fixed authentication providers registration

8b776dfb · Fabien Potencier · 9022e420 · 8b776dfb
Commit 8b776dfb authored Jun 23, 2012 by Fabien Potencier
Hide whitespace changes
Inline Side-by-side

Showing with 139 additions and 113 deletions

src/Silex/Provider/SecurityServiceProvider.php src/Silex/Provider/SecurityServiceProvider.php +139 -113

No files found.
--- a/src/Silex/Provider/SecurityServiceProvider.php
+++ b/src/Silex/Provider/SecurityServiceProvider.php
@@ -129,13 +129,23 @@ class SecurityServiceProvider implements ServiceProviderInterface
                    $app['security.authentication.'.$name.'.'.$type] = $app['security.authentication.'.$type.'._proto']($name, $options);
                }

-                return array($app['security.authentication.'.$name.'.'.$type], $app['security.entry_point.'.$name.'.'.$entryPoint], $type);
+                if (!isset($app['security.authentication_provider.'.$name])) {
+                    $app['security.authentication_provider.'.$name] = $app['security.authentication_provider.'.('anonymous' == $name ? 'anonymous' : 'dao').'._proto']($name);
+                }
+
+                return array(
+                    'security.authentication_provider.'.$name,
+                    'security.authentication.'.$name.'.'.$type,
+                    'security.entry_point.'.$name.'.'.$entryPoint,
+                    $type
+                );
            });
        }

        $app['security.firewall_map'] = $app->share(function () use ($app) {
-            $map = new FirewallMap();
            $positions = array('logout', 'pre_auth', 'form', 'http', 'remember_me', 'anonymous');
+            $providers = array();
+            $configs = array();
            foreach ($app['security.firewalls'] as $name => $firewall) {
                $entryPoint = 'form';
                $pattern = isset($firewall['pattern']) ? $firewall['pattern'] : null;
@@ -144,7 +154,7 @@ class SecurityServiceProvider implements ServiceProviderInterface

                $protected = count($firewall);

-                $listeners = array($app['security.channel_listener']);
+                $listeners = array('security.channel_listener');

                if ($protected) {
                    if (!isset($app['security.context_listener.'.$name])) {
@@ -152,13 +162,10 @@ class SecurityServiceProvider implements ServiceProviderInterface
                            $app['security.user_provider.'.$name] = is_array($users) ? $app['security.user_provider.inmemory._proto']($users) : $users;
                        }

-                        $app['security.context_listener.'.$name] = $app['security.context_listener._proto'](
-                            $name,
-                            array($app['security.user_provider.'.$name])
-                        );
+                        $app['security.context_listener.'.$name] = $app['security.context_listener._proto']($name, array($app['security.user_provider.'.$name]));
                    }

-                    $listeners[] = $app['security.context_listener.'.$name];
+                    $listeners[] = 'security.context_listener.'.$name;

                    $factories = array();
                    foreach ($positions as $position) {
@@ -179,9 +186,14 @@ class SecurityServiceProvider implements ServiceProviderInterface
                            throw new \LogicException(sprintf('The "%s" authentication entry is not registered.', $type));
                        }

-                        list($listener, $entryPoint, $position) = $app['security.authentication.factory.'.$type]($name, $options);
+                        list($providerId, $listenerId, $entryPointId, $position) = $app['security.authentication.factory.'.$type]($name, $options);
+
+                        if (null !== $entryPointId) {
+                            $entryPoint = $entryPointId;
+                        }

-                        $factories[$position][] = $listener;
+                        $factories[$position][] = $listenerId;
+                        $providers[] = $providerId;
                    }

                    foreach ($positions as $position) {
@@ -190,10 +202,12 @@ class SecurityServiceProvider implements ServiceProviderInterface
                        }
                    }

-                    $listeners[] = $app['security.access_listener'];
+                    $listeners[] = 'security.access_listener';

                    if (isset($firewall['switch_user'])) {
-                        $listeners[] = $app['security.authentication.switch_user._proto']($name, $firewall['switch_user']);
+                        $app['security.switch_user.'.$name] = $app['security.authentication.switch_user._proto']($name, $firewall['switch_user']);
+
+                        $listeners[] = 'security.switch_user.'.$name;
                    }

                    if (!isset($app['security.exception_listener.'.$name])) {
@@ -201,33 +215,21 @@ class SecurityServiceProvider implements ServiceProviderInterface
                    }
                }

-                $map->add(
-                    is_string($pattern) ? new RequestMatcher($pattern) : $pattern,
-                    $listeners,
-                    $protected ? $app['security.exception_listener.'.$name] : null
-                );
+                $configs[] = array($pattern, $listeners, $protected);
            }

-            return $map;
-        });
+            $app['security.authentication_providers'] = array_map(function ($provider) use ($app) { return $app[$provider]; }, $providers);

