added support for the Symfony Security component

composer.json

@@ -20,6 +20,7 @@
         "symfony/event-dispatcher": "2.1.*",
         "symfony/http-foundation": "2.1.*",
         "symfony/http-kernel": "2.1.*",
+        "symfony/security": "2.1.*",
         "symfony/routing": "2.1.*"
     },
     "require-dev": {

composer.lock

 {
-    "hash": "2159a9aea3c462e2837553e85846d0ac",
+    "hash": "18fdd4879bd4a6f9f92e7d9e032d20cd",
     "packages": [
         {
             "package": "pimple/pimple",
@@ -34,6 +34,11 @@
             "version": "dev-master",
             "source-reference": "526d5d663f0b3170a91f916f912075609120e09a"
         },
+        {
+            "package": "symfony/http-kernel",
+            "version": "dev-master",
+            "source-reference": "fd5935fb6cd03dbd06930f2e3065c931694a5c92"
+        },
         {
             "package": "symfony/http-kernel",
             "version": "dev-master",
@@ -41,9 +46,10 @@
             "alias-version": "2.1.9999999.9999999-dev"
         },
         {
-            "package": "symfony/http-kernel",
+            "package": "symfony/routing",
             "version": "dev-master",
-            "source-reference": "fd5935fb6cd03dbd06930f2e3065c931694a5c92"
+            "alias-pretty-version": "2.1.x-dev",
+            "alias-version": "2.1.9999999.9999999-dev"
         },
         {
             "package": "symfony/routing",
@@ -51,10 +57,15 @@
             "source-reference": "4eef37eee0961782dfe66a23df4fc280ff1a9e44"
         },
         {
-            "package": "symfony/routing",
+            "package": "symfony/security",
             "version": "dev-master",
             "alias-pretty-version": "2.1.x-dev",
             "alias-version": "2.1.9999999.9999999-dev"
+        },
+        {
+            "package": "symfony/security",
+            "version": "dev-master",
+            "source-reference": "cfbb58936b3b9e9b5c31d191ed8056acd2932eb8"
         }
     ],
     "packages-dev": [
@@ -81,24 +92,24 @@
         {
             "package": "swiftmailer/swiftmailer",
             "version": "dev-master",
-            "alias-pretty-version": "4.1.x-dev",
-            "alias-version": "4.1.9999999.9999999-dev"
+            "source-reference": "d33d54cc8a081b0b85734744936ede1ba230dd64"
         },
         {
             "package": "swiftmailer/swiftmailer",
             "version": "dev-master",
-            "source-reference": "d33d54cc8a081b0b85734744936ede1ba230dd64"
+            "alias-pretty-version": "4.1.x-dev",
+            "alias-version": "4.1.9999999.9999999-dev"
         },
         {
             "package": "symfony/browser-kit",
             "version": "dev-master",
-            "source-reference": "6d1864547be92e51972a416fae9460b8be4afe0e"
+            "alias-pretty-version": "2.1.x-dev",
+            "alias-version": "2.1.9999999.9999999-dev"
         },
         {
             "package": "symfony/browser-kit",
             "version": "dev-master",
-            "alias-pretty-version": "2.1.x-dev",
-            "alias-version": "2.1.9999999.9999999-dev"
+            "source-reference": "6d1864547be92e51972a416fae9460b8be4afe0e"
         },
         {
             "package": "symfony/css-selector",
@@ -111,6 +122,11 @@
             "version": "dev-master",
             "source-reference": "d0a98b37fbb57188766fd7c7d757354397ee6ead"
         },
+        {
+            "package": "symfony/dom-crawler",
+            "version": "dev-master",
+            "source-reference": "2e27527036c4cd608692718414835173c40f52bd"
+        },
         {
             "package": "symfony/dom-crawler",
             "version": "dev-master",
@@ -118,9 +134,10 @@
             "alias-version": "2.1.9999999.9999999-dev"
         },
         {
-            "package": "symfony/dom-crawler",
+            "package": "symfony/finder",
             "version": "dev-master",
-            "source-reference": "2e27527036c4cd608692718414835173c40f52bd"
+            "alias-pretty-version": "2.1.x-dev",
+            "alias-version": "2.1.9999999.9999999-dev"
         },
         {
             "package": "symfony/finder",
@@ -128,7 +145,7 @@
             "source-reference": "9ee9a907afeef52956187e862714a7702ca26590"
         },
         {
-            "package": "symfony/finder",
+            "package": "symfony/form",
             "version": "dev-master",
             "alias-pretty-version": "2.1.x-dev",
             "alias-version": "2.1.9999999.9999999-dev"
@@ -139,7 +156,7 @@
             "source-reference": "e9068070fab8919f63e1a4e6313325082f4a1aa2"
         },
         {
-            "package": "symfony/form",
+            "package": "symfony/locale",
             "version": "dev-master",
             "alias-pretty-version": "2.1.x-dev",
             "alias-version": "2.1.9999999.9999999-dev"
@@ -150,10 +167,9 @@
             "source-reference": "741210486db314ff288a44de2628da7ee31d383e"
         },
         {
-            "package": "symfony/locale",
+            "package": "symfony/monolog-bridge",
             "version": "dev-master",
-            "alias-pretty-version": "2.1.x-dev",
-            "alias-version": "2.1.9999999.9999999-dev"
+            "source-reference": "ee24f08e2e74ee964018ce9d5de2a37977f6ec6b"
         },
         {
             "package": "symfony/monolog-bridge",
@@ -161,11 +177,6 @@
             "alias-pretty-version": "2.1.x-dev",
             "alias-version": "2.1.9999999.9999999-dev"
         },
-        {
-            "package": "symfony/monolog-bridge",
-            "version": "dev-master",
-            "source-reference": "ee24f08e2e74ee964018ce9d5de2a37977f6ec6b"
-        },
         {
             "package": "symfony/options-resolver",
             "version": "dev-master",
@@ -177,11 +188,6 @@
             "alias-pretty-version": "2.1.x-dev",
             "alias-version": "2.1.9999999.9999999-dev"
         },
-        {
-            "package": "symfony/process",
-            "version": "dev-master",
-            "source-reference": "f4f101fc7c1adb8b157058dcc1715f28f1d53208"
-        },
         {
             "package": "symfony/process",
             "version": "dev-master",
@@ -189,9 +195,9 @@
             "alias-version": "2.1.9999999.9999999-dev"
         },
         {
-            "package": "symfony/translation",
+            "package": "symfony/process",
             "version": "dev-master",
-            "source-reference": "db3e85934353a130d743b2ddd53dd678c8ebca12"
+            "source-reference": "f4f101fc7c1adb8b157058dcc1715f28f1d53208"
         },
         {
             "package": "symfony/translation",
@@ -200,10 +206,9 @@
             "alias-version": "2.1.9999999.9999999-dev"
         },
         {
-            "package": "symfony/twig-bridge",
+            "package": "symfony/translation",
             "version": "dev-master",
-            "alias-pretty-version": "2.1.x-dev",
-            "alias-version": "2.1.9999999.9999999-dev"
+            "source-reference": "db3e85934353a130d743b2ddd53dd678c8ebca12"
         },
         {
             "package": "symfony/twig-bridge",
@@ -230,19 +235,13 @@
         {
             "package": "twig/twig",
             "version": "dev-master",
-            "alias-pretty-version": "1.8.x-dev",
-            "alias-version": "1.8.9999999.9999999-dev"
+            "source-reference": "ca33207bb22fe6365d13bdaf034f936e30b53560"
         },
         {
             "package": "twig/twig",
             "version": "dev-master",
             "alias-pretty-version": "1.8.x-dev",
             "alias-version": "1.8.9999999.9999999-dev"
-        },
-        {
-            "package": "twig/twig",
-            "version": "dev-master",
-            "source-reference": "ca33207bb22fe6365d13bdaf034f936e30b53560"
         }
     ],
     "aliases": [

