From d65da3c785be0360e4054c177ca5329dc467dc87 Mon Sep 17 00:00:00 2001 From: javer Date: Thu, 5 May 2022 14:00:32 +0300 Subject: [PATCH] [Security] Do not use First Class Callable Syntax for listeners --- .../Http/Firewall/ContextListener.php | 4 +-- .../Http/Firewall/ExceptionListener.php | 4 +-- .../Tests/Firewall/ContextListenerTest.php | 28 +++++++++++++++++-- .../Tests/Firewall/ExceptionListenerTest.php | 13 +++++++++ 4 files changed, 43 insertions(+), 6 deletions(-) diff --git a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php index a28ccd860071e..4ca102ffaf448 100644 --- a/src/Symfony/Component/Security/Http/Firewall/ContextListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/ContextListener.php @@ -85,7 +85,7 @@ public function supports(Request $request): ?bool public function authenticate(RequestEvent $event) { if (!$this->registered && null !== $this->dispatcher && $event->isMainRequest()) { - $this->dispatcher->addListener(KernelEvents::RESPONSE, $this->onKernelResponse(...)); + $this->dispatcher->addListener(KernelEvents::RESPONSE, [$this, 'onKernelResponse']); $this->registered = true; } @@ -162,7 +162,7 @@ public function onKernelResponse(ResponseEvent $event) return; } - $this->dispatcher?->removeListener(KernelEvents::RESPONSE, $this->onKernelResponse(...)); + $this->dispatcher?->removeListener(KernelEvents::RESPONSE, [$this, 'onKernelResponse']); $this->registered = false; $session = $request->getSession(); $sessionId = $session->getId(); diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php index 14c1e2ac887f5..297f077f62cbd 100644 --- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php +++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php @@ -75,7 +75,7 @@ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationT */ public function register(EventDispatcherInterface $dispatcher) { - $dispatcher->addListener(KernelEvents::EXCEPTION, $this->onKernelException(...), 1); + $dispatcher->addListener(KernelEvents::EXCEPTION, [$this, 'onKernelException'], 1); } /** @@ -83,7 +83,7 @@ public function register(EventDispatcherInterface $dispatcher) */ public function unregister(EventDispatcherInterface $dispatcher) { - $dispatcher->removeListener(KernelEvents::EXCEPTION, $this->onKernelException(...)); + $dispatcher->removeListener(KernelEvents::EXCEPTION, [$this, 'onKernelException']); } /** diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php index 61c64a54bf648..b647f4e477fb2 100644 --- a/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php +++ b/src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php @@ -175,7 +175,7 @@ public function testHandleAddsKernelResponseListener() $dispatcher->expects($this->once()) ->method('addListener') - ->with(KernelEvents::RESPONSE, $listener->onKernelResponse(...)); + ->with(KernelEvents::RESPONSE, [$listener, 'onKernelResponse']); $listener(new RequestEvent($this->createMock(HttpKernelInterface::class), new Request(), HttpKernelInterface::MAIN_REQUEST)); } @@ -197,7 +197,7 @@ public function testOnKernelResponseListenerRemovesItself() $dispatcher->expects($this->once()) ->method('removeListener') - ->with(KernelEvents::RESPONSE, $listener->onKernelResponse(...)); + ->with(KernelEvents::RESPONSE, [$listener, 'onKernelResponse']); $listener->onKernelResponse($event); } @@ -322,6 +322,30 @@ public function testSessionIsNotReported() $listener(new RequestEvent($this->createMock(HttpKernelInterface::class), $request, HttpKernelInterface::MAIN_REQUEST)); } + public function testOnKernelResponseRemoveListener() + { + $tokenStorage = new TokenStorage(); + $tokenStorage->setToken(new UsernamePasswordToken(new InMemoryUser('test1', 'pass1'), 'phpunit', ['ROLE_USER'])); + + $request = new Request(); + $request->attributes->set('_security_firewall_run', '_security_session'); + + $session = new Session(new MockArraySessionStorage()); + $request->setSession($session); + + $dispatcher = new EventDispatcher(); + $httpKernel = $this->createMock(HttpKernelInterface::class); + + $listener = new ContextListener($tokenStorage, [], 'session', null, $dispatcher, null, $tokenStorage->getToken(...)); + $this->assertEmpty($dispatcher->getListeners()); + + $listener(new RequestEvent($httpKernel, $request, HttpKernelInterface::MAIN_REQUEST)); + $this->assertNotEmpty($dispatcher->getListeners()); + + $listener->onKernelResponse(new ResponseEvent($httpKernel, $request, HttpKernelInterface::MAIN_REQUEST, new Response())); + $this->assertEmpty($dispatcher->getListeners()); + } + protected function runSessionOnKernelResponse($newToken, $original = null) { $session = new Session(new MockArraySessionStorage()); diff --git a/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php b/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php index 73f2df3ecf954..ae85a6b49e3bc 100644 --- a/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php +++ b/src/Symfony/Component/Security/Http/Tests/Firewall/ExceptionListenerTest.php @@ -12,6 +12,7 @@ namespace Symfony\Component\Security\Http\Tests\Firewall; use PHPUnit\Framework\TestCase; +use Symfony\Component\EventDispatcher\EventDispatcher; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Event\ExceptionEvent; @@ -179,6 +180,18 @@ public function testLogoutException() $this->assertEquals(403, $event->getThrowable()->getStatusCode()); } + public function testUnregister() + { + $listener = $this->createExceptionListener(); + $dispatcher = new EventDispatcher(); + + $listener->register($dispatcher); + $this->assertNotEmpty($dispatcher->getListeners()); + + $listener->unregister($dispatcher); + $this->assertEmpty($dispatcher->getListeners()); + } + public function getAccessDeniedExceptionProvider() { return [ pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy