Merge branch '6.0' into 6.1

derrabus · derrabus · commit d88c30d6117c · 2022-02-08T16:00:08.000+01:00
* 6.0:
  [Mailer] Fix string-cast of exceptions thrown by authenticator in EsmtpTransport
  [Cache] fix error handling
  [Security] Fix wrong authenticator class in debug logs
  43460: add missing validator component turkish translations
  Fix generic type for FormErrorIterator
diff --git a/src/Symfony/Component/Cache/Adapter/AbstractAdapter.php b/src/Symfony/Component/Cache/Adapter/AbstractAdapter.php
@@ -151,7 +151,12 @@ public function commit(): bool
         $retry = $this->deferred = [];
 
         if ($expiredIds) {
-            $this->doDelete($expiredIds);
+            try {
+                $this->doDelete($expiredIds);
+            } catch (\Exception $e) {
+                $ok = false;
+                CacheItem::log($this->logger, 'Failed to delete expired items: '.$e->getMessage(), ['exception' => $e, 'cache-adapter' => get_debug_type($this)]);
+            }
         }
         foreach ($byLifetime as $lifetime => $values) {
             try {
diff --git a/src/Symfony/Component/Cache/Adapter/AbstractTagAwareAdapter.php b/src/Symfony/Component/Cache/Adapter/AbstractTagAwareAdapter.php
@@ -175,7 +175,12 @@ public function commit(): bool
 
         if ($expiredIds) {
             // Tags are not cleaned up in this case, however that is done on invalidateTags().
-            $this->doDelete($expiredIds);
+            try {
+                $this->doDelete($expiredIds);
+            } catch (\Exception $e) {
+                $ok = false;
+                CacheItem::log($this->logger, 'Failed to delete expired items: '.$e->getMessage(), ['exception' => $e, 'cache-adapter' => get_debug_type($this)]);
+            }
         }
         foreach ($byLifetime as $lifetime => $values) {
             try {
@@ -289,8 +294,12 @@ public function invalidateTags(array $tags): bool
             $tagIds[] = $this->getId(self::TAGS_PREFIX.$tag);
         }
 
-        if ($this->doInvalidate($tagIds)) {
-            return true;
+        try {
+            if ($this->doInvalidate($tagIds)) {
+                return true;
+            }
+        } catch (\Exception $e) {
+            CacheItem::log($this->logger, 'Failed to invalidate tags: '.$e->getMessage(), ['exception' => $e, 'cache-adapter' => get_debug_type($this)]);
         }
 
         return false;
diff --git a/src/Symfony/Component/Cache/Adapter/RedisTagAwareAdapter.php b/src/Symfony/Component/Cache/Adapter/RedisTagAwareAdapter.php
@@ -14,6 +14,7 @@
 use Predis\Connection\Aggregate\ClusterInterface;
 use Predis\Connection\Aggregate\PredisCluster;
 use Predis\Connection\Aggregate\ReplicationInterface;
+use Predis\Response\ErrorInterface;
 use Predis\Response\Status;
 use Symfony\Component\Cache\CacheItem;
 use Symfony\Component\Cache\Exception\InvalidArgumentException;
@@ -58,6 +59,7 @@ class RedisTagAwareAdapter extends AbstractTagAwareAdapter
      * detected eviction policy used on Redis server.
      */
     private string $redisEvictionPolicy;
+    private string $namespace;
 
     public function __construct(\Redis|\RedisArray|\RedisCluster|\Predis\ClientInterface|RedisProxy|RedisClusterProxy $redis, string $namespace = '', int $defaultLifetime = 0, MarshallerInterface $marshaller = null)
     {
@@ -76,6 +78,7 @@ public function __construct(\Redis|\RedisArray|\RedisCluster|\Predis\ClientInter
         }
 
         $this->init($redis, $namespace, $defaultLifetime, new TagAwareMarshaller($marshaller));
+        $this->namespace = $namespace;
     }
 
     /**
@@ -159,7 +162,7 @@ protected function doDeleteYieldTags(array $ids): iterable
         });
 
         foreach ($results as $id => $result) {
-            if ($result instanceof \RedisException) {
+            if ($result instanceof \RedisException || $result instanceof ErrorInterface) {
                 CacheItem::log($this->logger, 'Failed to delete key "{key}": '.$result->getMessage(), ['key' => substr($id, \strlen($this->namespace)), 'exception' => $result]);
 
                 continue;
@@ -253,7 +256,7 @@ protected function doInvalidate(array $tagIds): bool
 
