From 47869887c054ada8d32b1d5103e28412abdf0abc Mon Sep 17 00:00:00 2001
From: Wouter de Jong <wouter@wouterj.nl>
Date: Mon, 15 Jun 2020 10:02:33 +0200
Subject: [PATCH] Fix CookieClearingLogoutListener DI configuration

---
 .../Resources/config/security_listeners.xml   |  2 +-
 .../Tests/Functional/LogoutTest.php           | 18 ++++++++++++-
 .../app/{LogoutAccess => Logout}/bundles.php  |  0
 .../config.yml => Logout/config_access.yml}   |  0
 .../app/Logout/config_cookie_clearing.yml     | 27 +++++++++++++++++++
 .../app/{LogoutAccess => Logout}/routing.yml  |  0
 6 files changed, 45 insertions(+), 2 deletions(-)
 rename src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/{LogoutAccess => Logout}/bundles.php (100%)
 rename src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/{LogoutAccess/config.yml => Logout/config_access.yml} (100%)
 create mode 100644 src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_cookie_clearing.yml
 rename src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/{LogoutAccess => Logout}/routing.yml (100%)

diff --git a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
index 10b503b6bf96..c8e5d9d5a093 100644
--- a/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
+++ b/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml
@@ -54,7 +54,7 @@
 
         <service id="security.logout.listener.session" class="Symfony\Component\Security\Http\EventListener\SessionLogoutListener" abstract="true" />
 
-        <service id="security.logout.listener.cookie_clearing" class="Symfony\Component\Security\Http\Logout\CookieClearingLogoutHandler" abstract="true" />
+        <service id="security.logout.listener.cookie_clearing" class="Symfony\Component\Security\Http\EventListener\CookieClearingLogoutListener" abstract="true" />
 
         <service id="security.logout.listener.default" class="Symfony\Component\Security\Http\EventListener\DefaultLogoutListener" abstract="true">
             <argument type="service" id="security.http_utils" />
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LogoutTest.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LogoutTest.php
index 626efd6a684f..b5e2b4848789 100644
--- a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LogoutTest.php
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/LogoutTest.php
@@ -11,6 +11,8 @@
 
 namespace Symfony\Bundle\SecurityBundle\Tests\Functional;
 
+use Symfony\Component\BrowserKit\Cookie;
+
 class LogoutTest extends AbstractWebTestCase
 {
     /**
@@ -62,11 +64,25 @@ public function testCsrfTokensAreClearedOnLogout(array $options)
      */
     public function testAccessControlDoesNotApplyOnLogout(array $options)
     {
-        $client = $this->createClient($options + ['test_case' => 'LogoutAccess', 'root_config' => 'config.yml']);
+        $client = $this->createClient($options + ['test_case' => 'Logout', 'root_config' => 'config_access.yml']);
+
+        $client->request('POST', '/login', ['_username' => 'johannes', '_password' => 'test']);
+        $client->request('GET', '/logout');
+
+        $this->assertRedirect($client->getResponse(), '/');
+    }
+
+    public function testCookieClearingOnLogout()
+    {
+        $client = $this->createClient(['test_case' => 'Logout', 'root_config' => 'config_cookie_clearing.yml']);
+
+        $cookieJar = $client->getCookieJar();
+        $cookieJar->set(new Cookie('flavor', 'chocolate', strtotime('+1 day'), null, 'somedomain'));
 
         $client->request('POST', '/login', ['_username' => 'johannes', '_password' => 'test']);
         $client->request('GET', '/logout');
 
         $this->assertRedirect($client->getResponse(), '/');
+        $this->assertNull($cookieJar->get('flavor'));
     }
 }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/bundles.php b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/bundles.php
similarity index 100%
rename from src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/bundles.php
rename to src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/bundles.php
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/config.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_access.yml
similarity index 100%
rename from src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/config.yml
rename to src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_access.yml
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_cookie_clearing.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_cookie_clearing.yml
new file mode 100644
index 000000000000..f62cc616557a
--- /dev/null
+++ b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/config_cookie_clearing.yml
@@ -0,0 +1,27 @@
+imports:
+- { resource: ./../config/framework.yml }
+
+security:
+    encoders:
+        Symfony\Component\Security\Core\User\User: plaintext
+
+    providers:
+        in_memory:
+            memory:
+                users:
+                    johannes: { password: test, roles: [ROLE_USER] }
+
+    firewalls:
+        default:
+            form_login:
+                check_path: login
+                remember_me: true
+                require_previous_session: false
+            logout:
+                delete_cookies:
+                    flavor: { path: null, domain: somedomain }
+            stateless: true
+
+    access_control:
+        - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: .*, roles: IS_AUTHENTICATED_FULLY }
diff --git a/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/routing.yml b/src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/routing.yml
similarity index 100%
rename from src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/LogoutAccess/routing.yml
rename to src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/Logout/routing.yml