Skip to content

Commit ece4f3e

Browse files
fabpotfabpot
committed
bug symfony#61548 [Security] Fix attribute-based chained user providers (valtzu)
This PR was merged into the 6.4 branch. Discussion ---------- [Security] Fix attribute-based chained user providers | Q | A | ------------- | --- | Branch? | 6.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | License | MIT The attributes were not passed to an attribute-based user provider (`AttributesBasedUserProviderInterface`) in a `UserProviderChain`. On 7.4 we could make `ChainUserProvider` implement `AttributesBasedUserProviderInterface`. Commits ------- 8169616 [Security] Fix attribute-based chained user providers
2 parents 7d2e564 + 8169616 commit ece4f3e

File tree

2 files changed

+33
-1
lines changed

2 files changed

+33
-1
lines changed

src/Symfony/Component/Security/Core/Tests/User/ChainUserProviderTest.php

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,14 @@
1414
use PHPUnit\Framework\TestCase;
1515
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
1616
use Symfony\Component\Security\Core\Exception\UserNotFoundException;
17+
use Symfony\Component\Security\Core\User\AttributesBasedUserProviderInterface;
1718
use Symfony\Component\Security\Core\User\ChainUserProvider;
1819
use Symfony\Component\Security\Core\User\InMemoryUser;
1920
use Symfony\Component\Security\Core\User\InMemoryUserProvider;
2021
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
2122
use Symfony\Component\Security\Core\User\PasswordUpgraderInterface;
2223
use Symfony\Component\Security\Core\User\UserInterface;
24+
use Symfony\Component\Security\Core\User\UserProviderInterface;
2325

2426
class ChainUserProviderTest extends TestCase
2527
{
@@ -45,6 +47,28 @@ public function testLoadUserByIdentifier()
4547
$this->assertSame($account, $provider->loadUserByIdentifier('foo'));
4648
}
4749

50+
public function testLoadUserByIdentifierWithAttributes()
51+
{
52+
$provider1 = $this->createMock(UserProviderInterface::class);
53+
$provider1
54+
->expects($this->once())
55+
->method('loadUserByIdentifier')
56+
->with($this->equalTo('foo'))
57+
->willThrowException(new UserNotFoundException('not found'))
58+
;
59+
60+
$provider2 = $this->createMock(AttributesBasedUserProviderInterface::class);
61+
$provider2
62+
->expects($this->once())
63+
->method('loadUserByIdentifier')
64+
->with($this->equalTo('foo'), $this->equalTo(['attr' => 5]))
65+
->willReturn($account = $this->createMock(UserInterface::class))
66+
;
67+
68+
$provider = new ChainUserProvider([$provider1, $provider2]);
69+
$this->assertSame($account, $provider->loadUserByIdentifier('foo', ['attr' => 5]));
70+
}
71+
4872
public function testLoadUserByIdentifierThrowsUserNotFoundException()
4973
{
5074
$this->expectException(UserNotFoundException::class);

src/Symfony/Component/Security/Core/User/ChainUserProvider.php

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,10 +56,18 @@ public function loadUserByUsername(string $username): UserInterface
5656
return $this->loadUserByIdentifier($username);
5757
}
5858

59-
public function loadUserByIdentifier(string $identifier): UserInterface
59+
/**
60+
* @param array $attributes
61+
*/
62+
public function loadUserByIdentifier(string $identifier/* , array $attributes = [] */): UserInterface
6063
{
64+
$attributes = \func_num_args() > 1 ? func_get_arg(1) : [];
6165
foreach ($this->providers as $provider) {
6266
try {
67+
if ($provider instanceof AttributesBasedUserProviderInterface) {
68+
return $provider->loadUserByIdentifier($identifier, $attributes);
69+
}
70+
6371
return $provider->loadUserByIdentifier($identifier);
6472
} catch (UserNotFoundException) {
6573
// try next one

0 commit comments

Comments
 (0)