CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getOriginalToken example
$this->userChecker->expects($this->once())
->method('checkPostAuth')->with($targetsUser);
$listener = new SwitchUserListener($tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', null, false);
$listener($this->event);
$this->assertSame([], $this->request->query->all());
$this->assertSame('', $this->request->server->get('QUERY_STRING'));
$this->assertInstanceOf(SwitchUserToken::class, $tokenStorage->getToken());
$this->assertSame('kuba', $tokenStorage->getToken()->getUserIdentifier());
$this->assertSame($originalToken, $tokenStorage->getToken()->getOriginalToken());
}
public function testSwitchUserWorksWithFalsyUsernames()
{
$token = new UsernamePasswordToken(new InMemoryUser('kuba', '', ['ROLE_FOO']), 'key', ['ROLE_FOO']);
$this->tokenStorage->setToken($token);
$this->request->query->set('_switch_user', '0');
$this->userProvider->createUser($user = new InMemoryUser('0', null));
->method('checkPostAuth')->with($targetsUser);
$listener = new SwitchUserListener($tokenStorage, $this->userProvider, $this->userChecker, 'provider123', $this->accessDecisionManager, null, '_switch_user', 'ROLE_ALLOWED_TO_SWITCH', null, false);
$listener($this->event);
$this->assertSame([], $this->request->query->all());
$this->assertSame('', $this->request->server->get('QUERY_STRING'));
$this->assertInstanceOf(SwitchUserToken::class, $tokenStorage->getToken());
$this->assertSame('kuba', $tokenStorage->getToken()->getUserIdentifier());
$this->assertSame($originalToken, $tokenStorage->getToken()->getOriginalToken());
}
public function testSwitchUserWorksWithFalsyUsernames()
{
$token = new UsernamePasswordToken(new InMemoryUser('kuba', '', ['ROLE_FOO']), 'key', ['ROLE_FOO']);
$this->tokenStorage->setToken($token);
$this->request->query->set('_switch_user', '0');
$this->userProvider->createUser($user = new InMemoryUser('0', null));
'user' => '',
'roles' => [],
'inherited_roles' => [],
'supports_role_hierarchy' => null !== $this->roleHierarchy,
];
} else {
$inheritedRoles = [];
$assignedRoles = $token->getRoleNames();
$impersonatorUser = null;
if ($token instanceof SwitchUserToken) {
$originalToken = $token->getOriginalToken();
$impersonatorUser = $originalToken->getUserIdentifier();
}
if (null !== $this->roleHierarchy) {
foreach ($this->roleHierarchy->getReachableRoleNames($assignedRoles) as $role) {
if (!\in_array($role, $assignedRoles, true)) {
$inheritedRoles[] = $role;
}
}
}
'roles' => [],
'inherited_roles' => [],
'supports_role_hierarchy' => null !== $this->roleHierarchy,
];
} else {
$inheritedRoles = [];
$assignedRoles = $token->getRoleNames();
$impersonatorUser = null;
if ($token instanceof SwitchUserToken) {
$originalToken = $token->getOriginalToken();
$impersonatorUser = $originalToken->getUserIdentifier();
}
if (null !== $this->roleHierarchy) {
foreach ($this->roleHierarchy->getReachableRoleNames($assignedRoles) as $role) {
if (!\in_array($role, $assignedRoles, true)) {
$inheritedRoles[] = $role;
}
}
}
/** * Attempts to switch to another user and returns the new token if successfully switched. * * @throws \LogicException * @throws AccessDeniedException */
private function attemptSwitchUser(Request $request, string $username): ?TokenInterface
{
$token = $this->tokenStorage->getToken();
$originalToken = $this->getOriginalToken($token);
if (null !== $originalToken) {
if ($token->getUserIdentifier() === $username) {
return $token;
}
// User already switched, exit before seamlessly switching to another user $token = $this->attemptExitUser($request);
}
$currentUsername = $token->getUserIdentifier();
$this->logger?->debug('Cannot refresh token because user has changed.', ['username' => $refreshedUser->getUserIdentifier(), 'provider' => $provider::class]);
continue;
}
$token->setUser($refreshedUser);
if (null !== $this->logger) {
$context = ['provider' => $provider::class, 'username' => $refreshedUser->getUserIdentifier()];
if ($token instanceof SwitchUserToken) {
$originalToken = $token->getOriginalToken();
$context['impersonator_username'] = $originalToken->getUserIdentifier();
