Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[SecurityBundle] Move Anonymous DI integration to new AnonymousFactory#33503
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
e152c11 to4be4d94Compare4be4d94 to0da2761Compare
linaori left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
It looks like the tests are still green after changing this, so feature wise it indeed doesn't change anything. 👍 from my side as this will indeed improve the internal code and no longer handles anonymous as an exceptional case.
One question though, what ifafter this factory, a custom factory is added?
wouterj commentedSep 10, 2019
Given no listener/provider from the earlier factories could authenticate the request, there are 2 cases: If anonymous is enabled in the firewall, the listener/provider of that factory would not be called (anonymous is able to authenticate any request). If anonymous is disabled, it'll just be called at the end. |
fabpot commentedSep 11, 2019
Thank you@wouterj. |
…AnonymousFactory (wouterj)This PR was merged into the 4.4 branch.Discussion----------[SecurityBundle] Move Anonymous DI integration to new AnonymousFactory| Q | A| ------------- | ---| Branch? | 4.4| Bug fix? | no| New feature? | no| BC breaks? | no| Deprecations? | no| Tests pass? | yes| Fixed tickets | -| License | MIT| Doc PR | n/aFor some reason, all security authentication providers/listeners have a `SecurityFactory` that adds configuration and registers the necessary services, except from anonymous security. I'm not sure why that has not been done. The only thing I can think of is making sure it is added to the end.I've added a new "internal" factory position, to make sure it is always the last registered provider and moved everything to a new `AnonymousFactory`.Nothing changes on the usage side, but it makes internal code a bit easier to understand and makes sure we don't break anything while refactoring the `SecurityExtension` in the future.Commits-------0da2761 Move Anonymous config to a SecurityFactory
…nymous listener (chalasr)This PR was merged into the 4.4 branch.Discussion----------[SecurityBundle] Don't require a user provider for the anonymous listener| Q | A| ------------- | ---| Branch? | 4.4| Bug fix? | yes| New feature? | no| Deprecations? | no| Tickets |Fix#34504| License | MIT| Doc PR | -Forgotten when adding the AnonymousFactory in#33503Commits-------0950cfb [SecurityBundle] Don't require a user provider for the anonymous listener
This was incorrectly copied in PRsymfony#33503
…martijnboers)This PR was merged into the 4.4 branch.Discussion----------[SecurityBundle] Use config variable in AnonymousFactory| Q | A| ------------- | ---| Branch? | 4.4 and 5.0| Bug fix? | yes| New feature? | no| Deprecations? | no| Tickets | -| License | MITIt looks like the `AnonymousFactory` was copied incorrectly in#33503 as it uses the old `$firewall` variable available in `SecurityExtension.php`. Changing this to `$config` yields the desired resultsCommits-------8d850d2 When set, get secret from config variable
This was incorrectly copied in PRsymfony/symfony#33503
Uh oh!
There was an error while loading.Please reload this page.
For some reason, all security authentication providers/listeners have a
SecurityFactorythat adds configuration and registers the necessary services, except from anonymous security. I'm not sure why that has not been done. The only thing I can think of is making sure it is added to the end.I've added a new "internal" factory position, to make sure it is always the last registered provider and moved everything to a new
AnonymousFactory.Nothing changes on the usage side, but it makes internal code a bit easier to understand and makes sure we don't break anything while refactoring the
SecurityExtensionin the future.