Skip to content

Commit

Permalink
"require_previous_session" option has no meaning anymore
Browse files Browse the repository at this point in the history
  • Loading branch information
@a-menshchikov
a-menshchikov committed Nov 11, 2023
1 parent b87311e commit 32f84dd
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 41 deletions.
4 changes: 0 additions & 4 deletions src/Security/Http/Authenticator/SamlAuthenticator.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,10 +81,6 @@ public function authenticate(Request $request): Passport
throw new SessionUnavailableException('This authentication method requires a session.');
}

if ($this->options['require_previous_session'] && !$request->hasPreviousSession()) {
throw new SessionUnavailableException('Your session has timed out, or you have disabled cookies.');
}

$oneLoginAuth = $this->getOneLoginAuth($request);
Utils::setProxyVars($this->useProxyVars);

Expand Down
43 changes: 6 additions & 37 deletions tests/Security/Http/Authenticator/SamlAuthenticatorTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -110,34 +110,14 @@ public function provideStartCases(): iterable
];
}

/**
* @dataProvider provideAuthenticateSessionExceptionCases
*/
public function testAuthenticateSessionException(Request $request, string $expectedMessage): void
public function testAuthenticateSessionException(): void
{
$authenticator = $this->createSamlAuthenticator(
options: ['require_previous_session' => true],
);
$authenticator = $this->createSamlAuthenticator();

$this->expectException(SessionUnavailableException::class);
$this->expectExceptionMessage($expectedMessage);

$authenticator->authenticate($request);
}

public function provideAuthenticateSessionExceptionCases(): iterable
{
yield 'No session' => [
'request' => Request::create('/'),
'expectedMessage' => 'This authentication method requires a session.',
];
$this->expectExceptionMessage('This authentication method requires a session.');

$request = Request::create('/');
$request->setSession(new Session(new MockArraySessionStorage()));
yield 'No cookies' => [
'request' => $request,
'expectedMessage' => 'Your session has timed out, or you have disabled cookies.',
];
$authenticator->authenticate(Request::create('/'));
}

/**
Expand All @@ -160,7 +140,6 @@ public function testAuthenticateOneLoginErrorsException(
$authenticator = $this->createSamlAuthenticator(
idpResolver: $idpResolver,
authRegistry: $authRegistry,
options: ['require_previous_session' => false],
logger: $logger,
);

Expand Down Expand Up @@ -248,7 +227,6 @@ public function testAuthenticateWithoutAuthServiceException(): void
$authenticator = $this->createSamlAuthenticator(
idpResolver: $idpResolver,
authRegistry: new AuthRegistry(),
options: ['require_previous_session' => false],
);

$this->expectException(AuthenticationServiceException::class);
Expand Down Expand Up @@ -358,7 +336,6 @@ public function provideSuccessAuthenticateCases(): iterable
'samlUserFactory' => null,
'eventDispatcher' => null,
'options' => [
'require_previous_session' => false,
'use_attribute_friendly_name' => false,
],
'lastRequestId' => null,
Expand Down Expand Up @@ -438,7 +415,6 @@ public function provideSuccessAuthenticateCases(): iterable
'samlUserFactory' => $samlUserFactory,
'eventDispatcher' => $eventDispatcher,
'options' => [
'require_previous_session' => false,
'use_attribute_friendly_name' => true,
'identifier_attribute' => 'username',
],
Expand Down Expand Up @@ -513,7 +489,6 @@ public function provideSuccessAuthenticateCases(): iterable
'samlUserFactory' => null,
'eventDispatcher' => $eventDispatcher,
'options' => [
'require_previous_session' => false,
'use_attribute_friendly_name' => true,
'identifier_attribute' => 'username',
],
Expand Down Expand Up @@ -593,7 +568,6 @@ public function provideAuthenticateExceptionCases(): iterable
'samlUserFactory' => null,
'options' => [
'identifier_attribute' => 'username',
'require_previous_session' => false,
],
'expectedException' => \RuntimeException::class,
'expectedMessage' => 'Attribute "username" not found in SAML data.',
Expand Down Expand Up @@ -624,7 +598,6 @@ public function provideAuthenticateExceptionCases(): iterable
'samlUserFactory' => null,
'options' => [
'identifier_attribute' => 'username',
'require_previous_session' => false,
],
'expectedException' => \RuntimeException::class,
'expectedMessage' => 'Attribute "username" does not contain valid user identifier.',
Expand Down Expand Up @@ -658,9 +631,7 @@ public function provideAuthenticateExceptionCases(): iterable
'auth' => $auth,
'userProvider' => $userProvider,
'samlUserFactory' => null,
'options' => [
'require_previous_session' => false,
],
'options' => [],
'expectedException' => UserNotFoundException::class,
'expectedMessage' => null,
];
Expand Down Expand Up @@ -699,9 +670,7 @@ public function provideAuthenticateExceptionCases(): iterable
'auth' => $auth,
'userProvider' => $userProvider,
'samlUserFactory' => $samlUserFactory,
'options' => [
'require_previous_session' => false,
],
'options' => [],
'expectedException' => AuthenticationException::class,
'expectedMessage' => 'The authentication failed.',
];
Expand Down

0 comments on commit 32f84dd

Please sign in to comment.