Merge branch '2.7' into 2.8

nicolas-grekas · nicolas-grekas · commit 5aefcc5264ee · 2018-04-25T16:40:02.000+02:00
* 2.7:
  [VarDumper] Remove decoration from actual output in tests
  [Bridge/Doctrine] fix count() notice on PHP 7.2
  [Security] Skip user checks if not implementing UserInterface
  [HttpFoundation] Add HTTP_EARLY_HINTS const
  [DoctrineBridge] Improve exception message at `IdReader::getIdValue()`
  fixed CS
  Use new PHP7.2 functions in hasColorSupport
  [VarDumper] Fix dumping of SplObjectStorage
diff --git a/Authentication/Provider/SimpleAuthenticationProvider.php b/Authentication/Provider/SimpleAuthenticationProvider.php
@@ -54,7 +54,7 @@ public function authenticate(TokenInterface $token)
                 $user = $this->userProvider->loadUserByUsername($user);
 
                 if (!$user instanceof UserInterface) {
-                    throw new AuthenticationServiceException('The user provider must return a UserInterface object.');
+                    return $authToken;
                 }
             } catch (UsernameNotFoundException $e) {
                 $e->setUsername($user);
diff --git a/Tests/Authentication/Provider/SimpleAuthenticationProviderTest.php b/Tests/Authentication/Provider/SimpleAuthenticationProviderTest.php
@@ -12,10 +12,11 @@
 namespace Symfony\Component\Security\Core\Tests\Authentication\Provider;
 
 use PHPUnit\Framework\TestCase;
-use Symfony\Component\Security\Core\Exception\DisabledException;
 use Symfony\Component\Security\Core\Authentication\Provider\SimpleAuthenticationProvider;
+use Symfony\Component\Security\Core\Exception\DisabledException;
 use Symfony\Component\Security\Core\Exception\LockedException;
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
+use Symfony\Component\Security\Core\User\UserChecker;
 
 class SimpleAuthenticationProviderTest extends TestCase
 {
@@ -121,6 +122,20 @@ public function testUsernameNotFound()
         $this->getProvider($authenticator, $userProvider)->authenticate($token);
     }
 
+    public function testAuthenticateSkipsUserChecksForNonUserInterfaceObjects()
+    {
+        $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock();
+        $token->expects($this->any())
+            ->method('getUser')
+            ->will($this->returnValue('string-user'));
+        $authenticator = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\SimpleAuthenticatorInterface')->getMock();
+        $authenticator->expects($this->once())
+            ->method('authenticateToken')
+            ->will($this->returnValue($token));
+
+        $this->assertSame($token, $this->getProvider($authenticator, null, new UserChecker())->authenticate($token));
+    }
+
     protected function getProvider($simpleAuthenticator = null, $userProvider = null, $userChecker = null, $key = 'test')
     {
         if (null === $userChecker) {

Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ public function authenticate(TokenInterface $token)`
`54`	`54`	`$user = $this->userProvider->loadUserByUsername($user);`
`55`	`55`
`56`	`56`	`if (!$user instanceof UserInterface) {`
`57`		`- throw new AuthenticationServiceException('The user provider must return a UserInterface object.');`
	`57`	`+ return $authToken;`
`58`	`58`	`}`
`59`	`59`	`} catch (UsernameNotFoundException $e) {`
`60`	`60`	`$e->setUsername($user);`