Skip to content

[2.2][Security] AuthenticationException enhancements #4935

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 17 commits into from
Jan 10, 2013
Merged

[2.2][Security] AuthenticationException enhancements #4935

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
694c47c
[Security] Change signature of `AuthenticationException` to match `\E…
asm89 Jul 15, 2012
ed6eed4
[Security] Add `getMessageKey` and `getMessageData` to auth exceptions
asm89 Jul 15, 2012
963a1d7
[Security] Add initial translations for the exceptions
asm89 Jul 15, 2012
42cced4
[Security] Fix AuthenticationException constructor calls
asm89 Jul 15, 2012
79430b8
[Security] Fix AuthenticationServiceException constructor calls
asm89 Jul 15, 2012
1147977
[Security] Fix InsufficientAuthenticationException constructor calls
asm89 Jul 15, 2012
50e2cfc
[Security] Add custom `getMessageKey` AccountStatusException childs
asm89 Jul 15, 2012
0038fbb
[Security] Add initial translations for AccountStatusException childs
asm89 Jul 15, 2012
d7129b9
[Security] Fix exception constructors called in `UserChecker`
asm89 Jul 15, 2012
d6c57cf
[FrameworkBundle] Register security exception translations
asm89 Jul 15, 2012
837ae15
[Security] Add note about changed constructor to changelog
asm89 Jul 15, 2012
39da27a
[Security] Removed `get/setExtraInformation`, added `get/set(Token|Us…
asm89 Jul 15, 2012
50d5724
[Security] Introduced `UsernameNotFoundException#get/setUsername`
asm89 Jul 15, 2012
2d7a7ba
[Security] Fix `AuthenticationException` serialization
asm89 Jul 15, 2012
aa74769
[Security] Fix CS + unreachable code
asm89 Jan 7, 2013
324703a
[Security] Switch to English messages as message keys
asm89 Jan 7, 2013
73db84f
[Security] Move translations file to 'security' domain
asm89 Jan 7, 2013
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -527,6 +527,11 @@ private function registerTranslatorConfiguration(array $config, ContainerBuilder

$dirs[] = dirname($r->getFilename()).'/Resources/translations';
}
if (class_exists('Symfony\Component\Security\Core\Exception\AuthenticationException')) {
$r = new \ReflectionClass('Symfony\Component\Security\Core\Exception\AuthenticationException');

$dirs[] = dirname($r->getFilename()).'/../../Resources/translations';
}
$overridePath = $container->getParameter('kernel.root_dir').'/Resources/%s/translations';
foreach ($container->getParameter('kernel.bundles') as $bundle => $class) {
$reflection = new \ReflectionClass($class);
Expand Down
5 changes: 5 additions & 0 deletions src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -205,6 +205,11 @@ public function testTranslator()
$files,
'->registerTranslatorConfiguration() finds Form translation resources'
);
$this->assertContains(
'Symfony/Component/Security/Resources/translations/security.en.xlf',
$files,
'->registerTranslatorConfiguration() finds Security translation resources'
);

$calls = $container->getDefinition('translator.default')->getMethodCalls();
$this->assertEquals('fr', $calls[0][1][0]);
Expand Down
3 changes: 2 additions & 1 deletion src/Symfony/Bundle/FrameworkBundle/composer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,8 @@
"doctrine/common": ">=2.2,<2.4-dev"
},
"require-dev": {
"symfony/finder": "2.2.*"
"symfony/finder": "2.2.*",
"symfony/security": "2.2.*"
},
"suggest": {
"symfony/console": "2.2.*",
Expand Down
5 changes: 5 additions & 0 deletions src/Symfony/Component/Security/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,3 +34,8 @@ CHANGELOG
`AbstractAuthenticationListener` has changed.
* [BC BREAK] moved the default logout success handling to a separate class. The
order of arguments in the constructor of `LogoutListener` has changed.
* [BC BREAK] The constructor of `AuthenticationException` and all child
classes now matches the constructor of `\Exception`. The extra information
getters and setters are removed. There are now dedicated getters/setters for
token (`AuthenticationException'), user (`AccountStatusException`) and
username (`UsernameNotFoundException`).
4 changes: 2 additions & 2 deletions src/Symfony/Component/Security/Core/Authentication/AuthenticationProviderManager.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ public function authenticate(TokenInterface $token)
break;
}
} catch (AccountStatusException $e) {
$e->setExtraInformation($token);
$e->setToken($token);

throw $e;
} catch (AuthenticationException $e) {
Expand Down Expand Up @@ -105,7 +105,7 @@ public function authenticate(TokenInterface $token)
$this->eventDispatcher->dispatch(AuthenticationEvents::AUTHENTICATION_FAILURE, new AuthenticationFailureEvent($token, $lastException));
}

