From e3bd133ce0e52d58643515e94e961a13b8b1dc4c Mon Sep 17 00:00:00 2001 From: MatTheCat Date: Tue, 9 Jul 2024 19:18:49 +0200 Subject: [PATCH] [SecurityBundle] Link to the profile the token was (de)authenticated --- .../DataCollector/SecurityDataCollector.php | 32 +++++++++++++++++++ .../views/Collector/security.html.twig | 21 +++++++++++- 2 files changed, 52 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php index 826d6c99e1270..1bfcdcbf84fc3 100644 --- a/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php +++ b/src/Symfony/Bundle/SecurityBundle/DataCollector/SecurityDataCollector.php @@ -13,6 +13,7 @@ use Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener; use Symfony\Bundle\SecurityBundle\Security\FirewallMap; +use Symfony\Component\HttpFoundation\Cookie; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\DataCollector\DataCollector; @@ -195,6 +196,27 @@ public function collect(Request $request, Response $response, ?\Throwable $excep } $this->data['authenticators'] = $this->firewall ? $this->firewall->getAuthenticatorsInfo() : []; + + if ($this->data['listeners'] && !($this->data['firewall']['stateless'] ?? true)) { + $authCookieName = "{$this->data['firewall']['name']}_auth_profile_token"; + $deauthCookieName = "{$this->data['firewall']['name']}_deauth_profile_token"; + $profileToken = $response->headers->get('X-Debug-Token'); + + $this->data['auth_profile_token'] = $request->cookies->get($authCookieName); + $this->data['deauth_profile_token'] = $request->cookies->get($deauthCookieName); + + if ($this->data['authenticated'] && !$this->data['auth_profile_token']) { + $response->headers->setCookie(new Cookie($authCookieName, $profileToken)); + + $this->data['deauth_profile_token'] = null; + $response->headers->clearCookie($deauthCookieName); + } elseif(!$this->data['authenticated'] && !$this->data['deauth_profile_token']) { + $response->headers->setCookie(new Cookie($deauthCookieName, $profileToken)); + + $this->data['auth_profile_token'] = null; + $response->headers->clearCookie($authCookieName); + } + } } public function reset(): void @@ -339,6 +361,16 @@ public function getAuthenticators(): array|Data return $this->data['authenticators']; } + public function getAuthProfileToken(): string|Data|null + { + return $this->data['auth_profile_token'] ?? null; + } + + public function getDeauthProfileToken(): string|Data|null + { + return $this->data['deauth_profile_token'] ?? null; + } + public function getName(): string { return 'security'; diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig b/src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig index 2715ed6a85d11..ecb082838c361 100644 --- a/src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig +++ b/src/Symfony/Bundle/SecurityBundle/Resources/views/Collector/security.html.twig @@ -181,6 +181,17 @@ {{ source('@WebProfiler/Icon/' ~ (collector.authenticated ? 'yes' : 'no') ~ '.svg') }} Authenticated + + {% if collector.authProfileToken %} +

+ + + {{- collector.authProfileToken -}} + + + From +

+ {% endif %} @@ -219,7 +230,15 @@

{% elseif collector.enabled %}

There is no security token.

+ There is no security token. + {% if collector.deauthProfileToken %} + It was removed in + + {{- collector.deauthProfileToken -}} + . + {% endif %} +

{% endif %} pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Alternative Proxies: