symfony
diff --git a/‎src/Symfony/Bridge/Monolog/Handler/ElasticsearchLogstashHandler.php
Lines changed: 4 additions & 1 deletion b/‎src/Symfony/Bridge/Monolog/Handler/ElasticsearchLogstashHandler.php
Lines changed: 4 additions & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Console/Application.php
Lines changed: 1 addition & 10 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Console/Application.php
Lines changed: 1 addition & 10 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/GuardedBundle/AppCustomAuthenticator.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/GuardedBundle/AppCustomAuthenticator.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/GuardedBundle/AuthenticationController.php
Lines changed: 38 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/Bundle/GuardedBundle/AuthenticationController.php
Lines changed: 38 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/GuardedTest.php
Lines changed: 10 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/GuardedTest.php
Lines changed: 10 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Guarded/config.yml
Lines changed: 11 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Guarded/config.yml
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Guarded/routing.yml
Lines changed: 9 additions & 0 deletions b/‎src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Guarded/routing.yml
Lines changed: 9 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/WebProfilerBundle/Csp/ContentSecurityPolicyHandler.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/WebProfilerBundle/Csp/ContentSecurityPolicyHandler.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/WebProfilerBundle/Tests/Csp/ContentSecurityPolicyHandlerTest.php
Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Bundle/WebProfilerBundle/Tests/Csp/ContentSecurityPolicyHandlerTest.php
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
Lines changed: 3 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
Lines changed: 3 additions & 5 deletions
@@ -49,7 +49,10 @@ class ElasticsearchLogstashHandler extends AbstractHandler
     private $client;
     private $responses;
 
-    public function __construct(string $endpoint = 'http://127.0.0.1:9200', string $index = 'monolog', HttpClientInterface $client = null, int $level = Logger::DEBUG, bool $bubble = true)
+    /**
+     * @param string|int $level The minimum logging level at which this handler will be triggered
+     */
+    public function __construct(string $endpoint = 'http://127.0.0.1:9200', string $index = 'monolog', HttpClientInterface $client = null, $level = Logger::DEBUG, bool $bubble = true)
     {
         if (!interface_exists(HttpClientInterface::class)) {
             throw new \LogicException(sprintf('The "%s" handler needs an HTTP client. Try running "composer require symfony/http-client".', __CLASS__));
 
@@ -19,7 +19,6 @@
 use Symfony\Component\Console\Output\ConsoleOutputInterface;
 use Symfony\Component\Console\Output\OutputInterface;
 use Symfony\Component\Console\Style\SymfonyStyle;
-use Symfony\Component\Debug\Exception\FatalThrowableError;
 use Symfony\Component\DependencyInjection\ContainerAwareInterface;
 use Symfony\Component\HttpKernel\Bundle\Bundle;
 use Symfony\Component\HttpKernel\Kernel;
@@ -207,15 +206,7 @@ private function renderRegistrationErrors(InputInterface $input, OutputInterface
         (new SymfonyStyle($input, $output))->warning('Some commands could not be registered:');
 
         foreach ($this->registrationErrors as $error) {
-            if (method_exists($this, 'doRenderThrowable')) {
-                $this->doRenderThrowable($error, $output);
-            } else {
-                if (!$error instanceof \Exception) {
-                    $error = new FatalThrowableError($error);
-                }
-
-                $this->doRenderException($error, $output);
-            }
+            $this->doRenderThrowable($error, $output);
         }
     }
 }
@@ -23,7 +23,7 @@ class AppCustomAuthenticator extends AbstractGuardAuthenticator
 {
     public function supports(Request $request)
     {
-        return true;
+        return '/manual_login' !== $request->getPathInfo() && '/profile' !== $request->getPathInfo();
     }
 
     public function getCredentials(Request $request)
 
