diff --git a/src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php b/src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php new file mode 100644 index 0000000000000..ed37c94b81c00 --- /dev/null +++ b/src/Symfony/Bridge/Monolog/Processor/AbstractTokenProcessor.php @@ -0,0 +1,53 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Monolog\Processor; + +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; + +/** + * The base class for security token processors. + * + * @author Dany Maillard + * @author Igor Timoshenko + */ +abstract class AbstractTokenProcessor +{ + /** + * @var TokenStorageInterface + */ + protected $tokenStorage; + + public function __construct(TokenStorageInterface $tokenStorage) + { + $this->tokenStorage = $tokenStorage; + } + + abstract protected function getKey(): string; + + abstract protected function getToken(): ?TokenInterface; + + public function __invoke(array $record): array + { + $record['extra'][$this->getKey()] = null; + + if (null !== $token = $this->getToken()) { + $record['extra'][$this->getKey()] = [ + 'username' => $token->getUsername(), + 'authenticated' => $token->isAuthenticated(), + 'roles' => $token->getRoleNames(), + ]; + } + + return $record; + } +} diff --git a/src/Symfony/Bridge/Monolog/Processor/SwitchUserTokenProcessor.php b/src/Symfony/Bridge/Monolog/Processor/SwitchUserTokenProcessor.php new file mode 100644 index 0000000000000..76aa7e479d0e5 --- /dev/null +++ b/src/Symfony/Bridge/Monolog/Processor/SwitchUserTokenProcessor.php @@ -0,0 +1,45 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Monolog\Processor; + +use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; + +/** + * Adds the original security token to the log entry. + * + * @author Igor Timoshenko + */ +class SwitchUserTokenProcessor extends AbstractTokenProcessor +{ + /** + * {@inheritdoc} + */ + protected function getKey(): string + { + return 'impersonator_token'; + } + + /** + * {@inheritdoc} + */ + protected function getToken(): ?TokenInterface + { + $token = $this->tokenStorage->getToken(); + + if ($token instanceof SwitchUserToken) { + return $token->getOriginalToken(); + } + + return null; + } +} diff --git a/src/Symfony/Bridge/Monolog/Processor/TokenProcessor.php b/src/Symfony/Bridge/Monolog/Processor/TokenProcessor.php index 78d8dd3249c6d..7ca212eb29770 100644 --- a/src/Symfony/Bridge/Monolog/Processor/TokenProcessor.php +++ b/src/Symfony/Bridge/Monolog/Processor/TokenProcessor.php @@ -11,35 +11,29 @@ namespace Symfony\Bridge\Monolog\Processor; -use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; /** * Adds the current security token to the log entry. * * @author Dany Maillard + * @author Igor Timoshenko */ -class TokenProcessor +class TokenProcessor extends AbstractTokenProcessor { - private $tokenStorage; - - public function __construct(TokenStorageInterface $tokenStorage) + /** + * {@inheritdoc} + */ + protected function getKey(): string { - $this->tokenStorage = $tokenStorage; + return 'token'; } - public function __invoke(array $records) + /** + * {@inheritdoc} + */ + protected function getToken(): ?TokenInterface { - $records['extra']['token'] = null; - if (null !== $token = $this->tokenStorage->getToken()) { - $roles = $token->getRoleNames(); - - $records['extra']['token'] = [ - 'username' => $token->getUsername(), - 'authenticated' => $token->isAuthenticated(), - 'roles' => $roles, - ]; - } - - return $records; + return $this->tokenStorage->getToken(); } } diff --git a/src/Symfony/Bridge/Monolog/Tests/Processor/SwitchUserTokenProcessorTest.php b/src/Symfony/Bridge/Monolog/Tests/Processor/SwitchUserTokenProcessorTest.php new file mode 100644 index 0000000000000..bdb8489b43e2b --- /dev/null +++ b/src/Symfony/Bridge/Monolog/Tests/Processor/SwitchUserTokenProcessorTest.php @@ -0,0 +1,43 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Symfony\Bridge\Monolog\Tests\Processor; + +use PHPUnit\Framework\TestCase; +use Symfony\Bridge\Monolog\Processor\SwitchUserTokenProcessor; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; +use Symfony\Component\Security\Core\Authentication\Token\SwitchUserToken; +use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken; + +/** + * Tests the SwitchUserTokenProcessor. + * + * @author Igor Timoshenko + */ +class SwitchUserTokenProcessorTest extends TestCase +{ + public function testProcessor() + { + $originalToken = new UsernamePasswordToken('original_user', 'password', 'provider', ['ROLE_SUPER_ADMIN']); + $switchUserToken = new SwitchUserToken('user', 'passsword', 'provider', ['ROLE_USER'], $originalToken); + $tokenStorage = $this->getMockBuilder(TokenStorageInterface::class)->getMock(); + $tokenStorage->method('getToken')->willReturn($switchUserToken); + + $processor = new SwitchUserTokenProcessor($tokenStorage); + $record = ['extra' => []]; + $record = $processor($record); + + $this->assertArrayHasKey('original_token', $record['extra']); + $this->assertEquals($originalToken->getUsername(), $record['extra']['original_token']['username']); + $this->assertEquals($originalToken->isAuthenticated(), $record['extra']['original_token']['authenticated']); + $this->assertEquals(['ROLE_SUPER_ADMIN'], $record['extra']['original_token']['roles']); + } +} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy