Merge branch '5.4' into 6.0

xabbuh · xabbuh · commit 63ad902648c0 · 2022-04-17T13:31:42.000+02:00
* 5.4:
  fix merge
  do not use mocks in tests when not necessary
  [Mailer] Missing import in first example
  [Security] Add test case for user not found
  [SecurityBundle] Use config's secret in remember-me signatures
diff --git a/DependencyInjection/Security/Factory/RememberMeFactory.php b/DependencyInjection/Security/Factory/RememberMeFactory.php
@@ -71,6 +71,7 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
             $tokenVerifier = $this->createTokenVerifier($container, $firewallName, $config['token_verifier'] ?? null);
             $container->setDefinition($rememberMeHandlerId, new ChildDefinition('security.authenticator.persistent_remember_me_handler'))
                 ->replaceArgument(0, new Reference($tokenProviderId))
+                ->replaceArgument(1, $config['secret'])
                 ->replaceArgument(2, new Reference($userProviderId))
                 ->replaceArgument(4, $config)
                 ->replaceArgument(6, $tokenVerifier)
@@ -79,6 +80,7 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
             $signatureHasherId = 'security.authenticator.remember_me_signature_hasher.'.$firewallName;
             $container->setDefinition($signatureHasherId, new ChildDefinition('security.authenticator.remember_me_signature_hasher'))
                 ->replaceArgument(1, $config['signature_properties'])
+                ->replaceArgument(2, $config['secret'])
             ;
 
             $container->setDefinition($rememberMeHandlerId, new ChildDefinition('security.authenticator.signature_remember_me_handler'))
@@ -140,7 +142,10 @@ public function addConfiguration(NodeDefinition $node)
         ;
 
         $builder
-            ->scalarNode('secret')->isRequired()->cannotBeEmpty()->end()
+            ->scalarNode('secret')
+                ->cannotBeEmpty()
+                ->defaultValue('%kernel.secret%')
+            ->end()
             ->scalarNode('service')->end()
             ->arrayNode('user_providers')
                 ->beforeNormalization()
diff --git a/Tests/DependencyInjection/SecurityExtensionTest.php b/Tests/DependencyInjection/SecurityExtensionTest.php
@@ -393,6 +393,46 @@ public function testCustomRememberMeHandler()
         $this->assertEquals([['firewall' => 'default']], $handler->getTag('security.remember_me_handler'));
     }
 
+    public function testSecretRememberMeHasher()
+    {
+        $container = $this->getRawContainer();
+
+        $container->register('custom_remember_me', \stdClass::class);
+        $container->loadFromExtension('security', [
+            'enable_authenticator_manager' => true,
+            'firewalls' => [
+                'default' => [
+                    'remember_me' => ['secret' => 'very'],
+                ],
+            ],
+        ]);
+
+        $container->compile();
+
+        $handler = $container->getDefinition('security.authenticator.remember_me_signature_hasher.default');
+        $this->assertSame('very', $handler->getArgument(2));
+    }
+
+    public function testSecretRememberMeHandler()
+    {
+        $container = $this->getRawContainer();
+
+        $container->register('custom_remember_me', \stdClass::class);
+        $container->loadFromExtension('security', [
+            'enable_authenticator_manager' => true,
+            'firewalls' => [
+                'default' => [
+                    'remember_me' => ['secret' => 'very', 'token_provider' => 'token_provider_id'],
+                ],
+            ],
+        ]);
+
+        $container->compile();
+
+        $handler = $container->getDefinition('security.authenticator.remember_me_handler.default');
+        $this->assertSame('very', $handler->getArgument(1));
+    }
+
     public function sessionConfigurationProvider()
     {
         return [