src/Silex/Application.php

@@ -614,7 +614,7 @@ class Application extends \Pimple implements HttpKernelInterface, EventSubscribe
             ),
             KernelEvents::CONTROLLER => 'onKernelController',
             KernelEvents::RESPONSE   => 'onKernelResponse',
-            KernelEvents::EXCEPTION  => 'onKernelException',
+            KernelEvents::EXCEPTION  => array('onKernelException', -10),
             KernelEvents::TERMINATE  => 'onKernelTerminate',
             KernelEvents::VIEW       => array('onKernelView', -10),
         );

src/Silex/Provider/TwigServiceProvider.php

@@ -17,6 +17,7 @@ use Silex\ServiceProviderInterface;
 use Symfony\Bridge\Twig\Extension\RoutingExtension as TwigRoutingExtension;
 use Symfony\Bridge\Twig\Extension\TranslationExtension as TwigTranslationExtension;
 use Symfony\Bridge\Twig\Extension\FormExtension as TwigFormExtension;
+use Symfony\Bridge\Twig\Extension\SecurityExtension as TwigSecurityExtension;
 
 /**
  * Twig Provider.
@@ -54,6 +55,10 @@ class TwigServiceProvider implements ServiceProviderInterface
                     $twig->addExtension(new TwigTranslationExtension($app['translator']));
                 }
 
