CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
LogoutEvent example
$request = $event->getRequest();
if (null !== $this->csrfTokenManager) {
$csrfToken = ParameterBagUtils::getRequestParameterValue($request, $this->options['csrf_parameter']);
if (!\is_string($csrfToken) || false === $this->csrfTokenManager->isTokenValid(new CsrfToken($this->options['csrf_token_id'], $csrfToken))) {
throw new LogoutException('Invalid CSRF token.');
}
}
$logoutEvent = new LogoutEvent($request, $this->tokenStorage->getToken());
$this->eventDispatcher->dispatch($logoutEvent);
if (!$response = $logoutEvent->getResponse()) {
throw new \RuntimeException('No logout listener set the Response, make sure at least the DefaultLogoutListener is registered.');
}
$this->tokenStorage->setToken(null);
$event->setResponse($response);
}
use Symfony\Component\Security\Csrf\TokenStorage\SessionTokenStorage;
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CsrfTokenClearingLogoutListener;
class CsrfTokenClearingLogoutListenerTest extends TestCase
{
public function testSkipsClearingSessionTokenStorageOnStatelessRequest()
{
try {
(new CsrfTokenClearingLogoutListener(
new SessionTokenStorage(new RequestStack())
))->onLogout(new LogoutEvent(new Request(), null));
} catch (SessionNotFoundException) {
$this->fail('clear() must not be called if the request is not associated with a session instance');
}
$this->addToAssertionCount(1);
}
}
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CsrfTokenClearingLogoutListener;
class CsrfTokenClearingLogoutListenerTest extends TestCase
{
public function testSkipsClearingSessionTokenStorageOnStatelessRequest()
{
try {
(new CsrfTokenClearingLogoutListener(
new SessionTokenStorage(new RequestStack())
))->onLogout(new LogoutEvent(new Request(), null));
} catch (SessionNotFoundException) {
$this->fail('clear() must not be called if the request is not associated with a session instance');
}
$this->addToAssertionCount(1);
}
}
use Symfony\Component\Security\Http\EventListener\SessionLogoutListener;
class SessionLogoutListenerTest extends TestCase
{
public function testOnLogoutIfHasNoSession()
{
$request = $this->createMock(Request::class);
$request->method('hasSession')->willReturn(false);
$request->expects($this->never())->method('getSession');
$sessionLogoutListener = new SessionLogoutListener();
$sessionLogoutListener->onLogout(new LogoutEvent($request, null));
}
public function testOnLogoutIfHasSession()
{
$session = $this->createMock(Session::class);
$session->expects($this->once())->method('invalidate');
$request = $this->createMock(Request::class);
$request->method('getSession')->willReturn($session);
$request->method('hasSession')->willReturn(true);
class SessionLogoutListenerTest extends TestCase
{
public function testOnLogoutIfHasNoSession()
{
$request = $this->createMock(Request::class);
$request->method('hasSession')->willReturn(false);
$request->expects($this->never())->method('getSession');
$sessionLogoutListener = new SessionLogoutListener();
$sessionLogoutListener->onLogout(new LogoutEvent($request, null));
}
public function testOnLogoutIfHasSession()
{
$session = $this->createMock(Session::class);
$session->expects($this->once())->method('invalidate');
$request = $this->createMock(Request::class);
$request->method('getSession')->willReturn($session);
$request->method('hasSession')->willReturn(true);
if ($validateCsrfToken) {
if (!$this->container->has('security.csrf.token_manager') || !$logoutConfig = $firewallConfig->getLogout()) {
throw new LogicException(sprintf('Unable to logout with CSRF token validation. Either make sure that CSRF protection is enabled and "logout" is configured on the "%s" firewall, or bypass CSRF token validation explicitly by passing false to the $validateCsrfToken argument of this method.', $firewallConfig->getName()));
}
$csrfToken = ParameterBagUtils::getRequestParameterValue($request, $logoutConfig['csrf_parameter']);
if (!\is_string($csrfToken) || !$this->container->get('security.csrf.token_manager')->isTokenValid(new CsrfToken($logoutConfig['csrf_token_id'], $csrfToken))) {
throw new LogoutException('Invalid CSRF token.');
}
}
$logoutEvent = new LogoutEvent($request, $token);
$this->container->get('security.firewall.event_dispatcher_locator')->get($firewallConfig->getName())->dispatch($logoutEvent);
$tokenStorage->setToken(null);
return $logoutEvent->getResponse();
}
private function getAuthenticator(?string $authenticatorName, string $firewallName): AuthenticatorInterface
{
if (!isset($this->authenticators[$firewallName])) {
throw new LogicException(sprintf('No authenticators found for firewall "%s".', $firewallName));
}
if (!$this->container->has('security.csrf.token_manager') || !$logoutConfig = $firewallConfig->getLogout()) {
throw new LogicException(sprintf('Unable to logout with CSRF token validation. Either make sure that CSRF protection is enabled and "logout" is configured on the "%s" firewall, or bypass CSRF token validation explicitly by passing false to the $validateCsrfToken argument of this method.', $firewallConfig->getName()));
}
