getFirewallConfig example


        $firewallMap = $this->createMock(FirewallMap::class);

        $firewallMap->expects($this->once())
            ->method('getFirewallConfig')
            ->with($request)
            ->willReturn($expectedFirewallConfig);

        $container = $this->createContainer('security.firewall.map', $firewallMap);

        $security = new Security($container);
        $this->assertSame($expectedFirewallConfig$security->getFirewallConfig($request));
    }

    public static function getFirewallConfigTests()
    {
        $request = new Request();

        yield [$request, null];
        yield [$requestnew FirewallConfig('main', 'acme_user_checker')];
    }

    public function testLogin()
    {
public function testGetListenersWithEmptyMap()
    {
        $request = new Request();

        $map = [];
        $container = $this->createMock(Container::class);
        $container->expects($this->never())->method('get');

        $firewallMap = new FirewallMap($container$map);

        $this->assertEquals([[], null, null]$firewallMap->getListeners($request));
        $this->assertNull($firewallMap->getFirewallConfig($request));
        $this->assertFalse($request->attributes->has(self::ATTRIBUTE_FIREWALL_CONTEXT));
    }

    public function testGetListenersWithInvalidParameter()
    {
        $request = new Request();
        $request->attributes->set(self::ATTRIBUTE_FIREWALL_CONTEXT, 'foo');

        $map = [];
        $container = $this->createMock(Container::class);
        $container->expects($this->never())->method('get');

        
$this->data['access_decision_log'] = $decisionLog;
        } else {
            $this->data['access_decision_log'] = [];
            $this->data['voter_strategy'] = 'unknown';
            $this->data['voters'] = [];
        }

        // collect firewall context information         $this->data['firewall'] = null;
        if ($this->firewallMap instanceof FirewallMap) {
            $firewallConfig = $this->firewallMap->getFirewallConfig($request);
            if (null !== $firewallConfig) {
                $this->data['firewall'] = [
                    'name' => $firewallConfig->getName(),
                    'request_matcher' => $firewallConfig->getRequestMatcher(),
                    'security_enabled' => $firewallConfig->isSecurityEnabled(),
                    'stateless' => $firewallConfig->isStateless(),
                    'provider' => $firewallConfig->getProvider(),
                    'context' => $firewallConfig->getContext(),
                    'entry_point' => $firewallConfig->getEntryPoint(),
                    'access_denied_handler' => $firewallConfig->getAccessDeniedHandler(),
                    'access_denied_url' => $firewallConfig->getAccessDeniedUrl(),
                    
return $this->container->get('security.authorization_checker')
            ->isGranted($attributes$subject);
    }

    public function getToken(): ?TokenInterface
    {
        return $this->container->get('security.token_storage')->getToken();
    }

    public function getFirewallConfig(Request $request): ?FirewallConfig
    {
        return $this->container->get('security.firewall.map')->getFirewallConfig($request);
    }

    /** * @param UserInterface $user The user to authenticate * @param string|null $authenticatorName The authenticator name (e.g. "form_login") or service id (e.g. SomeApiKeyAuthenticator::class) - required only if multiple authenticators are configured * @param string|null $firewallName The firewall name - required only if multiple firewalls are configured * @param BadgeInterface[] $badges Badges to add to the user's passport * * @return Response|null The authenticator success response if any */
    public function login(UserInterface $user, string $authenticatorName = null, string $firewallName = null, array $badges = []): ?Response
    {
private ContainerInterface $locator;
    private RequestStack $requestStack;
    private FirewallMap $firewallMap;

    private function getForFirewall(): object
    {
        $serviceIdentifier = str_replace('FirewallAware', '', static::class);
        if (null === $request = $this->requestStack->getCurrentRequest()) {
            throw new \LogicException('Cannot determine the correct '.$serviceIdentifier.' to use: there is no active Request and so, the firewall cannot be determined. Try using a specific '.$serviceIdentifier.' service.');
        }

        $firewall = $this->firewallMap->getFirewallConfig($request);
        if (!$firewall) {
            throw new \LogicException('No '.$serviceIdentifier.' found as the current route is not covered by a firewall.');
        }

        $firewallName = $firewall->getName();
        if (!$this->locator->has($firewallName)) {
            $message = 'No '.$serviceIdentifier.' found for this firewall.';
            if (\defined(static::class.'::FIREWALL_OPTION')) {
                $message .= sprintf('Did you forget to add a "'.static::FIREWALL_OPTION.'" key under your "%s" firewall?', $firewallName);
            }

            


    /** * @return void */
    public function configureLogoutUrlGenerator(RequestEvent $event)
    {
        if (!$event->isMainRequest()) {
            return;
        }

        if ($this->map instanceof FirewallMap && $config = $this->map->getFirewallConfig($event->getRequest())) {
            $this->logoutUrlGenerator->setCurrentFirewall($config->getName()$config->getContext());
        }
    }

    /** * @return void */
    public function onKernelFinishRequest(FinishRequestEvent $event)
    {
        if ($event->isMainRequest()) {
            $this->logoutUrlGenerator->setCurrentFirewall(null);
        }
// put a token into the storage so the final calls can function         $user = new InMemoryUser('foo', 'pass');
        $token = new UsernamePasswordToken($user, 'provider', ['ROLE_USER']);
        $container->get('functional.test.security.token_storage')->setToken($token);

        $security = $container->get('functional_test.security.helper');
        $this->assertTrue($security->isGranted('ROLE_USER'));
        $this->assertSame($token$security->getToken());
        $request = new Request();
        $request->server->set('REQUEST_URI', '/main/foo');
        $this->assertInstanceOf(FirewallConfig::class$firewallConfig = $security->getFirewallConfig($request));
        $this->assertSame('main', $firewallConfig->getName());
    }

    /** * @dataProvider userWillBeMarkedAsChangedIfRolesHasChangedProvider */
    public function testUserWillBeMarkedAsChangedIfRolesHasChanged(UserInterface $userWithAdminRole, UserInterface $userWithoutAdminRole)
    {
        $client = $this->createClient(['test_case' => 'AbstractTokenCompareRoles', 'root_config' => 'config.yml']);
        $client->disableReboot();

        
private function isImpersonatedUser(): bool
    {
        return $this->tokenStorage->getToken() instanceof SwitchUserToken;
    }

    private function buildExitPath(string $targetUri = null): string
    {
        if (null === ($request = $this->requestStack->getCurrentRequest()) || !$this->isImpersonatedUser()) {
            return '';
        }

        if (null === $switchUserConfig = $this->firewallMap->getFirewallConfig($request)->getSwitchUser()) {
            throw new \LogicException('Unable to generate the impersonate exit URL without a firewall configured for the user switch.');
        }

        $targetUri ??= $request->getRequestUri();

        $targetUri .= (parse_url($targetUri, \PHP_URL_QUERY) ? '&' : '?').http_build_query([$switchUserConfig['parameter'] => SwitchUserListener::EXIT_VALUE], '', '&');

        return $targetUri;
    }
}
Home | Imprint | This part of the site doesn't use cookies.