@@ -0,0 +1,38 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\GuardedBundle;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\User\User;
+use Symfony\Component\Security\Core\User\UserInterface;
+use Symfony\Component\Security\Guard\GuardAuthenticatorHandler;
+use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;
+
+class AuthenticationController
+{
+    public function manualLoginAction(GuardAuthenticatorHandler $guardAuthenticatorHandler, Request $request)
+    {
+        $guardAuthenticatorHandler->authenticateWithToken(new PostAuthenticationGuardToken(new User('Jane', 'test', ['ROLE_USER']), 'secure', ['ROLE_USER']), $request, 'secure');
+
+        return new Response('Logged in.');
+    }
+
+    public function profileAction(UserInterface $user = null)
+    {
+        if (null === $user) {
+            return new Response('Not logged in.');
+        }
+
+        return new Response('Username: '.$user->getUsername());
+    }
+}
@@ -21,4 +21,14 @@ public function testGuarded()
 
         $this->assertSame(418, $client->getResponse()->getStatusCode());
     }
+
+    public function testManualLogin()
+    {
+        $client = $this->createClient(['debug' => true, 'test_case' => 'Guarded', 'root_config' => 'config.yml']);
+
+        $client->request('GET', '/manual_login');
+        $client->request('GET', '/profile');
+
+        $this->assertSame('Username: Jane', $client->getResponse()->getContent());
+    }
 }
@@ -10,8 +10,19 @@ framework:
 services:
     logger: { class: Psr\Log\NullLogger }
     Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\GuardedBundle\AppCustomAuthenticator: ~
+    Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\GuardedBundle\AuthenticationController:
+        tags: [controller.service_arguments]
 
 security:
+    encoders:
+        Symfony\Component\Security\Core\User\User: plaintext
+
+    providers:
+        in_memory:
+            memory:
+                users:
+                    Jane: { password: test, roles: [ROLE_USER] }
+
     firewalls:
         secure:
             pattern: ^/
 
@@ -3,3 +3,12 @@ main:
     defaults:
         _controller: Symfony\Bundle\FrameworkBundle\Controller\RedirectController::urlRedirectAction
         path: /app
+profile:
+    path: /profile
+    defaults:
+        _controller: Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\GuardedBundle\AuthenticationController::profileAction
+
+manual_login:
+    path: /manual_login
+    defaults:
+        _controller: Symfony\Bundle\SecurityBundle\Tests\Functional\Bundle\GuardedBundle\AuthenticationController::manualLoginAction
@@ -124,7 +124,7 @@ private function updateCspHeaders(Response $response, array $nonces = []): array
         $headers = $this->getCspHeaders($response);
 
         foreach ($headers as $header => $directives) {
-            foreach (['script-src' => 'csp_script_nonce', 'style-src' => 'csp_style_nonce'] as $type => $tokenName) {
+            foreach (['script-src' => 'csp_script_nonce', 'script-src-elem' => 'csp_script_nonce', 'style-src' => 'csp_style_nonce', 'style-src-elem' => 'csp_style_nonce'] as $type => $tokenName) {
                 if ($this->authorizesInline($directives, $type)) {
                     continue;
                 }
 
@@ -41,7 +41,7 @@ public function testOnKernelResponse($nonce, $expectedNonce, Request $request, R
         $this->assertFalse($response->headers->has('X-SymfonyProfiler-Style-Nonce'));
 
         foreach ($expectedCsp as $header => $value) {
-            $this->assertSame($value, $response->headers->get($header));
+            $this->assertSame($value, $response->headers->get($header), $header);
         }
     }
 
@@ -131,7 +131,7 @@ public function provideRequestAndResponsesForOnKernelResponse()
                 ['csp_script_nonce' => $nonce, 'csp_style_nonce' => $nonce],
                 $this->createRequest(),
                 $this->createResponse(['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'']),
-                ['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'; style-src \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'; style-src \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'X-Content-Security-Policy' => null],
+                ['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'; script-src-elem \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src-elem \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'; script-src-elem \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src-elem \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'X-Content-Security-Policy' => null],
             ],
             [
                 $nonce,
 
@@ -215,8 +215,10 @@ public function regenerate(bool $destroy = false, int $lifetime = null)
             return false;
         }
 
-        if (null !== $lifetime) {
+        if (null !== $lifetime && $lifetime != ini_get('session.cookie_lifetime')) {
+            $this->save();
             ini_set('session.cookie_lifetime', $lifetime);
+            $this->start();
         }
 
         if ($destroy) {
@@ -225,10 +227,6 @@ public function regenerate(bool $destroy = false, int $lifetime = null)
 
