialized); + } + ``` + + After: + ```php + protected function getState(): array + { + return [$this->myLocalVar, parent::getState()]; + } + + protected function setState(array $data) + { + [$this->myLocalVar, $parentData] = $data; + parent::setState($parentData); + } + ``` + Yaml ---- diff --git a/UPGRADE-5.0.md b/UPGRADE-5.0.md index d11420af4611d..58bb2035bc550 100644 --- a/UPGRADE-5.0.md +++ b/UPGRADE-5.0.md @@ -232,6 +232,37 @@ Security * `SimpleAuthenticatorInterface`, `SimpleFormAuthenticatorInterface`, `SimplePreAuthenticatorInterface`, `SimpleAuthenticationProvider`, `SimpleAuthenticationHandler`, `SimpleFormAuthenticationListener` and `SimplePreAuthenticationListener` have been removed. Use Guard instead. + * `\Serializable` interface has been removed from `AbstractToken` and `AuthenticationException`, + thus `serialize()` and `unserialize()` aren't available. + Use `getState()` and `setState()` instead. + + Before: + ```php + public function serialize() + { + return [$this->myLocalVar, parent::serialize()]; + } + + public function unserialize($serialized) + { + [$this->myLocalVar, $parentSerialized] = unserialize($serialized); + parent::unserialize($parentSerialized); + } + ``` + + After: + ```php + protected function getState(): array + { + return [$this->myLocalVar, parent::getState()]; + } + + protected function setState(array $data) + { + [$this->myLocalVar, $parentData] = $data; + parent::setState($parentData); + } + ``` SecurityBundle -------------- diff --git a/src/Symfony/Component/Security/CHANGELOG.md b/src/Symfony/Component/Security/CHANGELOG.md index ac3024c4810ca..23d3ea43beed9 100644 --- a/src/Symfony/Component/Security/CHANGELOG.md +++ b/src/Symfony/Component/Security/CHANGELOG.md @@ -1,6 +1,12 @@ CHANGELOG ========= +4.3.0 +----- + +* Made the `serialize()` and `unserialize()` methods of `AbstractToken` and + `AuthenticationException` final, use `getState()`/`setState()` instead + 4.2.0 ----- diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php index e8546788d507b..f879cf8a87fdd 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php @@ -133,20 +133,67 @@ public function eraseCredentials() /** * {@inheritdoc} + * + * @final since Symfony 4.3, use getState() instead + * + * @internal since Symfony 4.3, use getState() instead */ public function serialize() { - $serialized = [$this->user, $this->authenticated, $this->roles, $this->attributes]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return $this->doSerialize($this->getState(), \func_num_args() ? \func_get_arg(0) : null); } /** * {@inheritdoc} + * + * @final since Symfony 4.3, use setState() instead + * + * @internal since Symfony 4.3, use setState() instead */ public function unserialize($serialized) { - list($this->user, $this->authenticated, $this->roles, $this->attributes) = \is_array($serialized) ? $serialized : unserialize($serialized); + $this->setState(\is_array($serialized) ? $serialized : unserialize($serialized)); + } + + /** + * Returns all the necessary state of the object for serialization purposes. + * + * There is no need to serialize any entry, they should be returned as-is. + * If you extend this method, keep in mind you MUST guarantee parent data is present in the state. + * Here is an example of how to extend this method: + * + * protected function getState(): array + * { + * return [$this->childAttribute, parent::getState()]; + * } + * + * + * @see setState() + */ + protected function getState(): array + { + return [$this->user, $this->authenticated, $this->roles, $this->attributes]; + } + + /** + * Restores the object state from an array given by getState(). + * + * There is no need to unserialize any entry in $data, they are already ready-to-use. + * If you extend this method, keep in mind you MUST pass the parent data to its respective class. + * Here is an example of how to extend this method: + * + * protected function setState(array $data) + * { + * [$this->childAttribute, $parentData] = $data; + * parent::setState($parentData); + * } + * + * + * @see getState() + */ + protected function setState(array $data) + { + [$this->user, $this->authenticated, $this->roles, $this->attributes] = $data; } /** diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php index 328d3043d27ca..18b2481330972 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/AnonymousToken.php @@ -57,19 +57,17 @@ public function getSecret() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->secret, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->secret, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($serialized) + protected