[Security] Move TraceableAuthenticator to security-http

chalasr · chalasr · commit 303edcd901f2 · 2021-10-12T10:11:20.000+02:00
diff --git a/Authenticator/Debug/TraceableAuthenticator.php b/Authenticator/Debug/TraceableAuthenticator.php
@@ -0,0 +1,108 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authenticator\Debug;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
+use Symfony\Component\Security\Core\Exception\AuthenticationException;
+use Symfony\Component\Security\Guard\Authenticator\GuardBridgeAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\InteractiveAuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
+use Symfony\Component\Security\Http\Authenticator\Passport\PassportInterface;
+use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;
+use Symfony\Component\Security\Http\EntryPoint\Exception\NotAnEntryPointException;
+use Symfony\Component\VarDumper\Caster\ClassStub;
+
+/**
+ * Collects info about an authenticator for debugging purposes.
+ *
+ * @author Robin Chalas <robin.chalas@gmail.com>
+ */
+final class TraceableAuthenticator implements AuthenticatorInterface, InteractiveAuthenticatorInterface, AuthenticationEntryPointInterface
+{
+    private $authenticator;
+    private $passport;
+    private $duration;
+    private $stub;
+
+    public function __construct(AuthenticatorInterface $authenticator)
+    {
+        $this->authenticator = $authenticator;
+    }
+
+    public function getInfo(): array
+    {
+        $class = \get_class($this->authenticator instanceof GuardBridgeAuthenticator ? $this->authenticator->getGuardAuthenticator() : $this->authenticator);
+
+        return [
+            'supports' => true,
+            'passport' => $this->passport,
+            'duration' => $this->duration,
+            'stub' => $this->stub ?? $this->stub = class_exists(ClassStub::class) ? new ClassStub($class) : $class,
+        ];
+    }
+
+    public function supports(Request $request): ?bool
+    {
+        return $this->authenticator->supports($request);
+    }
+
+    public function authenticate(Request $request): Passport
+    {
+        $startTime = microtime(true);
+        $this->passport = $this->authenticator->authenticate($request);
+        $this->duration = microtime(true) - $startTime;
+
+        return $this->passport;
+    }
+
+    public function createToken(Passport $passport, string $firewallName): TokenInterface
+    {
+        return method_exists($this->authenticator, 'createToken') ? $this->authenticator->createToken($passport, $firewallName) : $this->authenticator->createAuthenticatedToken($passport, $firewallName);
+    }
+
+    public function createAuthenticatedToken(PassportInterface $passport, string $firewallName): TokenInterface
+    {
+        return $this->authenticator->createAuthenticatedToken($passport, $firewallName);
+    }
+
+    public function onAuthenticationSuccess(Request $request, TokenInterface $token, string $firewallName): ?Response
+    {
+        return $this->authenticator->onAuthenticationSuccess($request, $token, $firewallName);
+    }
+
+    public function onAuthenticationFailure(Request $request, AuthenticationException $exception): ?Response
+    {
+        return $this->authenticator->onAuthenticationFailure($request, $exception);
+    }
+
+    public function start(Request $request, AuthenticationException $authException = null): Response
+    {
+        if (!$this->authenticator instanceof AuthenticationEntryPointInterface) {
+            throw new NotAnEntryPointException();
+        }
+
+        return $this->authenticator->start($request, $authException);
+    }
+
+    public function isInteractive(): bool
+    {
+        return $this->authenticator instanceof InteractiveAuthenticatorInterface && $this->authenticator->isInteractive();
+    }
+
+    public function __call($method, $args)
+    {
+        return $this->authenticator->{$method}(...$args);
+    }
+}
diff --git a/Authenticator/Debug/TraceableAuthenticatorManagerListener.php b/Authenticator/Debug/TraceableAuthenticatorManagerListener.php
@@ -0,0 +1,81 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Authenticator\Debug;
+
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+use Symfony\Component\Security\Http\Firewall\AbstractListener;
+use Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener;
+use Symfony\Component\VarDumper\Caster\ClassStub;
+
+/**
+ * Decorates the AuthenticatorManagerListener to collect information about security authenticators.
+ *
+ * @author Robin Chalas <robin.chalas@gmail.com>
+ */
+final class TraceableAuthenticatorManagerListener extends AbstractListener
+{
+    private $authenticationManagerListener;
+    private $authenticatorsInfo = [];
+    private $hasVardumper;
+
+    public function __construct(AuthenticatorManagerListener $authenticationManagerListener)
+    {
+        $this->authenticationManagerListener = $authenticationManagerListener;
+        $this->hasVardumper = class_exists(ClassStub::class);
+    }
+
+    public function supports(Request $request): ?bool
+    {
+        return $this->authenticationManagerListener->supports($request);
+    }
+
+    public function authenticate(RequestEvent $event): void
+    {
+        $request = $event->getRequest();
+
+        if (!$authenticators = $request->attributes->get('_security_authenticators')) {
+            return;
+        }
+
+        foreach ($request->attributes->get('_security_skipped_authenticators') as $skippedAuthenticator) {
+            $this->authenticatorsInfo[] = [
+                'supports' => false,
+                'stub' => $this->hasVardumper ? new ClassStub(\get_class($skippedAuthenticator)) : \get_class($skippedAuthenticator),
+                'passport' => null,
+                'duration' => 0,
+            ];
+        }
+
+        foreach ($authenticators as $key => $authenticator) {
+            $authenticators[$key] = new TraceableAuthenticator($authenticator);
+        }
+
+        $request->attributes->set('_security_authenticators', $authenticators);
+
+        $this->authenticationManagerListener->authenticate($event);
+
+        foreach ($authenticators as $authenticator) {
+            $this->authenticatorsInfo[] = $authenticator->getInfo();
+        }
+    }
+
+    public function getAuthenticatorManagerListener(): AuthenticatorManagerListener
+    {
+        return $this->authenticationManagerListener;
+    }
+
+    public function getAuthenticatorsInfo(): array
+    {
+        return $this->authenticatorsInfo;
+    }
+}
diff --git a/Tests/Authenticator/Debug/TraceableAuthenticatorTest.php b/Tests/Authenticator/Debug/TraceableAuthenticatorTest.php
@@ -0,0 +1,39 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Tests\Authenticator\Debug;
+
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Security\Http\Authenticator\AuthenticatorInterface;
+use Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\SelfValidatingPassport;
+
+class TraceableAuthenticatorTest extends TestCase
+{
+    public function testGetInfo()
+    {
+        $request = new Request();
+        $passport = new SelfValidatingPassport(new UserBadge('robin', function () {}));
+
+        $authenticator = $this->createMock(AuthenticatorInterface::class);
+        $authenticator
+            ->expects($this->once())
+            ->method('authenticate')
+            ->with($request)
+            ->willReturn($passport);
+
+        $traceable = new TraceableAuthenticator($authenticator);
+        $this->assertSame($passport, $traceable->authenticate($request));
+        $this->assertSame($passport, $traceable->getInfo()['passport']);
+    }
+}
