bug #37283 [SecurityBundle] Fix CookieClearingLogoutListener DI confi…

…guration (wouterj)

This PR was merged into the 5.1 branch.

Discussion
----------

[SecurityBundle] Fix CookieClearingLogoutListener DI configuration

| Q             | A
| ------------- | ---
| Branch?       | 5.1
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | Fix #37282
| License       | MIT
| Doc PR        | -

Commits
-------

4786988 Fix CookieClearingLogoutListener DI configuration

src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml

@@ -54,7 +54,7 @@
 
         <service id="security.logout.listener.session" class="Symfony\Component\Security\Http\EventListener\SessionLogoutListener" abstract="true" />
 
-        <service id="security.logout.listener.cookie_clearing" class="Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler" abstract="true" />
+        <service id="security.logout.listener.cookie_clearing" class="Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener" abstract="true" />
 
         <service id="security.logout.listener.default" class="Symfony\Component\Security\Http\EventListener\DefaultLogoutListener" abstract="true">
             <argument type="service" id="security.http_utils" />

src/Symfony/Bundle/SecurityBundle/Tests/Functional/LogoutTest.php

@@ -11,6 +11,8 @@
 
 namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
 
+use Symfony\Component\BrowserKit\Cookie;
+
 class LogoutTest extends AbstractWebTestCase
 {
     /**
@@ -62,11 +64,25 @@ public function testCsrfTokensAreClearedOnLogout(array $options)
      */
     public function testAccessControlDoesNotApplyOnLogout(array $options)
     {
-        $client = $this->createClient($options + ['test_case' => 'LogoutAccess', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options + ['test_case' => 'Logout', 'root_config' => 'config_access.yml']);
+
+        $client->request('POST', '/login', ['_username' => 'johannes', '_password' => 'test']);
+        $client->request('GET', '/logout');
+
+        $this->assertRedirect($client->getResponse(), '/');
+    }
+
+    public function testCookieClearingOnLogout()
+    {
+        $client = $this->createClient(['test_case' => 'Logout', 'root_config' => 'config_cookie_clearing.yml']);
+
+        $cookieJar = $client->getCookieJar();
+        $cookieJar->set(new Cookie('flavor', 'chocolate', strtotime('+1 day'), null, 'somedomain'));
 
         $client->request('POST', '/login', ['_username' => 'johannes', '_password' => 'test']);
         $client->request('GET', '/logout');
 
         $this->assertRedirect($client->getResponse(), '/');
+        $this->assertNull($cookieJar->get('flavor'));
     }
 }

src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_cookie_clearing.yml

@@ -0,0 +1,27 @@
+imports:
+- { resource: ./../config/framework.yml }
+
+security:
+    encoders:
+        Symfony\Component\Security\Core\User\User: plaintext
+
+    providers:
+        in_memory:
+            memory:
+                users:
+                    johannes: { password: test, roles: [ROLE_USER] }
+
+    firewalls:
+        default:
+            form_login:
+                check_path: login
+                remember_me: true
+                require_previous_session: false
+            logout:
+                delete_cookies:
+                    flavor: { path: null, domain: somedomain }
+            stateless: true
+
+    access_control:
+        - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: .*, roles: IS_AUTHENTICATED_FULLY }