}
$this->logger->debug('User was reloaded from a user provider.', $context);
}
return $token;
} catch (UnsupportedUserException) {
// let's try the next user provider } catch (UserNotFoundException $e) {
$this->logger?->warning('Username could not be found in the selected user provider.', ['username' => $e->getUserIdentifier(), 'provider' => $provider::class]);
continue;
}
$token->setUser($refreshedUser);
if (null !== $this->logger) {
$context = ['provider' => $provider::class, 'username' => $refreshedUser->getUserIdentifier()];
if ($token instanceof SwitchUserToken) {
$originalToken = $token->getOriginalToken();
$context['impersonator_username'] = $originalToken->getUserIdentifier();
}
$this->logger->debug('User was reloaded from a user provider.', $context);
}
return $token;
} catch (UnsupportedUserException) {
// let's try the next user provider } catch (UserNotFoundException $e) {
$this->logger?->warning('Username could not be found in the selected user provider.', ['username' => $e->getUserIdentifier(), 'provider' => $provider::class]);
$originalToken = new UsernamePasswordToken(new InMemoryUser('user', 'foo', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']), 'provider-key', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']);
$token = new SwitchUserToken(new InMemoryUser('admin', 'bar', ['ROLE_USER']), 'provider-key', ['ROLE_USER'], $originalToken, 'https://symfony.com/blog');
$unserializedToken = unserialize(serialize($token));
$this->assertInstanceOf(SwitchUserToken::class, $unserializedToken);
$this->assertSame('admin', $unserializedToken->getUserIdentifier());
$this->assertSame('provider-key', $unserializedToken->getFirewallName());
$this->assertEquals(['ROLE_USER'], $unserializedToken->getRoleNames());
$this->assertSame('https://symfony.com/blog', $unserializedToken->getOriginatedFromUri());
$unserializedOriginalToken = $unserializedToken->getOriginalToken();
$this->assertInstanceOf(UsernamePasswordToken::class, $unserializedOriginalToken);
$this->assertSame('user', $unserializedOriginalToken->getUserIdentifier());
$this->assertSame('provider-key', $unserializedOriginalToken->getFirewallName());
$this->assertEquals(['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'], $unserializedOriginalToken->getRoleNames());
}
public function testSerializeNullImpersonateUrl()
{
$originalToken = new UsernamePasswordToken(new InMemoryUser('user', 'foo', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']), 'provider-key', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']);
$token = new SwitchUserToken(new InMemoryUser('admin', 'bar', ['ROLE_USER']), 'provider-key', ['ROLE_USER'], $originalToken);
$token = new SwitchUserToken(new InMemoryUser('admin', 'bar', ['ROLE_USER']), 'provider-key', ['ROLE_USER'], $originalToken, 'https://symfony.com/blog');
$unserializedToken = unserialize(serialize($token));
$this->assertInstanceOf(SwitchUserToken::class, $unserializedToken);
$this->assertSame('admin', $unserializedToken->getUserIdentifier());
$this->assertSame('provider-key', $unserializedToken->getFirewallName());
$this->assertEquals(['ROLE_USER'], $unserializedToken->getRoleNames());
$this->assertSame('https://symfony.com/blog', $unserializedToken->getOriginatedFromUri());
$unserializedOriginalToken = $unserializedToken->getOriginalToken();
$this->assertInstanceOf(UsernamePasswordToken::class, $unserializedOriginalToken);
$this->assertSame('user', $unserializedOriginalToken->getUserIdentifier());
$this->assertSame('provider-key', $unserializedOriginalToken->getFirewallName());
$this->assertEquals(['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH'], $unserializedOriginalToken->getRoleNames());
}
public function testSerializeNullImpersonateUrl()
{
$originalToken = new UsernamePasswordToken(new InMemoryUser('user', 'foo', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']), 'provider-key', ['ROLE_ADMIN', 'ROLE_ALLOWED_TO_SWITCH']);
$token = new SwitchUserToken(new InMemoryUser('admin', 'bar', ['ROLE_USER']), 'provider-key', ['ROLE_USER'], $originalToken);