         $success = true;
         foreach ($results as $id => $values) {
-            if ($values instanceof \RedisException) {
+            if ($values instanceof \RedisException || $values instanceof ErrorInterface) {
                 CacheItem::log($this->logger, 'Failed to invalidate key "{key}": '.$values->getMessage(), ['key' => substr($id, \strlen($this->namespace)), 'exception' => $values]);
                 $success = false;
 
@@ -302,6 +305,11 @@ private function getRedisEvictionPolicy(): string
 
         foreach ($hosts as $host) {
             $info = $host->info('Memory');
+
+            if ($info instanceof ErrorInterface) {
+                continue;
+            }
+
             $info = $info['Memory'] ?? $info;
 
             return $this->redisEvictionPolicy = $info['maxmemory_policy'];
diff --git a/src/Symfony/Component/Cache/Traits/RedisTrait.php b/src/Symfony/Component/Cache/Traits/RedisTrait.php
@@ -15,6 +15,7 @@
 use Predis\Connection\Aggregate\ClusterInterface;
 use Predis\Connection\Aggregate\RedisCluster;
 use Predis\Connection\Aggregate\ReplicationInterface;
+use Predis\Response\ErrorInterface;
 use Predis\Response\Status;
 use Symfony\Component\Cache\Exception\CacheException;
 use Symfony\Component\Cache\Exception\InvalidArgumentException;
@@ -401,7 +402,7 @@ protected function doClear(string $namespace): bool
             }
 
             $info = $host->info('Server');
-            $info = $info['Server'] ?? $info;
+            $info = !$info instanceof ErrorInterface ? $info['Server'] ?? $info : ['redis_version' => '2.0'];
 
             if (!$host instanceof \Predis\ClientInterface) {
                 $prefix = \defined('Redis::SCAN_PREFIX') && (\Redis::SCAN_PREFIX & $host->getOption(\Redis::OPT_SCAN)) ? '' : $host->getOption(\Redis::OPT_PREFIX);
diff --git a/src/Symfony/Component/Form/FormErrorIterator.php b/src/Symfony/Component/Form/FormErrorIterator.php
@@ -30,8 +30,8 @@
  * @author Bernhard Schussek <bschussek@gmail.com>
  *
  * @implements \ArrayAccess<int, FormError|FormErrorIterator>
- * @implements \RecursiveIterator<int, FormError>
- * @implements \SeekableIterator<int, FormError>
+ * @implements \RecursiveIterator<int, FormError|FormErrorIterator>
+ * @implements \SeekableIterator<int, FormError|FormErrorIterator>
  */
 class FormErrorIterator implements \RecursiveIterator, \SeekableIterator, \ArrayAccess, \Countable
 {
diff --git a/src/Symfony/Component/Mailer/Transport/Smtp/EsmtpTransport.php b/src/Symfony/Component/Mailer/Transport/Smtp/EsmtpTransport.php
@@ -179,7 +179,7 @@ private function handleAuth(array $modes): void
                 }
 
                 // keep the error message, but tries the other authenticators
-                $errors[$authenticator->getAuthKeyword()] = $e;
+                $errors[$authenticator->getAuthKeyword()] = $e->getMessage();
             }
         }
 
diff --git a/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php b/src/Symfony/Component/Security/Http/Authentication/AuthenticatorManager.php
@@ -25,6 +25,7 @@
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\BadgeInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
@@ -145,14 +146,14 @@ private function executeAuthenticators(array $authenticators, Request $request):
             // eagerly (before token storage is initialized), whereas authenticate() is called
             // lazily (after initialization).
             if (false === $authenticator->supports($request)) {
-                $this->logger?->debug('Skipping the "{authenticator}" authenticator as it did not support the request.', ['authenticator' => \get_class($authenticator)]);
+                $this->logger?->debug('Skipping the "{authenticator}" authenticator as it did not support the request.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
 
                 continue;
             }
 
             $response = $this->executeAuthenticator($authenticator, $request);
             if (null !== $response) {
-                $this->logger?->debug('The "{authenticator}" authenticator set the response. Any later authenticator will not be called', ['authenticator' => \get_class($authenticator)]);
+                $this->logger?->debug('The "{authenticator}" authenticator set the response. Any later authenticator will not be called', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
 
                 return $response;
             }
@@ -200,7 +201,7 @@ private function executeAuthenticator(AuthenticatorInterface $authenticator, Req
 
             $this->eventDispatcher->dispatch(new AuthenticationSuccessEvent($authenticatedToken), AuthenticationEvents::AUTHENTICATION_SUCCESS);
 
