[Security] Add remember me option for JSON logins

Author: baumerdev

Authenticator/JsonLoginAuthenticator.php

@@ -26,6 +26,7 @@
 use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
 use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\PasswordUpgradeBadge;
+use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\UserBadge;
 use Symfony\Component\Security\Http\Authenticator\Passport\Credentials\PasswordCredentials;
 use Symfony\Component\Security\Http\Authenticator\Passport\Passport;
@@ -88,7 +89,7 @@ public function authenticate(Request $request): Passport
         }
 
         $userBadge = new UserBadge($credentials['username'], $this->userProvider->loadUserByIdentifier(...));
-        $passport = new Passport($userBadge, new PasswordCredentials($credentials['password']));
+        $passport = new Passport($userBadge, new PasswordCredentials($credentials['password']), [new RememberMeBadge()]);
 
         if ($this->userProvider instanceof PasswordUpgraderInterface) {
             $passport->addBadge(new PasswordUpgradeBadge($credentials['password'], $this->userProvider));

CHANGELOG.md

@@ -1,6 +1,11 @@
 CHANGELOG
 =========
 
+6.3
+---
+
+ * Add `RememberMeBadge` to `JsonLoginAuthenticator` and enable reading parameter in JSON request body
+
 6.2
 ---
 

EventListener/CheckRememberMeConditionsListener.php

@@ -13,6 +13,7 @@
 
 use Psr\Log\LoggerInterface;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\Security\Http\Authenticator\Passport\Badge\RememberMeBadge;
 use Symfony\Component\Security\Http\Event\LoginSuccessEvent;
 use Symfony\Component\Security\Http\ParameterBagUtils;
@@ -54,7 +55,7 @@ public function onSuccessfulLogin(LoginSuccessEvent $event): void
         /** @var RememberMeBadge $badge */
         $badge = $passport->getBadge(RememberMeBadge::class);
         if (!$this->options['always_remember_me']) {
-            $parameter = ParameterBagUtils::getRequestParameterValue($event->getRequest(), $this->options['remember_me_parameter']);
+            $parameter = $this->getParameter($event->getRequest(), $this->options['remember_me_parameter']);
             if (!('true' === $parameter || 'on' === $parameter || '1' === $parameter || 'yes' === $parameter || true === $parameter)) {
                 $this->logger?->debug('Remember me disabled; request does not contain remember me parameter ("{parameter}").', ['parameter' => $this->options['remember_me_parameter']]);
 
@@ -69,4 +70,23 @@ public static function getSubscribedEvents(): array
     {
         return [LoginSuccessEvent::class => ['onSuccessfulLogin', -32]];
     }
+
+    private function getParameter(Request $request, string $parameterName): mixed
+    {
+        $parameter = ParameterBagUtils::getRequestParameterValue($request, $parameterName);
+        if (null !== $parameter) {
+            return $parameter;
+        }
+
+        if ('application/json' === $request->headers->get('Content-Type')) {
+            $data = json_decode($request->getContent());
+            if (!$data instanceof \stdClass) {
+                return null;
+            }
+
+            return $data->{$parameterName} ?? null;
+        }
+
+        return null;
+    }
 }

Tests/EventListener/CheckRememberMeConditionsListenerTest.php

@@ -33,20 +33,29 @@ class CheckRememberMeConditionsListenerTest extends TestCase
     protected function setUp(): void
     {
         $this->listener = new CheckRememberMeConditionsListener();
-        $this->request = Request::create('/login');
-        $this->request->request->set('_remember_me', true);
-        $this->response = new Response();
     }
 
-    public function testSuccessfulLoginWithoutSupportingAuthenticator()
+    public function testSuccessfulHttpLoginWithoutSupportingAuthenticator()
     {
+        $this->createHttpRequest();
+
         $passport = $this->createPassport([]);
 
         $this->listener->onSuccessfulLogin($this->createLoginSuccessfulEvent($passport));
 
         $this->assertFalse($passport->hasBadge(RememberMeBadge::class));
     }
 
+    public function testSuccessfulJsonLoginWithoutSupportingAuthenticator()
+    {
+        $this->createJsonRequest();
+
+        $passport = $this->createPassport([]);
+        $this->listener->onSuccessfulLogin($this->createLoginSuccessfulEvent($passport));
+
+        $this->assertFalse($passport->hasBadge(RememberMeBadge::class));
+    }
+
     public function testSuccessfulLoginWithoutRequestParameter()
     {
         $this->request = Request::create('/login');
@@ -57,10 +66,22 @@ public function testSuccessfulLoginWithoutRequestParameter()
         $this->assertFalse($passport->getBadge(RememberMeBadge::class)->isEnabled());
     }
 
-    public function testSuccessfulLoginWhenRememberMeAlwaysIsTrue()
+    public function testSuccessfulHttpLoginWhenRememberMeAlwaysIsTrue()
     {
+        $this->createHttpRequest();
+
+        $passport = $this->createPassport();
+
+        $this->listener->onSuccessfulLogin($this->createLoginSuccessfulEvent($passport));
+
+        $this->assertTrue($passport->getBadge(RememberMeBadge::class)->isEnabled());
+    }
+
+    public function testSuccessfulJsonLoginWhenRememberMeAlwaysIsTrue()
+    {
+        $this->createJsonRequest();
+
         $passport = $this->createPassport();
-        $listener = new CheckRememberMeConditionsListener(['always_remember_me' => true]);
 
         $this->listener->onSuccessfulLogin($this->createLoginSuccessfulEvent($passport));
 
@@ -70,8 +91,10 @@ public function testSuccessfulLoginWhenRememberMeAlwaysIsTrue()
     /**
      * @dataProvider provideRememberMeOptInValues
      */
-    public function testSuccessfulLoginWithOptInRequestParameter($optInValue)
+    public function testSuccessfulHttpLoginWithOptInRequestParameter($optInValue)
     {
+        $this->createHttpRequest();
+
         $this->request->request->set('_remember_me', $optInValue);
         $passport = $this->createPassport();
 
@@ -80,6 +103,20 @@ public function testSuccessfulLoginWithOptInRequestParameter($optInValue)
         $this->assertTrue($passport->getBadge(RememberMeBadge::class)->isEnabled());
     }
 
+    /**
+     * @dataProvider provideRememberMeOptInValues
+     */
+    public function testSuccessfulJsonLoginWithOptInRequestParameter($optInValue)
+    {
+        $this->createJsonRequest(['_remember_me' => $optInValue]);
+
+        $passport = $this->createPassport();
+
+        $this->listener->onSuccessfulLogin($this->createLoginSuccessfulEvent($passport));
+
+        $this->assertTrue($passport->getBadge(RememberMeBadge::class)->isEnabled());
+    }
+
     public static function provideRememberMeOptInValues()
     {
         yield ['true'];
@@ -89,6 +126,20 @@ public static function provideRememberMeOptInValues()
         yield [true];
     }
 
+    private function createHttpRequest(): void
+    {
+        $this->request = Request::create('/login');
+        $this->request->request->set('_remember_me', true);
+        $this->response = new Response();
+    }
+
+    private function createJsonRequest(mixed $content = ['_remember_me' => true]): void
+    {
+        $this->request = Request::create('/login', 'POST', [], [], [], [], json_encode($content));
+        $this->request->headers->add(['Content-Type' => 'application/json']);
+        $this->response = new Response();
+    }
+
     private function createLoginSuccessfulEvent(Passport $passport)
     {
         return new LoginSuccessEvent($this->createMock(AuthenticatorInterface::class), $passport, $this->createMock(TokenInterface::class), $this->request, $this->response, 'main_firewall');