         $isRegenerated = session_regenerate_id($destroy);
 
-        // The reference to $_SESSION in session bags is lost in PHP7 and we need to re-create it.
-        // @see https://bugs.php.net/70013
-        $this->loadSession();
-
         if (null !== $this->emulateSameSite) {
             $originalCookie = SessionUtils::popSessionCookie(session_name(), session_id());
             if (null !== $originalCookie) {
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,7 @@ class AppCustomAuthenticator extends AbstractGuardAuthenticator`
`23`	`23`	`{`
`24`	`24`	`public function supports(Request $request)`
`25`	`25`	`{`
`26`		`- return true;`
	`26`	`+ return '/manual_login' !== $request->getPathInfo() && '/profile' !== $request->getPathInfo();`
`27`	`27`	`}`
`28`	`28`
`29`	`29`	`public function getCredentials(Request $request)`
Original file line number	Diff line number	Diff line change
`@@ -21,4 +21,14 @@ public function testGuarded()`
`21`	`21`
`22`	`22`	`$this->assertSame(418, $client->getResponse()->getStatusCode());`
`23`	`23`	`}`
	`24`	`+`
	`25`	`+ public function testManualLogin()`
	`26`	`+ {`
	`27`	`+ $client = $this->createClient(['debug' => true, 'test_case' => 'Guarded', 'root_config' => 'config.yml']);`
	`28`	`+`
	`29`	`+ $client->request('GET', '/manual_login');`
	`30`	`+ $client->request('GET', '/profile');`
	`31`	`+`
	`32`	`+ $this->assertSame('Username: Jane', $client->getResponse()->getContent());`
	`33`	`+ }`
`24`	`34`	`}`
Original file line number	Diff line number	Diff line change
`@@ -124,7 +124,7 @@ private function updateCspHeaders(Response $response, array $nonces = []): array`
`124`	`124`	`$headers = $this->getCspHeaders($response);`
`125`	`125`
`126`	`126`	`foreach ($headers as $header => $directives) {`
`127`		`- foreach (['script-src' => 'csp_script_nonce', 'style-src' => 'csp_style_nonce'] as $type => $tokenName) {`
	`127`	`+ foreach (['script-src' => 'csp_script_nonce', 'script-src-elem' => 'csp_script_nonce', 'style-src' => 'csp_style_nonce', 'style-src-elem' => 'csp_style_nonce'] as $type => $tokenName) {`
`128`	`128`	`if ($this->authorizesInline($directives, $type)) {`
`129`	`129`	`continue;`
`130`	`130`	`}`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ public function testOnKernelResponse($nonce, $expectedNonce, Request $request, R`
`41`	`41`	`$this->assertFalse($response->headers->has('X-SymfonyProfiler-Style-Nonce'));`
`42`	`42`
`43`	`43`	`foreach ($expectedCsp as $header => $value) {`
`44`		`- $this->assertSame($value, $response->headers->get($header));`
	`44`	`+ $this->assertSame($value, $response->headers->get($header), $header);`
`45`	`45`	`}`
`46`	`46`	`}`
`47`	`47`
`@@ -131,7 +131,7 @@ public function provideRequestAndResponsesForOnKernelResponse()`
`131`	`131`	`['csp_script_nonce' => $nonce, 'csp_style_nonce' => $nonce],`
`132`	`132`	`$this->createRequest(),`
`133`	`133`	`$this->createResponse(['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'']),`
`134`		`- ['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'; style-src \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'; style-src \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'X-Content-Security-Policy' => null],`
	`134`	+ ['Content-Security-Policy' => 'default-src \'self\' domain.com; script-src \'self\' \'unsafe-inline\'; script-src-elem \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src-elem \'self\' domain.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'Content-Security-Policy-Report-Only' => 'default-src \'self\' domain-report-only.com; script-src \'self\' \'unsafe-inline\'; script-src-elem \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'; style-src-elem \'self\' domain-report-only.com \'unsafe-inline\' \'nonce-'.$nonce.'\'', 'X-Content-Security-Policy' => null],
`135`	`135`	`],`
`136`	`136`	`[`
`137`	`137`	`$nonce,`