$lastException->setExtraInformation($token);
$lastException->setToken($token);

throw $lastException;
}
Expand Down
5 changes: 4 additions & 1 deletion src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,12 @@ protected function retrieveUser($username, UsernamePasswordToken $token)

return $user;
} catch (UsernameNotFoundException $notFound) {
$notFound->setUsername($username);
throw $notFound;
} catch (\Exception $repositoryProblem) {
throw new AuthenticationServiceException($repositoryProblem->getMessage(), $token, 0, $repositoryProblem);
$ex = new AuthenticationServiceException($repositoryProblem->getMessage(), 0, $repositoryProblem);
$ex->setToken($token);
throw $ex;
}
}
}
1 change: 1 addition & 0 deletions src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ public function authenticate(TokenInterface $token)
if ($this->hideUserNotFoundExceptions) {
throw new BadCredentialsException('Bad credentials', 0, $notFound);
}
$notFound->setUsername($username);

throw $notFound;
}
Expand Down
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/AccountExpiredException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* AccountExpiredException is thrown when the user account has expired.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class AccountExpiredException extends AccountStatusException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Account has expired.';
}
}
45 changes: 45 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/AccountStatusException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,57 @@

namespace Symfony\Component\Security\Core\Exception;

use Symfony\Component\Security\Core\User\UserInterface;

/**
* AccountStatusException is the base class for authentication exceptions
* caused by the user account status.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
abstract class AccountStatusException extends AuthenticationException
{
private $user;

/**
* Get the user.
*
* @return UserInterface
*/
public function getUser()
{
return $this->user;
}

/**
* Set the user.
*
* @param UserInterface $user
*/
public function setUser(UserInterface $user)
{
$this->user = $user;
}

/**
* {@inheritDoc}
*/
public function serialize()
{
return serialize(array(
$this->user,
parent::serialize(),
));
}

/**
* {@inheritDoc}
*/
public function unserialize($str)
{
list($this->user, $parentData) = unserialize($str);

parent::unserialize($parentData);
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/AuthenticationCredentialsNotFoundException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,15 @@
* because no Token is available.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class AuthenticationCredentialsNotFoundException extends AuthenticationException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Authentication credentials could not be found.';
}
}
54 changes: 40 additions & 14 deletions src/Symfony/Component/Security/Core/Exception/AuthenticationException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,36 +11,42 @@

namespace Symfony\Component\Security\Core\Exception;

use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;

/**
* AuthenticationException is the base class for all authentication exceptions.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class AuthenticationException extends \RuntimeException implements \Serializable
{
private $extraInformation;

public function __construct($message, $extraInformation = null, $code = 0, \Exception $previous = null)
{
parent::__construct($message, $code, $previous);
private $token;

$this->extraInformation = $extraInformation;
}

public function getExtraInformation()
/**
* Get the token.
*
* @return TokenInterface
*/
public function getToken()
{
return $this->extraInformation;
return $this->token;
}

public function setExtraInformation($extraInformation)
/**
* Set the token.
*
* @param TokenInterface $token
*/
public function setToken(TokenInterface $token)
{
$this->extraInformation = $extraInformation;
$this->token = $token;
}

public function serialize()
{
return serialize(array(
$this->extraInformation,
$this->token,
$this->code,
$this->message,
$this->file,
Expand All @@ -51,11 +57,31 @@ public function serialize()
public function unserialize($str)
{
list(
$this->extraInformation,
$this->token,
$this->code,
$this->message,
$this->file,
$this->line
) = unserialize($str);
}

/**
* Message key to be used by the translation component.
*
* @return string
*/
public function getMessageKey()
{
return 'An authentication exception occurred.';
}

/**
* Message data to be used by the translation component.
*
* @return array
*/
public function getMessageData()
{
return array();
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/AuthenticationServiceException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* AuthenticationServiceException is thrown when an authentication request could not be processed due to a system problem.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class AuthenticationServiceException extends AuthenticationException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Authentication request could not be processed due to a system problem.';
}
}
8 changes: 6 additions & 2 deletions src/Symfony/Component/Security/Core/Exception/BadCredentialsException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,15 @@
* BadCredentialsException is thrown when the user credentials are invalid.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class BadCredentialsException extends AuthenticationException
{
public function __construct($message, $code = 0, \Exception $previous = null)
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
parent::__construct($message, null, $code, $previous);
return 'Invalid credentials.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/CookieTheftException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,15 @@
* detects that a presented cookie has already been used by someone else.
*
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class CookieTheftException extends AuthenticationException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Cookie has already been used by someone else.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/CredentialsExpiredException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* CredentialsExpiredException is thrown when the user account credentials have expired.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class CredentialsExpiredException extends AccountStatusException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Credentials have expired.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/DisabledException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* DisabledException is thrown when the user account is disabled.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class DisabledException extends AccountStatusException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Account is disabled.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/InsufficientAuthenticationException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,15 @@
* This is the case when a user is anonymous and the resource to be displayed has an access role.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class InsufficientAuthenticationException extends AuthenticationException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Not privileged to request the resource.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/InvalidCsrfTokenException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* This exception is thrown when the csrf token is invalid.
*
* @author Johannes M. Schmitt <schmittjoh@gmail.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class InvalidCsrfTokenException extends AuthenticationException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Invalid CSRF token.';
}
}
8 changes: 8 additions & 0 deletions src/Symfony/Component/Security/Core/Exception/LockedException.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,15 @@
* LockedException is thrown if the user account is locked.
*
* @author Fabien Potencier <fabien@symfony.com>
* @author Alexander <iam.asm89@gmail.com>
*/
class LockedException extends AccountStatusException
{
/**
* {@inheritDoc}
*/
public function getMessageKey()
{
return 'Account is locked.';
}
}
Loading