From 64c2efd8cbabdf88f72352b399676ef914f5e191 Mon Sep 17 00:00:00 2001
From: Robin Chalas <robin.chalas@gmail.com>
Date: Thu, 22 Jun 2017 00:05:03 +0200
Subject: [PATCH] [Security] Fix authentication.failure event not dispatched on
 AccountStatusException

---
 .../AuthenticationProviderManager.php         |  4 +-
 .../AuthenticationProviderManagerTest.php     | 47 +++++++++++++++++++
 2 files changed, 49 insertions(+), 2 deletions(-)

diff --git a/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php b/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php
index 16de8daaeda93..4c0a7459d070c 100644
--- a/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php
+++ b/src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php
@@ -83,9 +83,9 @@ public function authenticate(TokenInterface $token)
                     break;
                 }
             } catch (AccountStatusException $e) {
-                $e->setToken($token);
+                $lastException = $e;
 
-                throw $e;
+                break;
             } catch (AuthenticationException $e) {
                 $lastException = $e;
             }
diff --git a/src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationProviderManagerTest.php b/src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationProviderManagerTest.php
index 9b8105012c3d8..373369d455959 100644
--- a/src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationProviderManagerTest.php
+++ b/src/Symfony/Component/Security/Core/Tests/Authentication/AuthenticationProviderManagerTest.php
@@ -13,6 +13,9 @@
 
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\Security\Core\Authentication\AuthenticationProviderManager;
+use Symfony\Component\Security\Core\AuthenticationEvents;
+use Symfony\Component\Security\Core\Event\AuthenticationEvent;
+use Symfony\Component\Security\Core\Event\AuthenticationFailureEvent;
 use Symfony\Component\Security\Core\Exception\ProviderNotFoundException;
 use Symfony\Component\Security\Core\Exception\AuthenticationException;
 use Symfony\Component\Security\Core\Exception\AccountStatusException;
@@ -124,6 +127,50 @@ public function testEraseCredentialFlag()
         $this->assertEquals('bar', $token->getCredentials());
     }
 
+    public function testAuthenticateDispatchesAuthenticationFailureEvent()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar', 'key');
+        $provider = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface')->getMock();
+        $provider->expects($this->once())->method('supports')->willReturn(true);
+        $provider->expects($this->once())->method('authenticate')->willThrowException($exception = new AuthenticationException());
+
+        $dispatcher = $this->getMockBuilder('Symfony\Component\EventDispatcher\EventDispatcherInterface')->getMock();
+        $dispatcher
+            ->expects($this->once())
+            ->method('dispatch')
+            ->with(AuthenticationEvents::AUTHENTICATION_FAILURE, $this->equalTo(new AuthenticationFailureEvent($token, $exception)));
+
+        $manager = new AuthenticationProviderManager(array($provider));
+        $manager->setEventDispatcher($dispatcher);
+
+        try {
+            $manager->authenticate($token);
+            $this->fail('->authenticate() should rethrow exceptions');
+        } catch (AuthenticationException $e) {
+            $this->assertSame($token, $exception->getToken());
+        }
+    }
+
+    public function testAuthenticateDispatchesAuthenticationSuccessEvent()
+    {
+        $token = new UsernamePasswordToken('foo', 'bar', 'key');
+
+        $provider = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface')->getMock();
+        $provider->expects($this->once())->method('supports')->willReturn(true);
+        $provider->expects($this->once())->method('authenticate')->willReturn($token);
+
+        $dispatcher = $this->getMockBuilder('Symfony\Component\EventDispatcher\EventDispatcherInterface')->getMock();
+        $dispatcher
+            ->expects($this->once())
+            ->method('dispatch')
+            ->with(AuthenticationEvents::AUTHENTICATION_SUCCESS, $this->equalTo(new AuthenticationEvent($token)));
+
+        $manager = new AuthenticationProviderManager(array($provider));
+        $manager->setEventDispatcher($dispatcher);
+
+        $this->assertSame($token, $manager->authenticate($token));
+    }
+
     protected function getAuthenticationProvider($supports, $token = null, $exception = null)
     {
         $provider = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Provider\AuthenticationProviderInterface')->getMock();