NotificationsYou must be signed in to change notification settings
Fork9.7k
Star30.8k

Commitcd900b6

Robert Kopera

committed

[Security] added support for updated "distinguished name" format in x509 authentication

RFC 2253 (https://tools.ietf.org/html/rfc2253)issue:#31406

1 parent519ba3c commitcd900b6Copy full SHA for cd900b6

File tree

2 files changed

+11

-7

lines changed

src/Symfony/Component/Security/Http
- Firewall
  - X509AuthenticationListener.php
- Tests/Firewall
  - X509AuthenticationListenerTest.php

2 files changed

+11

-7

lines changed

`‎src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php‎`

Lines changed: 4 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -44,7 +44,10 @@ protected function getPreAuthenticatedData(Request $request)`
`44`	`44`	`$user =null;`
`45`	`45`	`if ($request->server->has($this->userKey)) {`
`46`	`46`	`$user =$request->server->get($this->userKey);`
`47`		`- }elseif ($request->server->has($this->credentialKey) &&preg_match('#/emailAddress=(.+\@.+\..+)(/\|$)#',$request->server->get($this->credentialKey),$matches)) {`
	`47`	`+ }elseif ($request->server->has($this->credentialKey) && (`
	`48`	`+preg_match('#/emailAddress=(.+\@.+\..+)(/\|$)#',$request->server->get($this->credentialKey),$matches)`
	`49`	`+ \|\|preg_match('/emailAddress=(.+\@.+\.[^,]*)/',$request->server->get($this->credentialKey),$matches)`
	`50`	`+ )) {`
`48`	`51`	`$user =$matches[1];`
`49`	`52`	`}`
`50`	`53`

`‎src/Symfony/Component/Security/Http/Tests/Firewall/X509AuthenticationListenerTest.php‎`

Lines changed: 7 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -56,9 +56,8 @@ public static function dataProviderGetPreAuthenticatedData()`
`56`	`56`	`/**`
`57`	`57`	`* @dataProvider dataProviderGetPreAuthenticatedDataNoUser`
`58`	`58`	`*/`
`59`		`-publicfunctiontestGetPreAuthenticatedDataNoUser($emailAddress)`
	`59`	`+publicfunctiontestGetPreAuthenticatedDataNoUser($emailAddress,$credentials)`
`60`	`60`	`{`
`61`		`-$credentials ='CN=Sample certificate DN/emailAddress='.$emailAddress;`
`62`	`61`	`$request =newRequest([], [], [], [], [], ['SSL_CLIENT_S_DN' =>$credentials]);`
`63`	`62`
`64`	`63`	`$tokenStorage =$this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface')->getMock();`
`@@ -76,10 +75,12 @@ public function testGetPreAuthenticatedDataNoUser($emailAddress)`
`76`	`75`
`77`	`76`	`publicstaticfunctiondataProviderGetPreAuthenticatedDataNoUser()`
`78`	`77`	`{`
`79`		`-return [`
`80`		`-'basicEmailAddress' => ['cert@example.com'],`
`81`		`-'emailAddressWithPlusSign' => ['cert+something@example.com'],`
`82`		`- ];`
	`78`	`+yield ['cert@example.com','CN=Sample certificate DN/emailAddress=cert@example.com'];`
	`79`	`+yield ['cert+something@example.com','CN=Sample certificate DN/emailAddress=cert+something@example.com'];`
	`80`	`+yield ['cert@example.com','CN=Sample certificate DN,emailAddress=cert@example.com'];`
	`81`	`+yield ['cert+something@example.com','CN=Sample certificate DN,emailAddress=cert+something@example.com'];`
	`82`	`+yield ['cert+something@example.com','emailAddress=cert+something@example.com,CN=Sample certificate DN'];`
	`83`	`+yield ['cert+something@example.com','emailAddress=cert+something@example.com'];`
`83`	`84`	`}`
`84`	`85`
`85`	`86`	`/**`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commitcd900b6

File tree

2 files changed

2 files changed

`‎src/Symfony/Component/Security/Http/Firewall/X509AuthenticationListener.php‎`

`‎src/Symfony/Component/Security/Http/Tests/Firewall/X509AuthenticationListenerTest.php‎`

0 commit comments