function setState(array $data) { - list($this->secret, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized); - parent::unserialize($parentStr); + [$this->secret, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php index bc6c0ce5224b5..733f29159a51c 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/PreAuthenticatedToken.php @@ -77,19 +77,17 @@ public function eraseCredentials() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->credentials, $this->providerKey, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->credentials, $this->providerKey, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($str) + protected function setState(array $data) { - list($this->credentials, $this->providerKey, $parentStr) = \is_array($str) ? $str : unserialize($str); - parent::unserialize($parentStr); + [$this->credentials, $this->providerKey, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php index 21a190d6b38da..40daa68923c05 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/RememberMeToken.php @@ -92,19 +92,17 @@ public function getCredentials() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->secret, $this->providerKey, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->secret, $this->providerKey, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($serialized) + protected function setState(array $data) { - list($this->secret, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized); - parent::unserialize($parentStr); + [$this->secret, $this->providerKey, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php b/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php index 8a70047a48e75..d731906eb7e0f 100644 --- a/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php +++ b/src/Symfony/Component/Security/Core/Authentication/Token/UsernamePasswordToken.php @@ -89,19 +89,17 @@ public function eraseCredentials() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->credentials, $this->providerKey, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->credentials, $this->providerKey, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($serialized) + protected function setState(array $data) { - list($this->credentials, $this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized); - parent::unserialize($parentStr); + [$this->credentials, $this->providerKey, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Exception/AccountStatusException.php b/src/Symfony/Component/Security/Core/Exception/AccountStatusException.php index cb91b42364bc4..4d707c07d1871 100644 --- a/src/Symfony/Component/Security/Core/Exception/AccountStatusException.php +++ b/src/Symfony/Component/Security/Core/Exception/AccountStatusException.php @@ -42,20 +42,17 @@ public function setUser(UserInterface $user) /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->user, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->user, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($str) + protected function setState(array $data) { - list($this->user, $parentData) = \is_array($str) ? $str : unserialize($str); - - parent::unserialize($parentData); + [$this->user, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Exception/AuthenticationException.php b/src/Symfony/Component/Security/Core/Exception/AuthenticationException.php index a8989c068702b..2ee412bfd120f 100644 --- a/src/Symfony/Component/Security/Core/Exception/AuthenticationException.php +++ b/src/Symfony/Component/Security/Core/Exception/AuthenticationException.php @@ -40,18 +40,67 @@ public function setToken(TokenInterface $token) /** * {@inheritdoc} + * + * @final since Symfony 4.3, use getState() instead + * + * @internal since Symfony 4.3, use getState() instead */ public function serialize() { - $serialized = [ - $this->token, - $this->code, - $this->message, - $this->file, - $this->line, - ]; + return $this->doSerialize($this->getState(), \func_num_args() ? \func_get_arg(0) : null); + } + + /** + * {@inheritdoc} + * + * @final since Symfony 4.3, use setState() instead + * + * @internal since Symfony 4.3, use setState() instead + */ + public function unserialize($serialized) + { + $this->setState(\is_array($serialized) ? $serialized : unserialize($serialized)); + } + + /** + * Returns all the necessary state of the object for serialization purposes. + * + * There is no need to serialize any entry, they should be returned as-is. + * If you extend this method, keep in mind you MUST guarantee parent data is present in the state. + * Here is an example of how to extend this method: + * + * protected function