Skip to content

Updating behavior to not continue after an authenticator has set the response #15925

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fabpot merged 2 commits into from
Sep 27, 2015
Merged

Updating behavior to not continue after an authenticator has set the response #15925

fabpot merged 2 commits into from
Sep 27, 2015

Conversation

@weaverryan
Copy link
Member

@weaverryan weaverryan commented Sep 26, 2015

Q A
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets https://github.com/symfony/symfony/pull/14673/files#r40492765
License MIT
Doc PR n/a

This mirrors the behavior in core: if a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is not set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.

It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best.

@weaverryan
Updating behavior to not continue after an authenticator has set the …
f403444 
…response

This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.
@weaverryan weaverryan mentioned this pull request Sep 26, 2015
Merged
stof
stof reviewed Sep 26, 2015
View reviewed changes
src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php Outdated
Copy link
Member

@stof stof Sep 26, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this looks like a debug message, not an info one IMO. You only care about it if you need to debug something going wrong.

Copy link
Member Author

@weaverryan weaverryan Sep 26, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's a good point - we use info() everywhere in the other security listeners already though.

Copy link
Member

@stof stof Sep 26, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and part of them don't make sense at the info level IMO.

@weaverryan
Making all "debug" messages use the debug router
5fa2684 
Only the "auth success" and "auth failed" messages remain at info. That's
consistent with AbstractAuthenticationListener
weaverryan
weaverryan reviewed Sep 26, 2015
View reviewed changes
src/Symfony/Component/Security/Guard/Firewall/GuardAuthenticationListener.php
Copy link
Member Author

@weaverryan weaverryan Sep 26, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is unrelated to this PR, but it's so minor I snuck it in here. As Stof mentioned, most of these messages are really debug messages. I've only left the "auth success" and "auth failed" messages as info(), which is consistent with AbstractAuthenticationListener.

@stof
Copy link
Member

stof commented Sep 26, 2015

👍

Status: reviewed

@xabbuh
Copy link
Member

xabbuh commented Sep 27, 2015

👍

@fabpot
Copy link
Member

fabpot commented Sep 27, 2015

Thank you @weaverryan.

@fabpot fabpot merged commit 5fa2684 into symfony:2.8 Sep 27, 2015
fabpot added a commit that referenced this pull request Sep 27, 2015
@fabpot
bug #15925 Updating behavior to not continue after an authenticator h…
06c14a2 
…as set the response (weaverryan)

This PR was merged into the 2.8 branch.

Discussion
----------

Updating behavior to not continue after an authenticator has set the response

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/14673/files#r40492765
| License       | MIT
| Doc PR        | n/a

This mirrors the behavior in core: *if* a listener sets a response (on success or failure),
then the other listeners are not called. But if a response is *not* set
(which is sometimes the case for success, like in BasicAuthenticationListener),
then the other listeners are called, and can even fail.

It's all a bit of an edge-case, as only one authenticator (like authentication listener) would normally be doing any work on a request, but I think matching the other listeners (since I'm not aware of anyone having issues with its behavior) is best.

Commits
-------

5fa2684 Making all "debug" messages use the debug router
f403444 Updating behavior to not continue after an authenticator has set the response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Status: Reviewed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@weaverryan @stof @xabbuh @fabpot @carsonbot