-        $app['security.authentication_providers'] = $app->share(function () use ($app) {
-            $providers = array();
-            foreach ($app['security.firewalls'] as $name => $firewall) {
-                unset($firewall['pattern'], $firewall['users']);
-
-                if (!count($firewall)) {
-                    continue;
-                }
-
-                if (!isset($app['security.authentication_provider.'.$name])) {
-                    $a = 'anonymous' == $name ? 'anonymous' : 'dao';
-                    $app['security.authentication_provider.'.$name] = $app['security.authentication_provider.'.$a.'._proto']($name);
-                }
-                $providers[] = $app['security.authentication_provider.'.$name];
+            $map = new FirewallMap();
+            foreach ($configs as $config) {
+                $map->add(
+                    is_string($config[0]) ? new RequestMatcher($config[0]) : $config[0],
+                    array_map(function ($listener) use ($app) { return $app[$listener]; }, $config[1]),
+                    $config[2] ? $app['security.exception_listener.'.$name] : null
+                );
            }

-            return $providers;
+            return $map;
        });

        $app['security.access_listener'] = $app->share(function () use ($app) {
@@ -283,121 +285,145 @@ class SecurityServiceProvider implements ServiceProviderInterface
        // prototypes (used by the Firewall Map)

        $app['security.context_listener._proto'] = $app->protect(function ($providerKey, $userProviders) use ($app) {
-            return new ContextListener(
-                $app['security'],
-                $userProviders,
-                $providerKey,
-                $app['logger'],
-                $app['dispatcher']
-            );
+            return $app->share(function () use ($app, $userProviders, $providerKey) {
+                    return new ContextListener(
+                    $app['security'],
+                    $userProviders,
+                    $providerKey,
+                    $app['logger'],
+                    $app['dispatcher']
+                );
+            });
        });

        $app['security.user_provider.inmemory._proto'] = $app->protect(function ($params) use ($app) {
-            $users = array();
-            foreach ($params as $name => $user) {
-                $users[$name] = array('roles' => (array) $user[0], 'password' => $user[1]);
-            }
+            return $app->share(function () use ($app, $params) {
+                $users = array();
+                foreach ($params as $name => $user) {
+                    $users[$name] = array('roles' => (array) $user[0], 'password' => $user[1]);
+                }

-            return new InMemoryUserProvider($users);
+                return new InMemoryUserProvider($users);
+            });
        });

        $app['security.exception_listener._proto'] = $app->protect(function ($entryPoint, $name) use ($app) {
-            return new ExceptionListener(
-                $app['security'],
-                $app['security.trust_resolver'],
-                $app['security.http_utils'],
-                $entryPoint,
-                null, // errorPage
-                null, // AccessDeniedHandlerInterface
-                $app['logger']
-            );
+            return $app->share(function () use ($app, $entryPoint, $name) {
+                return new ExceptionListener(
+                    $app['security'],
+                    $app['security.trust_resolver'],
+                    $app['security.http_utils'],
+                    $app[$entryPoint],
+                    null, // errorPage
+                    null, // AccessDeniedHandlerInterface
+                    $app['logger']
+                );
+            });
        });

        $app['security.authentication.form._proto'] = $app->protect(function ($providerKey, $options) use ($app, $that) {
-            $that->addFakeRoute(array('post', $tmp = isset($options['check_path']) ? $options['check_path'] : '/login_check', str_replace('/', '_', ltrim($tmp, '/'))));
-
-            return new UsernamePasswordFormAuthenticationListener(
-                $app['security'],
-                $app['security.authentication_manager'],
-                $app['security.session_strategy'],
-                $app['security.http_utils'],
-                $providerKey,
-                $options,
-                null, // AuthenticationSuccessHandlerInterface
-                null, // AuthenticationFailureHandlerInterface
-                $app['logger'],
-                $app['dispatcher'],
-                isset($options['with_csrf']) && $options['with_csrf'] && isset($app['form.csrf_provider']) ? $app['form.csrf_provider'] : null
-            );
+            return $app->share(function () use ($app, $providerKey, $options, $that) {
+                $that->addFakeRoute(array('post', $tmp = isset($options['check_path']) ? $options['check_path'] : '/login_check', str_replace('/', '_', ltrim($tmp, '/'))));
+
+                return new UsernamePasswordFormAuthenticationListener(
+                    $app['security'],
+                    $app['security.authentication_manager'],
+                    $app['security.session_strategy'],
+                    $app['security.http_utils'],
+                    $providerKey,
+                    $options,
+                    null, // AuthenticationSuccessHandlerInterface
+                    null, // AuthenticationFailureHandlerInterface
+                    $app['logger'],
+                    $app['dispatcher'],
+                    isset($options['with_csrf']) && $options['with_csrf'] && isset($app['form.csrf_provider']) ? $app['form.csrf_provider'] : null
+                );
+            });
        });