getState(): array + * { + * return [$this->childAttribute, parent::getState()]; + * } + * + * + * @see setState() + */ + protected function getState(): array + { + return [$this->token, $this->code, $this->message, $this->file, $this->line]; + } - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + /** + * Restores the object state from an array given by getState(). + * + * There is no need to unserialize any entry in $data, they are already ready-to-use. + * If you extend this method, keep in mind you MUST pass the parent data to its respective class. + * Here is an example of how to extend this method: + * + * protected function setState(array $data) + * { + * [$this->childAttribute, $parentData] = $data; + * parent::setState($parentData); + * } + * + * + * @see getState() + */ + protected function setState(array $data) + { + [$this->token, $this->code, $this->message, $this->file, $this->line] = $data; } /** @@ -67,17 +116,6 @@ protected function doSerialize($serialized, $isCalledFromOverridingMethod) return $isCalledFromOverridingMethod ? $serialized : serialize($serialized); } - public function unserialize($str) - { - list( - $this->token, - $this->code, - $this->message, - $this->file, - $this->line - ) = \is_array($str) ? $str : unserialize($str); - } - /** * Message key to be used by the translation component. * diff --git a/src/Symfony/Component/Security/Core/Exception/CustomUserMessageAuthenticationException.php b/src/Symfony/Component/Security/Core/Exception/CustomUserMessageAuthenticationException.php index 5db47013d454d..bd1b18eb328f0 100644 --- a/src/Symfony/Component/Security/Core/Exception/CustomUserMessageAuthenticationException.php +++ b/src/Symfony/Component/Security/Core/Exception/CustomUserMessageAuthenticationException.php @@ -58,20 +58,17 @@ public function getMessageData() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [parent::serialize(true), $this->messageKey, $this->messageData]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [parent::getState(), $this->messageKey, $this->messageData]; } /** * {@inheritdoc} */ - public function unserialize($str) + protected function setState(array $data) { - list($parentData, $this->messageKey, $this->messageData) = \is_array($str) ? $str : unserialize($str); - - parent::unserialize($parentData); + [$parentData, $this->messageKey, $this->messageData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Core/Exception/UsernameNotFoundException.php b/src/Symfony/Component/Security/Core/Exception/UsernameNotFoundException.php index b4b8047f341f9..155f80e357bcd 100644 --- a/src/Symfony/Component/Security/Core/Exception/UsernameNotFoundException.php +++ b/src/Symfony/Component/Security/Core/Exception/UsernameNotFoundException.php @@ -52,28 +52,25 @@ public function setUsername($username) /** * {@inheritdoc} */ - public function serialize() + public function getMessageData() { - $serialized = [$this->username, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return ['{{ username }}' => $this->username]; } /** * {@inheritdoc} */ - public function unserialize($str) + protected function getState(): array { - list($this->username, $parentData) = \is_array($str) ? $str : unserialize($str); - - parent::unserialize($parentData); + return [$this->username, parent::getState()]; } /** * {@inheritdoc} */ - public function getMessageData() + protected function setState(array $data) { - return ['{{ username }}' => $this->username]; + [$this->username, $parentData] = $data; + parent::setState($parentData); } } diff --git a/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php b/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php index 1e75129c57ca7..9e3646da45ccb 100644 --- a/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php +++ b/src/Symfony/Component/Security/Guard/Token/PostAuthenticationGuardToken.php @@ -74,19 +74,17 @@ public function getProviderKey() /** * {@inheritdoc} */ - public function serialize() + protected function getState(): array { - $serialized = [$this->providerKey, parent::serialize(true)]; - - return $this->doSerialize($serialized, \func_num_args() ? \func_get_arg(0) : null); + return [$this->providerKey, parent::getState()]; } /** * {@inheritdoc} */ - public function unserialize($serialized) + protected function setState(array $data) { - list($this->providerKey, $parentStr) = \is_array($serialized) ? $serialized : unserialize($serialized); - parent::unserialize($parentStr); + [$this->providerKey, $parentData] = $data; + parent::setState($parentData); } } pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy