merged 2.0

Author: fabpot

composer.json

@@ -24,6 +24,7 @@
         "symfony/doctrine-bridge": "self.version",
         "symfony/monolog-bridge": "self.version",
         "symfony/propel1-bridge": "self.version",
+        "symfony/swiftmailer-bridge": "self.version",
         "symfony/twig-bridge": "self.version",
         "symfony/framework-bundle": "self.version",
         "symfony/security-bundle": "self.version",

src/Symfony/Component/Form/Extension/Core/DataTransformer/BaseDateTimeTransformer.php

@@ -12,6 +12,7 @@
 namespace Symfony\Component\Form\Extension\Core\DataTransformer;
 
 use Symfony\Component\Form\DataTransformerInterface;
+use Symfony\Component\Form\Exception\UnexpectedTypeException;
 
 abstract class BaseDateTimeTransformer implements DataTransformerInterface
 {

src/Symfony/Component/HttpFoundation/ServerBag.php

@@ -63,8 +63,8 @@ public function getHeaders()
                 $authorizationHeader = $this->parameters['REDIRECT_HTTP_AUTHORIZATION'];
             }
 
-            // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW
-            if (null !== $authorizationHeader) {
+            // Decode AUTHORIZATION header into PHP_AUTH_USER and PHP_AUTH_PW when authorization header is basic
+            if ((null !== $authorizationHeader) && (0 === stripos($authorizationHeader, 'basic'))) {
                 $exploded = explode(':', base64_decode(substr($authorizationHeader, 6)));
                 if (count($exploded) == 2) {
                     list($headers['PHP_AUTH_USER'], $headers['PHP_AUTH_PW']) = $exploded;

src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php

@@ -88,4 +88,14 @@ public function testHttpBasicAuthWithPhpCgiEmptyPassword()
             'PHP_AUTH_PW' => ''
         ), $bag->getHeaders());
     }
+
+    public function testOAuthBearerAuth()
+    {
+        $headerContent = 'Bearer L-yLEOr9zhmUYRkzN1jwwxwQ-PBNiKDc8dgfB4hTfvo';
+        $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $headerContent));
+
+        $this->assertEquals(array(
+            'AUTHORIZATION' => $headerContent,
+        ), $bag->getHeaders());
+    }
 }

src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php

@@ -59,7 +59,7 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
                 throw new BadCredentialsException('The credentials were changed from another session.');
             }
         } else {
-            if (!$presentedPassword = $token->getCredentials()) {
+            if ("" === ($presentedPassword = $token->getCredentials())) {
                 throw new BadCredentialsException('The presented password cannot be empty.');
             }
 

src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php

@@ -109,7 +109,7 @@ public function supports(TokenInterface $token)
      * @param string                $username The username to retrieve
      * @param UsernamePasswordToken $token    The Token
      *
-     * @return array The user
+     * @return UserInterface The user
      *
      * @throws AuthenticationException if the credentials could not be validated
      */

src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

@@ -179,7 +179,7 @@ private function startAuthentication(Request $request, AuthenticationException $
     protected function setTargetPath(Request $request)
     {
         // session isn't required when using http basic authentication mechanism for example
-        if ($request->hasSession()) {
+        if ($request->hasSession() && $request->isMethodSafe()) {
             $request->getSession()->set('_security.target_path', $request->getUri());
         }
     }

src/Symfony/Component/Security/Tests/Core/Authentication/Provider/DaoAuthenticationProviderTest.php

@@ -35,13 +35,13 @@ public function testRetrieveUserWhenProviderDoesNotReturnAnUserInterface()
      */
     public function testRetrieveUserWhenUsernameIsNotFound()
     {
-        $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+        $userProvider = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserProviderInterface');
         $userProvider->expects($this->once())
                      ->method('loadUserByUsername')
-                     ->will($this->throwException($this->getMock('Symfony\Component\Security\Core\Exception\UsernameNotFoundException', null, array(), '', false)))
+                     ->will($this->throwException($this->getMock('Symfony\\Component\\Security\\Core\\Exception\\UsernameNotFoundException', null, array(), '', false)))
         ;
 