        $app['security.authentication.http._proto'] = $app->protect(function ($providerKey, $options) use ($app) {
-            return new BasicAuthenticationListener(
-                $app['security'],
-                $app['security.authentication_manager'],
-                $providerKey,
-                $app['security.entry_point.'.$providerKey.'.http'],
-                $app['logger']
-            );
+            return $app->share(function () use ($app, $providerKey, $options) {
+                return new BasicAuthenticationListener(
+                    $app['security'],
+                    $app['security.authentication_manager'],
+                    $providerKey,
+                    $app['security.entry_point.'.$providerKey.'.http'],
+                    $app['logger']
+                );
+            });
        });

        $app['security.authentication.anonymous._proto'] = $app->protect(function ($providerKey, $options) use ($app) {
-            return new AnonymousAuthenticationListener(
-                $app['security'],
-                $providerKey,
-                $app['logger']
-            );
+            return $app->share(function () use ($app, $providerKey, $options) {
+                return new AnonymousAuthenticationListener(
+                    $app['security'],
+                    $providerKey,
+                    $app['logger']
+                );
+            });
        });

        $app['security.authentication.logout._proto'] = $app->protect(function ($providerKey, $options) use ($app, $that) {
-            $that->addFakeRoute(array('get', $tmp = isset($options['logout_path']) ? $options['logout_path'] : '/logout', str_replace('/', '_', ltrim($tmp, '/'))));
-
-            $listener = new LogoutListener(
-                $app['security'],
-                $app['security.http_utils'],
-                $options,
-                null, // LogoutSuccessHandlerInterface
-                isset($options['with_csrf']) && $options['with_csrf'] && isset($app['form.csrf_provider']) ? $app['form.csrf_provider'] : null
-            );
+            return $app->share(function () use ($app, $providerKey, $options, $that) {
+                $that->addFakeRoute(array('get', $tmp = isset($options['logout_path']) ? $options['logout_path'] : '/logout', str_replace('/', '_', ltrim($tmp, '/'))));
+
+                $listener = new LogoutListener(
+                    $app['security'],
+                    $app['security.http_utils'],
+                    $options,
+                    null, // LogoutSuccessHandlerInterface
+                    isset($options['with_csrf']) && $options['with_csrf'] && isset($app['form.csrf_provider']) ? $app['form.csrf_provider'] : null
+                );

-            $listener->addHandler(new SessionLogoutHandler());
+                $listener->addHandler(new SessionLogoutHandler());

-            return $listener;
+                return $listener;
+            });
        });

        $app['security.authentication.switch_user._proto'] = $app->protect(function ($name, $options) use ($app, $that) {
-            return new SwitchUserListener(
-                $app['security'],
-                $app['security.user_provider.'.$name],
-                $app['security.user_checker'],
-                $name,
-                $app['security.access_manager'],
-                $app['logger'],
-                isset($options['parameter']) ? $options['parameter'] : '_switch_user',
-                isset($options['role']) ? $options['role'] : 'ROLE_ALLOWED_TO_SWITCH',
-                $app['dispatcher']
-            );
+            return $app->share(function () use ($app, $name, $options, $that) {
+                return new SwitchUserListener(
+                    $app['security'],
+                    $app['security.user_provider.'.$name],
+                    $app['security.user_checker'],
+                    $name,
+                    $app['security.access_manager'],
+                    $app['logger'],
+                    isset($options['parameter']) ? $options['parameter'] : '_switch_user',
+                    isset($options['role']) ? $options['role'] : 'ROLE_ALLOWED_TO_SWITCH',
+                    $app['dispatcher']
+                );
+            });
        });

        $app['security.entry_point.form._proto'] = $app->protect(function ($name, $loginPath = '/login', $useForward = false) use ($app) {
-            return new FormAuthenticationEntryPoint($app, $app['security.http_utils'], $loginPath, $useForward);
+            return $app->share(function () use ($app, $loginPath, $useForward) {
+                return new FormAuthenticationEntryPoint($app, $app['security.http_utils'], $loginPath, $useForward);
+            });
        });

        $app['security.entry_point.http._proto'] = $app->protect(function ($name, $realName = 'Secured') use ($app) {
-            return new BasicAuthenticationEntryPoint($realName);
+            return $app->share(function () use ($app, $name, $realName) {
+                return new BasicAuthenticationEntryPoint($realName);
+            });
        });

        $app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use ($app) {
-            return new DaoAuthenticationProvider(
-                $app['security.user_provider.'.$name],
-                $app['security.user_checker'],
-                $name,
-                $app['security.encoder_factory']
-            );
+            return $app->share(function () use ($app, $name) {
+                return new DaoAuthenticationProvider(
+                    $app['security.user_provider.'.$name],
+                    $app['security.user_checker'],
+                    $name,
+                    $app['security.encoder_factory']
+                );
+            });
        });

        $app['security.authentication_provider.anonymous._proto'] = $app->protect(function ($name) use ($app) {
-            return new AnonymousAuthenticationProvider($name);
+            return $app->share(function () use ($app, $name) {
+                return new AnonymousAuthenticationProvider($name);
+            });
        });
    }