$csrfToken = ParameterBagUtils::getRequestParameterValue($request, $logoutConfig['csrf_parameter']);
if (!\is_string($csrfToken) || !$this->container->get('security.csrf.token_manager')->isTokenValid(new CsrfToken($logoutConfig['csrf_token_id'], $csrfToken))) {
throw new LogoutException('Invalid CSRF token.');
}
}
$logoutEvent = new LogoutEvent($request, $token);
$this->container->get('security.firewall.event_dispatcher_locator')->get($firewallConfig->getName())->dispatch($logoutEvent);
$tokenStorage->setToken(null);
return $logoutEvent->getResponse();
}
private function getAuthenticator(?string $authenticatorName, string $firewallName): AuthenticatorInterface
{
if (!isset($this->authenticators[$firewallName])) {
throw new LogicException(sprintf('No authenticators found for firewall "%s".', $firewallName));
}
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener;
class CookieClearingLogoutListenerTest extends TestCase
{
public function testLogout()
{
$response = new Response();
$event = new LogoutEvent(new Request(), null);
$event->setResponse($response);
$listener = new CookieClearingLogoutListener(['foo' => ['path' => '/foo', 'domain' => 'foo.foo', 'secure' => true, 'samesite' => Cookie::SAMESITE_STRICT], 'foo2' => ['path' => null, 'domain' => null]]);
$cookies = $response->headers->getCookies();
$this->assertCount(0, $cookies);
$listener->onLogout($event);
$cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
$this->assertCount(2, $cookies);
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener;
class CookieClearingLogoutListenerTest extends TestCase
{
public function testLogout()
{
$response = new Response();
$event = new LogoutEvent(new Request(), null);
$event->setResponse($response);
$listener = new CookieClearingLogoutListener(['foo' => ['path' => '/foo', 'domain' => 'foo.foo', 'secure' => true, 'samesite' => Cookie::SAMESITE_STRICT], 'foo2' => ['path' => null, 'domain' => null]]);
$cookies = $response->headers->getCookies();
$this->assertCount(0, $cookies);
$listener->onLogout($event);
$cookies = $response->headers->getCookies(ResponseHeaderBag::COOKIES_ARRAY);
$this->assertCount(2, $cookies);
$token = $this->createMock(TokenInterface::class);
$token->method('getUser')->willReturn(new InMemoryUser('foo', 'bar'));
$tokenStorage = $this->createMock(TokenStorageInterface::class);
$tokenStorage->expects($this->once())->method('getToken')->willReturn($token);
$tokenStorage->expects($this->once())->method('setToken')->with(null);
$eventDispatcher = $this->createMock(EventDispatcherInterface::class);
$eventDispatcher
->expects($this->once())
->method('dispatch')
->with(new LogoutEvent($request, $token))
;
$firewallMap = $this->createMock(FirewallMap::class);
$firewallConfig = new FirewallConfig('my_firewall', 'user_checker');
$firewallMap
->expects($this->once())
->method('getFirewallConfig')
->willReturn($firewallConfig)
;
$eventDispatcherLocator = $this->createMock(ContainerInterface::class);
$token->method('getUser')->willReturn(new InMemoryUser('foo', 'bar'));
$tokenStorage = $this->createMock(TokenStorageInterface::class);
$tokenStorage->expects($this->once())->method('getToken')->willReturn($token);
$tokenStorage->expects($this->once())->method('setToken')->with(null);
$eventDispatcher = $this->createMock(EventDispatcherInterface::class);
$eventDispatcher
->expects($this->once())
->method('dispatch')
->with(new LogoutEvent($request, $token))
;
$firewallMap = $this->createMock(FirewallMap::class);
$firewallConfig = new FirewallConfig('my_firewall', 'user_checker');
$firewallMap
->expects($this->once())
->method('getFirewallConfig')
->willReturn($firewallConfig)
;
$eventDispatcherLocator = $this->createMock(ContainerInterface::class);
use Symfony\Component\Security\Http\Event\LogoutEvent;
use Symfony\Component\Security\Http\EventListener\ClearSiteDataLogoutListener;
class ClearSiteDataLogoutListenerTest extends TestCase
{
/** * @dataProvider provideClearSiteDataConfig */
public function testLogout(array $clearSiteDataConfig, string $expectedHeader)
{
$response = new Response();
$event = new LogoutEvent(new Request(), null);
$event->setResponse($response);
$listener = new ClearSiteDataLogoutListener($clearSiteDataConfig);
$headerCountBefore = $response->headers->count();
$listener->onLogout($event);
$this->assertEquals(++$headerCountBefore, $response->headers->count());
$this->assertNotNull($response->headers->get('Clear-Site-Data'));
use Symfony\Component\Security\Http\EventListener\ClearSiteDataLogoutListener;
class ClearSiteDataLogoutListenerTest extends TestCase
{
/** * @dataProvider provideClearSiteDataConfig */
public function testLogout(array $clearSiteDataConfig, string $expectedHeader)
{
$response = new Response();
$event = new LogoutEvent(new Request(), null);
$event->setResponse($response);
$listener = new ClearSiteDataLogoutListener($clearSiteDataConfig);
$headerCountBefore = $response->headers->count();
$listener->onLogout($event);
$this->assertEquals(++$headerCountBefore, $response->headers->count());
$this->assertNotNull($response->headers->get('Clear-Site-Data'));