Description
| Q | A |
|---|---|
| Bug report? | yes |
| Feature request? | no |
| BC Break report? | no |
| RFC? | no |
| Symfony version | 3.3 |
The new Guard system doesn't support refreshing users when they change (i.e. reloading roles), instead forcing the user to be logged out when something changes.
authenticate function in GuardAuthenticationProvider.php, specifically detects we have a PostAuthenticationGuardToken, and throws an AuthenticationExpiredException. This doesn't allow us to update parts of the user, that should normally just cause the user to be refreshed in the security token (if I understand the code correctly).
Previously, when using Authenticators and not Guard, a change to the user would cause the security token to be refreshed. Now it causes an AuthenticationExpiredException exception which forces a logout.
Not all systems want, or can, use remember_me cookies to allow a logout to then reauthenticate the user when things change. This worked before Guard, so not having it working in Guard is really inconvenient.
Symfony\Component\Security\Core\Exception\AuthenticationExpiredException:
at vendor/symfony/symfony/src/Symfony/Component/Security/Guard/Provider/GuardAuthenticationProvider.php:86
at Symfony\Component\Security\Guard\Provider\GuardAuthenticationProvider->authenticate(object(PostAuthenticationGuardToken))
(vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php:80)
at Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager->authenticate(object(PostAuthenticationGuardToken))
(vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/AccessListener.php:65)
at Symfony\Component\Security\Http\Firewall\AccessListener->handle(object(GetResponseEvent))
(vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall.php:69)
at Symfony\Component\Security\Http\Firewall->onKernelRequest(object(GetResponseEvent))
(vendor/symfony/symfony/src/Symfony/Bundle/SecurityBundle/EventListener/FirewallListener.php:48)
at Symfony\Bundle\SecurityBundle\EventListener\FirewallListener->onKernelRequest(object(GetResponseEvent))
(var/cache/dev/appDevDebugProjectContainer.php:1367)
at appDevDebugProjectContainer->{closure}(object(GetResponseEvent), 'kernel.request', object(TraceableEventDispatcher))
at call_user_func(object(Closure), object(GetResponseEvent), 'kernel.request', object(TraceableEventDispatcher))
(vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/WrappedListener.php:112)
at Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object(GetResponseEvent), 'kernel.request', object(ContainerAwareEventDispatcher))
at call_user_func(object(WrappedListener), object(GetResponseEvent), 'kernel.request', object(ContainerAwareEventDispatcher))
(vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php:174)
at Symfony\Component\EventDispatcher\EventDispatcher->doDispatch(array(object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener), object(WrappedListener)), 'kernel.request', object(GetResponseEvent))
(vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/EventDispatcher.php:43)
at Symfony\Component\EventDispatcher\EventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
(vendor/symfony/symfony/src/Symfony/Component/EventDispatcher/Debug/TraceableEventDispatcher.php:146)
at Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch('kernel.request', object(GetResponseEvent))
(vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php:129)
at Symfony\Component\HttpKernel\HttpKernel->handleRaw(object(Request), 1)
(vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpKernel.php:68)
at Symfony\Component\HttpKernel\HttpKernel->handle(object(Request), 1, true)
(vendor/symfony/symfony/src/Symfony/Component/HttpKernel/Kernel.php:171)
at Symfony\Component\HttpKernel\Kernel->handle(object(Request))
(app_dev.php:25)