LogoutEvent example


        $request = $event->getRequest();

        if (null !== $this->csrfTokenManager) {
            $csrfToken = ParameterBagUtils::getRequestParameterValue($request$this->options['csrf_parameter']);

            if (!\is_string($csrfToken) || false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['csrf_token_id']$csrfToken))) {
                throw new LogoutException('Invalid CSRF token.');
            }
        }

        $logoutEvent = new LogoutEvent($request$this->tokenStorage->getToken());
        $this->eventDispatcher->dispatch($logoutEvent);

        if (!$response = $logoutEvent->getResponse()) {
            throw new \RuntimeException('No logout listener set the Response, make sure at least the DefaultLogoutListener is registered.');
        }

        $this->tokenStorage->setToken(null);

        $event->setResponse($response);
    }

    
use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage;
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CsrfTokenClearingLogoutListener;

class CsrfTokenClearingLogoutListenerTest extends TestCase
{
    public function testSkipsClearingSessionTokenStorageOnStatelessRequest()
    {
        try {
            (new CsrfTokenClearingLogoutListener(
                new SessionTokenStorage(new RequestStack())
            ))->onLogout(new LogoutEvent(new Request(), null));
        } catch (SessionNotFoundException) {
            $this->fail('clear() must not be called if the request is not associated with a session instance');
        }

        $this->addToAssertionCount(1);
    }
}
use Symfony\Component\Security\Http\EventListener\SessionLogoutListener;

class SessionLogoutListenerTest extends TestCase
{
    public function testOnLogoutIfHasNoSession()
    {
        $request = $this->createMock(Request::class);
        $request->method('hasSession')->willReturn(false);
        $request->expects($this->never())->method('getSession');

        $sessionLogoutListener = new SessionLogoutListener();
        $sessionLogoutListener->onLogout(new LogoutEvent($request, null));
    }

    public function testOnLogoutIfHasSession()
    {
        $session = $this->createMock(Session::class);
        $session->expects($this->once())->method('invalidate');

        $request = $this->createMock(Request::class);
        $request->method('getSession')->willReturn($session);
        $request->method('hasSession')->willReturn(true);

        
if ($validateCsrfToken) {
            if (!$this->container->has('security.csrf.token_manager') || !$logoutConfig = $firewallConfig->getLogout()) {
                throw new LogicException(sprintf('Unable to logout with CSRF token validation. Either make sure that CSRF protection is enabled and "logout" is configured on the "%s" firewall, or bypass CSRF token validation explicitly by passing false to the $validateCsrfToken argument of this method.', $firewallConfig->getName()));
            }
            $csrfToken = ParameterBagUtils::getRequestParameterValue($request$logoutConfig['csrf_parameter']);
            if (!\is_string($csrfToken) || !$this->container->get('security.csrf.token_manager')->isTokenValid(new CsrfToken($logoutConfig['csrf_token_id']$csrfToken))) {
                throw new LogoutException('Invalid CSRF token.');
            }
        }

        $logoutEvent = new LogoutEvent($request$token);
        $this->container->get('security.firewall.event_dispatcher_locator')->get($firewallConfig->getName())->dispatch($logoutEvent);

        $tokenStorage->setToken(null);

        return $logoutEvent->getResponse();
    }

    private function getAuthenticator(?string $authenticatorName, string $firewallName): AuthenticatorInterface
    {
        if (!isset($this->authenticators[$firewallName])) {
            throw new LogicException(sprintf('No authenticators found for firewall "%s".', $firewallName));
        }
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener;

class CookieClearingLogoutListenerTest extends TestCase
{
    public function testLogout()
    {
        $response = new Response();
        $event = new LogoutEvent(new Request(), null);
        $event->setResponse($response);

        $listener = new CookieClearingLogoutListener(['foo' => ['path' => '/foo', 'domain' => 'foo.foo', 'secure' => true, 'samesite' => Cookie::SAMESITE_STRICT], 'foo2' => ['path' => null, 'domain' => null]]);

        $cookies = $response->headers->getCookies();
        $this->assertCount(0, $cookies);

        $listener->onLogout($event);

        $cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
        $this->assertCount(2, $cookies);

        
$token = $this->createMock(TokenInterface::class);
        $token->method('getUser')->willReturn(new InMemoryUser('foo', 'bar'));
        $tokenStorage = $this->createMock(TokenStorageInterface::class);
        $tokenStorage->expects($this->once())->method('getToken')->willReturn($token);
        $tokenStorage->expects($this->once())->method('setToken')->with(null);

        $eventDispatcher = $this->createMock(EventDispatcherInterface::class);
        $eventDispatcher
            ->expects($this->once())
            ->method('dispatch')
            ->with(new LogoutEvent($request$token))
        ;

        $firewallMap = $this->createMock(FirewallMap::class);
        $firewallConfig = new FirewallConfig('my_firewall', 'user_checker');
        $firewallMap
            ->expects($this->once())
            ->method('getFirewallConfig')
            ->willReturn($firewallConfig)
        ;

        $eventDispatcherLocator = $this->createMock(ContainerInterface::class);
        
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\ClearSiteDataLogoutListener;

class ClearSiteDataLogoutListenerTest extends TestCase
{
    /** * @dataProvider provideClearSiteDataConfig */
    public function testLogout(array $clearSiteDataConfig, string $expectedHeader)
    {
        $response = new Response();
        $event = new LogoutEvent(new Request(), null);
        $event->setResponse($response);

        $listener = new ClearSiteDataLogoutListener($clearSiteDataConfig);

        $headerCountBefore = $response->headers->count();

        $listener->onLogout($event);

        $this->assertEquals(++$headerCountBefore$response->headers->count());

        $this->assertNotNull($response->headers->get('Clear-Site-Data'));
        
Home | Imprint | This part of the site doesn't use cookies.