-        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'), 'key', $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'));
+        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface'), 'key', $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface'));
         $method = new \ReflectionMethod($provider, 'retrieveUser');
         $method->setAccessible(true);
 
@@ -53,13 +53,13 @@ public function testRetrieveUserWhenUsernameIsNotFound()
      */
     public function testRetrieveUserWhenAnExceptionOccurs()
     {
-        $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+        $userProvider = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserProviderInterface');
         $userProvider->expects($this->once())
                      ->method('loadUserByUsername')
                      ->will($this->throwException($this->getMock('RuntimeException', null, array(), '', false)))
         ;
 
-        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'), 'key', $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'));
+        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface'), 'key', $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface'));
         $method = new \ReflectionMethod($provider, 'retrieveUser');
         $method->setAccessible(true);
 
@@ -68,19 +68,19 @@ public function testRetrieveUserWhenAnExceptionOccurs()
 
     public function testRetrieveUserReturnsUserFromTokenOnReauthentication()
     {
-        $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+        $userProvider = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserProviderInterface');
         $userProvider->expects($this->never())
                      ->method('loadUserByUsername')
         ;
 
-        $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $user = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
         $token = $this->getSupportedToken();
         $token->expects($this->once())
               ->method('getUser')
               ->will($this->returnValue($user))
         ;
 
-        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'), 'key', $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'));
+        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface'), 'key', $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface'));
         $reflection = new \ReflectionMethod($provider, 'retrieveUser');
         $reflection->setAccessible(true);
         $result = $reflection->invoke($provider, null, $token);
@@ -90,15 +90,15 @@ public function testRetrieveUserReturnsUserFromTokenOnReauthentication()
 
     public function testRetrieveUser()
     {
-        $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $user = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
 
-        $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+        $userProvider = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserProviderInterface');
         $userProvider->expects($this->once())
                      ->method('loadUserByUsername')
                      ->will($this->returnValue($user))
         ;
 
-        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface'), 'key', $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface'));
+        $provider = new DaoAuthenticationProvider($userProvider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface'), 'key', $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface'));
         $method = new \ReflectionMethod($provider, 'retrieveUser');
         $method->setAccessible(true);
 
@@ -110,25 +110,63 @@ public function testRetrieveUser()
      */
     public function testCheckAuthenticationWhenCredentialsAreEmpty()
     {
-        $provider = $this->getProvider();
+        $encoder = $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\PasswordEncoderInterface');
+        $encoder
+            ->expects($this->never())
+            ->method('isPasswordValid')
+        ;
+
+        $provider = $this->getProvider(false, false, $encoder);
         $method = new \ReflectionMethod($provider, 'checkAuthentication');
         $method->setAccessible(true);
 
         $token = $this->getSupportedToken();
-        $token->expects($this->once())
-              ->method('getCredentials')
-              ->will($this->returnValue(''))
+        $token
+            ->expects($this->once())
+            ->method('getCredentials')
+            ->will($this->returnValue(''))
+        ;
+
+        $method->invoke(
+            $provider,
+            $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface'),
+            $token
+        );
+    }
+
+    public function testCheckAuthenticationWhenCredentialsAre0()
+    {
+        $encoder = $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\PasswordEncoderInterface');
+        $encoder
+            ->expects($this->once())
+            ->method('isPasswordValid')
+            ->will($this->returnValue(true))
+        ;
+
+        $provider = $this->getProvider(false, false, $encoder);
+        $method = new \ReflectionMethod($provider, 'checkAuthentication');
+        $method->setAccessible(true);
+
+        $token = $this->getSupportedToken();
+        $token
+            ->expects($this->once())
+            ->method('getCredentials')
+            ->will($this->returnValue('0'))
         ;
 
-        $method->invoke($provider, $this->getMock('Symfony\Component\Security\Core\User\UserInterface'), $token);
+        $method->invoke(
+            $provider,
+            $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface'),
+            $token
+        );
     }
 
     /**
      * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException
      */
     public function testCheckAuthenticationWhenCredentialsAreNotValid()
     {
-        $encoder = $this->getMock('Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface');
+        $encoder = $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\PasswordEncoderInterface');
         $encoder->expects($this->once())
                 ->method('isPasswordValid')
                 ->will($this->returnValue(false))
@@ -144,15 +182,15 @@ public function testCheckAuthenticationWhenCredentialsAreNotValid()
               ->will($this->returnValue('foo'))
         ;
 