+                if (isset($app['security.context'])) {
+                    $twig->addExtension(new TwigSecurityExtension($app['security.context']));
+                }
+
                 if (isset($app['form.factory'])) {
                     if (!isset($app['twig.form.templates'])) {
                         $app['twig.form.templates'] = array('form_div_layout.html.twig');

tests/Silex/Tests/Provider/SecurityServiceProviderTest.php

+<?php
+
+/*
+ * This file is part of the Silex framework.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * This source file is subject to the MIT license that is bundled
+ * with this source code in the file LICENSE.
+ */
+
+namespace Silex\Tests\Provider;
+
+use Silex\Application;
+use Silex\WebTestCase;
+use Silex\Provider\SecurityServiceProvider;
+use Silex\Provider\SessionServiceProvider;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * SecurityServiceProvider
+ *
+ * @author Fabien Potencier <fabien@symfony.com>
+ */
+class SecurityServiceProviderTest extends WebTestCase
+{
+    public function setUp()
+    {
+        if (!is_dir(__DIR__.'/../../../../vendor/symfony/security')) {
+            $this->markTestSkipped('Security dependency was not installed.');
+        }
+
+        parent::setUp();
+    }
+
+    public function test()
+    {
+        $app = $this->app;
+
+        $client = $this->createClient();
+
+        $client->request('get', '/');
+        $this->assertEquals('ANONYMOUS', $client->getResponse()->getContent());
+
+        $client->request('post', '/login_check', array('_username' => 'fabien', '_password' => 'bar'));
+        $this->assertEquals('Bad credentials', $app['security.last_error']($client->getRequest()));
+        // hack to re-close the session as the previous assertions re-opens it
+        $client->getRequest()->getSession()->save();
+
+        $client->request('post', '/login_check', array('_username' => 'fabien', '_password' => 'foo'));
+        $this->assertEquals('', $app['security.last_error']($client->getRequest()));
+        $client->getRequest()->getSession()->save();
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertEquals('http://localhost/', $client->getResponse()->headers->get('Location'));
+
+        $client->request('get', '/');
+        $this->assertEquals('fabienAUTHENTICATED', $client->getResponse()->getContent());
+        $client->request('get', '/admin');
+        $this->assertEquals(403, $client->getResponse()->getStatusCode());
+
+        $client->request('get', '/logout');
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertEquals('http://localhost/', $client->getResponse()->headers->get('Location'));
+
+        $client->request('get', '/');
+        $this->assertEquals('ANONYMOUS', $client->getResponse()->getContent());
+
+        $client->request('get', '/admin');
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertEquals('http://localhost/login', $client->getResponse()->headers->get('Location'));
+
+        $client->request('post', '/login_check', array('_username' => 'admin', '_password' => 'foo'));
+        $this->assertEquals('', $app['security.last_error']($client->getRequest()));
+        $client->getRequest()->getSession()->save();
+        $this->assertEquals(302, $client->getResponse()->getStatusCode());
+        $this->assertEquals('http://localhost/admin', $client->getResponse()->headers->get('Location'));
+
+        $client->request('get', '/');
+        $this->assertEquals('adminAUTHENTICATEDADMIN', $client->getResponse()->getContent());
+        $client->request('get', '/admin');
+        $this->assertEquals('admin', $client->getResponse()->getContent());
+    }
+
+    public function createApplication()
+    {
+        $app = new Application();
+        $app->register(new SessionServiceProvider());
+        $app->register(new SecurityServiceProvider(), array(
+            'security.firewalls' => array(
+                'login' => array(
+                    'pattern' => '^/login$',
+                ),
+                'default' => array(
+                    'pattern' => '^.*$',
+                    'anonymous' => true,
+                    'form' => true,
+                    'logout' => true,
+                    'users' => array(
+                        // password is foo
+                        'fabien' => array('ROLE_USER', '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg=='),
+                        'admin'  => array('ROLE_ADMIN', '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg=='),
+                    ),
+                ),
+            ),
+            'security.access_rules' => array(
+                array('^/admin', 'ROLE_ADMIN'),
+            ),
+            'security.role_hierarchy' => array(
+                'ROLE_ADMIN' => array('ROLE_USER'),
+            ),
+        ));
+
+        $app->get('/login', function(Request $request) use ($app) {
+            $app['session']->start();
+
+            return $app['security.last_error']($request);
+        });
+
+        $app->get('/', function() use ($app) {
+            $user = $app['security.context']->getToken()->getUser();
+
+            $content = is_object($user) ? $user->getUsername() : 'ANONYMOUS';
+
+            if ($app['security.context']->isGranted('IS_AUTHENTICATED_FULLY')) {
+                $content .= 'AUTHENTICATED';
+            }
+
+            if ($app['security.context']->isGranted('ROLE_ADMIN')) {
+                $content .= 'ADMIN';
+            }
+
+            return $content;
+        });
+
+        $app->get('/admin', function() use ($app) {
+            return 'admin';
+        });
+
+        $app['session.test'] = true;
+
+        return $app;
+    }
+}