-            $this->logger?->info('Authenticator successful!', ['token' => $authenticatedToken, 'authenticator' => \get_class($authenticator)]);
+            $this->logger?->info('Authenticator successful!', ['token' => $authenticatedToken, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
         } catch (AuthenticationException $e) {
             // oh no! Authentication failed!
             $response = $this->handleAuthenticationFailure($e, $request, $authenticator, $passport);
@@ -217,7 +218,7 @@ private function executeAuthenticator(AuthenticatorInterface $authenticator, Req
             return $response;
         }
 
-        $this->logger?->debug('Authenticator set no success response: request continues.', ['authenticator' => \get_class($authenticator)]);
+        $this->logger?->debug('Authenticator set no success response: request continues.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
 
         return null;
     }
@@ -242,7 +243,7 @@ private function handleAuthenticationSuccess(TokenInterface $authenticatedToken,
      */
     private function handleAuthenticationFailure(AuthenticationException $authenticationException, Request $request, AuthenticatorInterface $authenticator, ?Passport $passport): ?Response
     {
-        $this->logger?->info('Authenticator failed.', ['exception' => $authenticationException, 'authenticator' => \get_class($authenticator)]);
+        $this->logger?->info('Authenticator failed.', ['exception' => $authenticationException, 'authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
 
         // Avoid leaking error details in case of invalid user (e.g. user not found or invalid account status)
         // to prevent user enumeration via response content comparison
@@ -252,7 +253,7 @@ private function handleAuthenticationFailure(AuthenticationException $authentica
 
         $response = $authenticator->onAuthenticationFailure($request, $authenticationException);
         if (null !== $response && null !== $this->logger) {
-            $this->logger->debug('The "{authenticator}" authenticator set the failure response.', ['authenticator' => \get_class($authenticator)]);
+            $this->logger->debug('The "{authenticator}" authenticator set the failure response.', ['authenticator' => \get_class($authenticator instanceof TraceableAuthenticator ? $authenticator->getAuthenticator() : $authenticator)]);
         }
 
         $this->eventDispatcher->dispatch($loginFailureEvent = new LoginFailureEvent($authenticationException, $authenticator, $request, $response, $this->firewallName, $passport));
diff --git a/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticator.php b/src/Symfony/Component/Security/Http/Authenticator/Debug/TraceableAuthenticator.php
@@ -92,6 +92,14 @@ public function isInteractive(): bool
         return $this->authenticator instanceof InteractiveAuthenticatorInterface && $this->authenticator->isInteractive();
     }
 
+    /**
+     * @internal
+     */
+    public function getAuthenticator(): AuthenticatorInterface
+    {
+        return $this->authenticator;
+    }
+
     public function __call($method, $args)
     {
         return $this->authenticator->{$method}(...$args);
diff --git a/src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticatorManagerTest.php b/src/Symfony/Component/Security/Http/Tests/Authentication/AuthenticatorManagerTest.php
@@ -12,6 +12,8 @@
 namespace Symfony\Component\Security\Http\Tests\Authentication;
 
 use PHPUnit\Framework\TestCase;
+use Psr\Log\AbstractLogger;
+use Psr\Log\LoggerInterface;
 use Symfony\Component\EventDispatcher\EventDispatcher;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
@@ -22,6 +24,7 @@
 use Symfony\Component\Security\Core\Exception\UserNotFoundException;
 use Symfony\Component\Security\Core\User\InMemoryUser;
 use Symfony\Component\Security\Http\Authentication\AuthenticatorManager;
+use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator;
 use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
@@ -310,6 +313,44 @@ public function testAuthenticateRequestHidesInvalidUserExceptions()
         $this->assertSame($this->response, $response);
     }
 
+    public function testLogsUseTheDecoratedAuthenticatorWhenItIsTraceable()
+    {
+        $authenticator = $this->createMock(TestInteractiveAuthenticator::class);
+        $authenticator->expects($this->any())->method('isInteractive')->willReturn(true);
+        $this->request->attributes->set('_security_authenticators', [new TraceableAuthenticator($authenticator)]);
+
+        $authenticator->expects($this->any())->method('authenticate')->willReturn(new SelfValidatingPassport(new UserBadge('wouter', function () { return $this->user; })));
+        $authenticator->expects($this->any())->method('createToken')->willReturn($this->token);
+
+        $this->tokenStorage->expects($this->once())->method('setToken')->with($this->token);
+
+        $authenticator->expects($this->any())
+            ->method('onAuthenticationSuccess')
+            ->with($this->anything(), $this->token, 'main')
+            ->willReturn($this->response);
+
+        $authenticator->expects($this->any())
+            ->method('onAuthenticationSuccess')
+            ->with($this->anything(), $this->token, 'main')
+            ->willReturn($this->response);
+
+        $logger = new class() extends AbstractLogger {
+            public $logContexts = [];
+
+            public function log($level, $message, array $context = []): void
+            {
+                if ($context['authenticator'] ?? false) {
+                    $this->logContexts[] = $context;
+                }
+            }
+        };
+
+        $manager = $this->createManager([$authenticator], 'main', true, [], $logger);
+        $response = $manager->authenticateRequest($this->request);
+        $this->assertSame($this->response, $response);
+        $this->assertStringContainsString('Mock_TestInteractiveAuthenticator', $logger->logContexts[0]['authenticator']);
+    }
+
     private function createAuthenticator($supports = true)
     {
         $authenticator = $this->createMock(TestInteractiveAuthenticator::class);
@@ -318,9 +359,9 @@ private function createAuthenticator($supports = true)
         return $authenticator;
     }
 