-        $method->invoke($provider, $this->getMock('Symfony\Component\Security\Core\User\UserInterface'), $token);
+        $method->invoke($provider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface'), $token);
     }
 
     /**
      * @expectedException Symfony\Component\Security\Core\Exception\BadCredentialsException
      */
     public function testCheckAuthenticationDoesNotReauthenticateWhenPasswordHasChanged()
     {
-        $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $user = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
         $user->expects($this->once())
              ->method('getPassword')
              ->will($this->returnValue('foo'))
@@ -163,7 +201,7 @@ public function testCheckAuthenticationDoesNotReauthenticateWhenPasswordHasChang
               ->method('getUser')
               ->will($this->returnValue($user));
 
-        $dbUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $dbUser = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
         $dbUser->expects($this->once())
                ->method('getPassword')
                ->will($this->returnValue('newFoo'))
@@ -177,7 +215,7 @@ public function testCheckAuthenticationDoesNotReauthenticateWhenPasswordHasChang
 
     public function testCheckAuthenticationWhenTokenNeedsReauthenticationWorksWithoutOriginalCredentials()
     {
-        $user = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $user = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
         $user->expects($this->once())
              ->method('getPassword')
              ->will($this->returnValue('foo'))
@@ -188,7 +226,7 @@ public function testCheckAuthenticationWhenTokenNeedsReauthenticationWorksWithou
               ->method('getUser')
               ->will($this->returnValue($user));
 
-        $dbUser = $this->getMock('Symfony\Component\Security\Core\User\UserInterface');
+        $dbUser = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface');
         $dbUser->expects($this->once())
                ->method('getPassword')
                ->will($this->returnValue('foo'))
@@ -202,7 +240,7 @@ public function testCheckAuthenticationWhenTokenNeedsReauthenticationWorksWithou
 
     public function testCheckAuthentication()
     {
-        $encoder = $this->getMock('Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface');
+        $encoder = $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\PasswordEncoderInterface');
         $encoder->expects($this->once())
                 ->method('isPasswordValid')
                 ->will($this->returnValue(true))
@@ -218,12 +256,12 @@ public function testCheckAuthentication()
               ->will($this->returnValue('foo'))
         ;
 
-        $method->invoke($provider, $this->getMock('Symfony\Component\Security\Core\User\UserInterface'), $token);
+        $method->invoke($provider, $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserInterface'), $token);
     }
 
     protected function getSupportedToken()
     {
-        $mock = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken', array('getCredentials', 'getUser', 'getProviderKey'), array(), '', false);
+        $mock = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\UsernamePasswordToken', array('getCredentials', 'getUser', 'getProviderKey'), array(), '', false);
         $mock
             ->expects($this->any())
             ->method('getProviderKey')
@@ -235,7 +273,7 @@ protected function getSupportedToken()
 
     protected function getProvider($user = false, $userChecker = false, $passwordEncoder = null)
     {
-        $userProvider = $this->getMock('Symfony\Component\Security\Core\User\UserProviderInterface');
+        $userProvider = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserProviderInterface');
         if (false !== $user) {
             $userProvider->expects($this->once())
                          ->method('loadUserByUsername')
@@ -244,14 +282,14 @@ protected function getProvider($user = false, $userChecker = false, $passwordEnc
         }
 
         if (false === $userChecker) {
-            $userChecker = $this->getMock('Symfony\Component\Security\Core\User\UserCheckerInterface');
+            $userChecker = $this->getMock('Symfony\\Component\\Security\\Core\\User\\UserCheckerInterface');
         }
 
         if (null === $passwordEncoder) {
             $passwordEncoder = new PlaintextPasswordEncoder();
         }
 
-        $encoderFactory = $this->getMock('Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface');
+        $encoderFactory = $this->getMock('Symfony\\Component\\Security\\Core\\Encoder\\EncoderFactoryInterface');
         $encoderFactory
             ->expects($this->any())
             ->method('getEncoder')