diff --git a/Security/Firewall/AutologinListener.php b/Security/Firewall/AutologinListener.php index 68d0fe2..411f53a 100644 --- a/Security/Firewall/AutologinListener.php +++ b/Security/Firewall/AutologinListener.php @@ -66,7 +66,7 @@ private function setRedirectResponse(GetResponseEvent $event) */ private function authenticateIfUserIsNotLoggedIn($token) { - if($this->securityContext->getToken() !== null && $this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')){ + if($this->tokenIsAllreadyLoggedIn($token)){ return; } @@ -74,4 +74,22 @@ private function authenticateIfUserIsNotLoggedIn($token) $this->securityContext->setToken($authToken); } + + /** + * Verifies if the logged in user has the same token + * @return boolean + */ + private function tokenIsAllreadyLoggedIn($token) + { + return $this->securityContext->getToken() !== null && + $this->securityContext->isGranted('IS_AUTHENTICATED_FULLY') && + $this->veryfyAccessTokenIsEqualToLoggedInUsersAccessToken($token); + } + + private function veryfyAccessTokenIsEqualToLoggedInUsersAccessToken($token) + { + $user = $this->securityContext->getToken()->getUser(); + + return $user->getAccessToken() == $token->getAccessToken(); + } } \ No newline at end of file diff --git a/Tests/Security/Firewall/AutologinListenerTest.php b/Tests/Security/Firewall/AutologinListenerTest.php index 14d81f7..6f47d81 100644 --- a/Tests/Security/Firewall/AutologinListenerTest.php +++ b/Tests/Security/Firewall/AutologinListenerTest.php @@ -89,9 +89,9 @@ public function testHandleWithAutologinAndAllreadyLogedin() { $validAccessToken ='validAccessToken'; $request = new Request(array('autologin' => $validAccessToken)); - $authToken = $this->getAuthToken(); + $authToken = $this->getAuthToken($validAccessToken); - $this->mockCall($this->securityContext, 'getToken', $authToken, $this->once()); + $this->mockCall($this->securityContext, 'getToken', $authToken, $this->any()); $this->mockCall($this->securityContext, 'setToken', null, $this->never()); $this->mockCall($this->securityContext, 'isGranted', true); $this->mockCall($this->authenticationManager, 'authenticate', null, $this->never()); @@ -103,6 +103,24 @@ public function testHandleWithAutologinAndAllreadyLogedin() $this->assertFalse($request->query->has('autologin')); } + public function testHandleWithAutologinAndAllreadyLogedinButDifferentToken() + { + $validAccessToken = 'validAccessToken'; + $request = new Request(array('autologin' => $validAccessToken)); + $authToken = $this->getAuthToken('oldValidAccessToken'); + + $this->mockCall($this->securityContext, 'getToken', $authToken, $this->any()); + $this->mockCall($this->securityContext, 'setToken', null, $this->once()); + $this->mockCall($this->securityContext, 'isGranted', true); + $this->mockCall($this->authenticationManager, 'authenticate', $authToken, $this->once(), $this->getAccessTokenAsserter($validAccessToken)); + $this->mockCall($this->event, 'getRequest', $request); + $this->mockCall($this->event, 'setResponse', null, $this->once()); + + $this->autologinListener->handle($this->event); + + $this->assertFalse($request->query->has('autologin')); + } + private function mockCall($object, $method, $return = null, $when = null, $with = null) { if($when === null){ @@ -126,9 +144,9 @@ private function mockCall($object, $method, $return = null, $when = null, $with } } - private function getAuthToken() + private function getAuthToken($accessToken = '321IUKKL') { - $user = new User(2, 'username', '321IUKKL', '12HHIIK', true, 'password', 3600, array('role_1')); + $user = new User(2, 'username', $accessToken, '12HHIIK', true, 'password', 3600, array('role_1')); $token = $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface'); $token->expects($this->any())