Skip to content

Commit

Permalink
[Security/Http] don't require the session to be started when tracking…
Browse files Browse the repository at this point in the history 
… its id
  • Loading branch information
@nicolas-grekas
nicolas-grekas committed Mar 17, 2020
1 parent 46e441f commit c39188a
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/Symfony/Component/Security/Http/Firewall/ContextListener.php
View file
Expand Up @@ -115,10 +115,10 @@ public function authenticate(RequestEvent $event)

if (null !== $session) {
$usageIndexValue = method_exists(Request::class, 'getPreferredFormat') && $session instanceof Session ? $usageIndexReference = &$session->getUsageIndex() : 0;
$sessionId = $session->getId();
$sessionId = $request->cookies->get($session->getName());
$token = $session->get($this->sessionKey);

if ($this->sessionTrackerEnabler && $session->getId() === $sessionId) {
if ($this->sessionTrackerEnabler && \in_array($sessionId, [true, $session->getId()], true)) {
$usageIndexReference = $usageIndexValue;
}
}
Expand Down
20 changes: 20 additions & 0 deletions src/Symfony/Component/Security/Http/Tests/Firewall/ContextListenerTest.php
View file
Expand Up @@ -344,6 +344,26 @@ public function testDeauthenticatedEvent()
$this->assertNull($tokenStorage->getToken());
}

/**
* @requires function \Symfony\Component\HttpFoundation\Request::getPreferredFormat
*/
public function testWithPreviousNotStartedSession()
{
$session = new Session(new MockArraySessionStorage());

$request = new Request();
$request->setSession($session);
$request->cookies->set('MOCKSESSID', true);

$usageIndex = $session->getUsageIndex();

$tokenStorage = new TokenStorage();
$listener = new ContextListener($tokenStorage, [], 'context_key', null, null, null, [$tokenStorage, 'getToken']);
$listener(new RequestEvent($this->getMockBuilder(HttpKernelInterface::class)->getMock(), $request, HttpKernelInterface::MASTER_REQUEST));

$this->assertSame($usageIndex, $session->getUsageIndex());
}

protected function runSessionOnKernelResponse($newToken, $original = null)
{
$session = new Session(new MockArraySessionStorage());
Expand Down

0 comments on commit c39188a

Please sign in to comment.