-    private function createManager($authenticators, $firewallName = 'main', $eraseCredentials = true, array $requiredBadges = [])
+    private function createManager($authenticators, $firewallName = 'main', $eraseCredentials = true, array $requiredBadges = [], LoggerInterface $logger = null)
     {
-        return new AuthenticatorManager($authenticators, $this->tokenStorage, $this->eventDispatcher, $firewallName, null, $eraseCredentials, true, $requiredBadges);
+        return new AuthenticatorManager($authenticators, $this->tokenStorage, $this->eventDispatcher, $firewallName, $logger, $eraseCredentials, true, $requiredBadges);
     }
 }
 
diff --git a/src/Symfony/Component/Validator/Resources/translations/validators.tr.xlf b/src/Symfony/Component/Validator/Resources/translations/validators.tr.xlf
@@ -390,6 +390,18 @@
                 <source>This value should be a valid expression.</source>
                 <target>Bu değer geçerli bir ifade olmalıdır.</target>
             </trans-unit>
+            <trans-unit id="101">
+                <source>This value is not a valid CSS color.</source>
+                <target>Bu değer geçerli bir CSS rengi değil.</target>
+            </trans-unit>
+            <trans-unit id="102">
+                <source>This value is not a valid CIDR notation.</source>
+                <target>Bu değer geçerli bir CIDR yazımı değil.</target>
+            </trans-unit>
+            <trans-unit id="103">
+                <source>The value of the netmask should be between {{ min }} and {{ max }}.</source>
+                <target>Netmask'in değeri {{ min }} ve {{ max }} arasında olmaldır.</target>
+            </trans-unit>
         </body>
     </file>
 </xliff>

Original file line number	Diff line number	Diff line change
`@@ -30,8 +30,8 @@`
`30`	`30`	`* @author Bernhard Schussek <bschussek@gmail.com>`
`31`	`31`	`*`
`32`	`32`	`* @implements \ArrayAccess<int, FormError\|FormErrorIterator>`
`33`		`- * @implements \RecursiveIterator<int, FormError>`
`34`		`- * @implements \SeekableIterator<int, FormError>`
	`33`	`+ * @implements \RecursiveIterator<int, FormError\|FormErrorIterator>`
	`34`	`+ * @implements \SeekableIterator<int, FormError\|FormErrorIterator>`
`35`	`35`	`*/`
`36`	`36`	`class FormErrorIterator implements \RecursiveIterator, \SeekableIterator, \ArrayAccess, \Countable`
`37`	`37`	`{`
Original file line number	Diff line number	Diff line change
`@@ -179,7 +179,7 @@ private function handleAuth(array $modes): void`
`179`	`179`	`}`
`180`	`180`
`181`	`181`	`// keep the error message, but tries the other authenticators`
`182`		`- $errors[$authenticator->getAuthKeyword()] = $e;`
	`182`	`+ $errors[$authenticator->getAuthKeyword()] = $e->getMessage();`
`183`	`183`	`}`
`184`	`184`	`}`
`185`	`185`
Original file line number	Diff line number	Diff line change
`@@ -92,6 +92,14 @@ public function isInteractive(): bool`
`92`	`92`	`return $this->authenticator instanceof InteractiveAuthenticatorInterface && $this->authenticator->isInteractive();`
`93`	`93`	`}`
`94`	`94`
	`95`	`+ /**`
	`96`	`+ * @internal`
	`97`	`+ */`
	`98`	`+ public function getAuthenticator(): AuthenticatorInterface`
	`99`	`+ {`
	`100`	`+ return $this->authenticator;`
	`101`	`+ }`
	`102`	`+`
`95`	`103`	`public function __call($method, $args)`
`96`	`104`	`{`
`97`	`105`	`return $this->authenticator->{$method}(...$args);`